top | item 21621803

(no title)

Worse still is the threat of quantum computers that will make cracking his vault trivial. Apparently in 20-30 years people will be able to fit a quantum computer into a laptop form factor and break certain types of crypto at will, regardless of the keysize or key complexity.

discuss

3PS|6 years ago

At the moment, quantum computers have only been shown to give exponential speedups over classical computers on problems that can reduced to the special case of the hidden subgroup problem for finite abelian groups [1]. This is only really an issue for public key crypto at the moment (RSA, Diffie-Hellman, and ECC) since secret-key crypto tends to need less structure in the underlying problem. The best you could do to speed up cracking AES with modern quantum algorithms would probably be Grover's algorithm, which only gives a quadratic speedup (an O(N) search becomes O(sqrt(N)) instead). [2]

[1] https://en.wikipedia.org/wiki/Hidden_subgroup_problem

[2] https://en.wikipedia.org/wiki/Grover%27s_algorithm

dehrmann|6 years ago

> quantum computers that will make cracking his vault trivial

Disk encryption tends to use something like AES. Key derivation is usually built on top of hash functions, but a 64-character password has more bits than most people use for AES, so key derivation might not matter.

The implications for AES aren't known yet, beyond effectively reducing the key length[1]. You're probably thinking about prime factoring and RSA, which will be weakened by quantum computing.

[1]: https://security.stackexchange.com/questions/116596/will-qua...

unknown|6 years ago

[deleted]

mackrevinack|6 years ago

well if that is true then it will mean that we will just be able to use the same quantum processing to make the encryption strong enough that it won't be able to be cracked for X million years or whatever.

you could argue that things encrypted today might be easily decrypted though