[Cryptography] Proof that the NSA does not have a quantum computer capable of attacking public key crypto (yet)

Georgi Guninski guninski at guninski.com
Fri Feb 12 01:26:55 PST 2016


Isn't it much more important "Can NSA break RSA efficiently" or
even "Can they efficiently factor integers"?

AFAICT these are not known to be theoretically equivalent.

There were low exponent attack ($3$) IIRC.

Don't remember seeing X509 RSA cert with exponent other than
2^16+1 (or something like this) and this is not much bigger...



More information about the cypherpunks mailing list