On 06/02/2024 13:28, pro2rat@yahoo.com.au wrote:
Quantum encryption is the current gold standard.
Never heard of it. Seriously. I have heard of post-quantum cryptography, but that's apparently a different thing - it certainly doesn't have the properties you seem to attribute to it, it is just methods to defeat a potential future threat to modern cryptography from quantum computers by using classical techniques chosen for QC-resistance. Sociologically, it is pretty much the same as present-day public-key cryptography. Public/private keypairs, key exchange, signatures, hashes, ciphers etc. You can also do standard classical tricks like oblivious transfer, ORAM, zero-knowledge proofs, oblivious two-party computation and universal reencryption, at least if you choose the right systems. Also, there are so-called quantum key distribution systems which rely on transfer of prechosen or entangled quanta, usually light quanta. Despite the name you can't actually distribute a key that way, you need more - these aren't suitable for information transfer, only key agreement (like DH, Alice and Bob both end up with the same unpredictable number). [there is also Kak's three pass protocol, which can pass information, but has flaws, is subject to cloning MITM, other MITM, and is nowhere near a gold standard - though I suppose it could be called quantum encryption, at a pinch] (they also aren't fast enough for file transfer type encryption, eg to set up an OTP - and good modern classical ciphers are quantum-computer resistant anyway. But not theoretically unbreakable.) Well-designed prechosen or entangled quanta systems are, in theory, (but in practice? not so much) not subject to a cloning man-in-the-middle attack, but are hard to implement, and to be useful they would need a network of quantum-state-retaining switches (possible, but it doesn't exist now) and quantum repeaters - justaboutpossible, but you certainly can't buy them from Cisco (or anyone else). They also require an authenticated classical side channel to be secure. Ooops. We can attack that classically, so the "theoretically unbreakable because unclonable quantum cryptography" is just so much eyewash. Peter Fairbrother