On 09/01/2023 02:11, professor rat wrote:
I don't enjoy becoming the boy who cried quantum wolf since I was a quantum-quackery debunker for years. However - the threat is now verifiable - the threat is real - and it consists of several looming factors, this present paper making up only a tiny part. In the interests of enlightened self-intertest please consider the following . . .
1) Quantum computing advances into the realms of theoretical attacks on RSA
Not practical attacks. Give it 15 years, maybe.
2) Increased will to mobilize the resources by a ' pariah alliance ' that includes Russia, the DPRK and Iran.
More like the US, UK, EU, China etc who are pumping billions into QC research.
3) Increased value of ' the Prize ' - this used to be ME oil - now its Satoshi's stash the public keys for which may be vulnerable.
The value of Satoshi's keys would be lost in the noise of the overall value of breaking RSA. I don't actually know, are they 2048-bit RSA? [...] So long as anyone looks to c-punks for leadership we're obliged to perform at our highest standard - yes? Agreed. The same is or should be true for cryptographers and cryptologists and security people generally. And I agree that we should be advocating and using QR crypto, now. But I don't see any immediate change in the threat. Or good well-tested (by Schneier's Law) QR examples. 15 years? Some secrets (like Satoshi's keys) should last a lot longer than that, and we should all be advocating using 256-bit symmetric crypto now. But Rindjael-256 rather than AES-256, please. As for asymmetric crypto like signatures and key agreement, if it's important - well, either be aware of the danger or ... don't use it. There are no widespread supposed-to-be-QR asymmetric algorithms that I would trust right now.
Bottom line - quantum crypto is the gold standard and the more there is of it the more cryptoanarchy.
Or more and better normal archic person's crypto? Don't see why it should particularly be anarchic..? Peter Fairbrother