• “When will we be secure? Nobody knows for sure – but it cannot happen before commercial security products and services possess not only enough functionality to satisfy customers’ stated needs, but also sufficient assurance of quality, reliability, safety, and appropriateness for use. Such assurances are lacking in most of today’s commercial security products and services.”

    Brian Snow, Former Technical Director of the US National Security Agency (NSA), "We need Assurance", 2005

    Read more...
  • "Dropping support for a broken crypto primitive is hard in practice
    - but crypto can be broken overnight
    -     what do we do if SHA-1 or RSA falls tomorrow?"

    Alexander Sotirov, Marc Stevens, Jacob Appelbaum, Arjen Lenstra, David Molnar, Dag Arne Osvik, Benne de Wegerr, "MD5 considered harmful today - Creating a rogue CA certificate", December 2008
    Read more...
  • “Business now relies on information infrastructures that are interlinked and interdependent… The way in which these hidden interdependencies pervade our everyday lives is staggering and, in some cases, may go unchecked for many years until an incident occurs that revels the true nature of the interdependences' impact.”

    The British Government’s Technology Strategy Board, 2008
    Read more...
Home Resources Expert Opinions Quantum computing quote: ECRYPT, 30 to 50 year security should take quantum computers into consideration
quote: ECRYPT, 30 to 50 year security should take quantum computers into consideration

However, with the emergence of Shor's efficient quantum algorithm for factoring integers and computing discrete logarithms it became evident that the power of quantum mechanics also had implications for classical cryptography based on computational assumptions. From the day of the first construction in a laboratory of just one quantum computer with registers large enough to factor contemporary RSA moduli, the RSA cryptosystem will be rendered more or less useless, and very few people and institutions would feel comfortable using the system, even for increased key-lengths.

We have no guarantee that this day is far into the future.

One often hears recommendations for key-sizes of public-key cryptosystems needed to obtain security for 30 years and even 50 years. Anyone wanting a real security of this magnitude should probably take the construction of the quantum computer into consideration.

ECRYPT, “D.PROVI.3 – First Summary Report on Unconditionally Secure Protocols”, January 2005
 

Related Items