Jump to content
House Price Crash Forum

Archived

This topic is now archived and is closed to further replies.

knock out johnny

Break The Internet? Quantum Computing

Recommended Posts

No - not Kim Kardashian's @rse!

Discussing quantum computing with a friend.

Let us suppose that a quantum computer is built (what I'm reading online is that they're getting closer - one article even mentioned it could be as close as 10 years away).

The internet at the moment facilitates global commerce, from banking and trading to buying junk off ebay and everything in between.

It is also used as the go to communication medium (overtaking paper post) and can transmit and accept electronic contracts etc etc

This is all predicated on two things

i) secure encryption (let's not get bogged down whether it currently is or the NSA or whoever can have a nosey)

ii) easy access to the technology required

I'm asking the question that if quantum computing happens will it destroy these two aspects that have made the web so ubiquitous in our lives

My understanding of quantum computing is that it can crack any currently used encryption method (virtually instantly) and can also create unbreakable encryption of it's own

I predict that quantum computers will only be available (at least initially) to:

i) governments

ii) big business/corporations

iii) major crime organisations

in that order

Will this not render the internet useless for the rest of us (other than an entertainment platform) if we can no longer trust the safety and privacy of transactions and communications?

Game changer I think. It would be the equivalent of going backwards 25 years

What think you?

Or am I talking cobblers?

I know there's some smart bods on this forum, try and be a little gentle with me

edit to add:

and I don't think cloud based distributed quantum computing is possible - and even if it is there will be a delay developing it

Share this post


Link to post
Share on other sites

Still dont understand how encryption is broken...sure, in theory, the Quantum thingy could have all the answers at once, but actually, the answers were always there already.

Share this post


Link to post
Share on other sites

In effect, you are right.

The key technology that has enabled secure communication across the internet is "public key encryption".

Classical "symmetric" encryption requires that two parties to a secure conversation must first exchange a secret key. The problem with this approach, is that if your communication method is insecure, you can't use it to exchange a key. So, a key must either be pre-agreed or sent over a second channel.

The advantage of public key encryption is that a secure communication can be established over a single communication channel without the need to pre-agree a key. At the same time, it also allows one (or both) parties to a communication to prove their identity. Normally in the case of an internet transaction, the website proves its identity to the browser software, which then displays a green padlock, or similar indication. However, it also possible to use a similar process for a user to prove their identity, and this can be used for things such as logging into corporate networks.

The major public key encryption systems take advantage of the fact that a mathematical problem called the "discrete logarithm problem" is incredibly difficult to solve, requiring infeasibly vast amounts of computer resources and time. Rather concerning, there is no mathematical proof that this is a difficult problem, it's just that no one has come up with a way to solve it in an efficient manner. Where quantum computers become interesting is that there is a theoretical algorithm which could potentially run on a quantum computer (Shor's algorithm) which can solve the discrete logarithm problem very efficiently. The issue then is that most public key encryption systems would offer minimal security against a quantum computer capable of running this algorithm.

Is it game over? Probably not. There are a number of emerging new public key encryption systems which have been developed which are not vulnerable to quantum algorithms. These are families of algorithms like "lattice based cryptography" which could essentially be regarded as drop-in replacements for the existing public key algorithms (RSA and elliptic-curves). In fact, there are some open source projects which already support algorithms from this family. The disadvantages are only relatively modest (slight increase in CPU requirements, and slight increase in data transfer), although the main concern is simply the fact that they are new and there is little experience with them, and relatively little theoretical work proving their security.

There is a separate technology called "quantum encryption". This isn't related to quantum computing directly. It's been available commercially for several years now, and it is a method of guaranteed secure key exchange between two computers. The disadvantage is that you have to a have a direct optical fibre connection between the two quantum encryption devices at each end. However, it uses the physical principle of "quantum entanglement" of photons that get sent between the two ends of the fibre to transfer the key. Any disturbance to the fibre which could possibly allow any data to be leaked will break the entanglement and the key exchange will fail. Essentially, it creates a 2nd channel for transferring keys which is absolutely guaranteed to detect an eavesdropper before the key transfer is complete.

Share this post


Link to post
Share on other sites

In effect, you are right.

The key technology that has enabled secure communication across the internet is "public key encryption".

Classical "symmetric" encryption requires that two parties to a secure conversation must first exchange a secret key. The problem with this approach, is that if your communication method is insecure, you can't use it to exchange a key. So, a key must either be pre-agreed or sent over a second channel.

The advantage of public key encryption is that a secure communication can be established over a single communication channel without the need to pre-agree a key. At the same time, it also allows one (or both) parties to a communication to prove their identity. Normally in the case of an internet transaction, the website proves its identity to the browser software, which then displays a green padlock, or similar indication. However, it also possible to use a similar process for a user to prove their identity, and this can be used for things such as logging into corporate networks.

The major public key encryption systems take advantage of the fact that a mathematical problem called the "discrete logarithm problem" is incredibly difficult to solve, requiring infeasibly vast amounts of computer resources and time. Rather concerning, there is no mathematical proof that this is a difficult problem, it's just that no one has come up with a way to solve it in an efficient manner. Where quantum computers become interesting is that there is a theoretical algorithm which could potentially run on a quantum computer (Shor's algorithm) which can solve the discrete logarithm problem very efficiently. The issue then is that most public key encryption systems would offer minimal security against a quantum computer capable of running this algorithm.

Is it game over? Probably not. There are a number of emerging new public key encryption systems which have been developed which are not vulnerable to quantum algorithms. These are families of algorithms like "lattice based cryptography" which could essentially be regarded as drop-in replacements for the existing public key algorithms (RSA and elliptic-curves). In fact, there are some open source projects which already support algorithms from this family. The disadvantages are only relatively modest (slight increase in CPU requirements, and slight increase in data transfer), although the main concern is simply the fact that they are new and there is little experience with them, and relatively little theoretical work proving their security.

Thank for such a well structured and comprehensive response Mr Rex (you really do know everything!) and hit all the marks I was expecting like lattice-crytopgraphy and shor's algorithm

http://physics.stackexchange.com/questions/194334/could-quantum-computers-break-any-cipher

Yes, upon further research I came across the precise same workarounds

All it would do is make prime factor ciphers easy to crack and that is all

So in short, the internet will march inexorably on - with a continious arms-race of crytographic developments

Share this post


Link to post
Share on other sites

I have to ask Chumpus

do all encryption methods need a key to be sent?

my understanding of why quantum computing will be unbreakable is that due to the observer effect the transmission of the key will be known to be compromised and hence the transmission of the actual message will not take place - that too could break the internet

Share this post


Link to post
Share on other sites

do all encryption methods need a key to be sent?

my understanding of why quantum computing will be unbreakable is that due to the observer effect the transmission of the key will be known to be compromised and hence the transmission of the actual message will not take place - that too could break the internet

A key is what makes encryption secure. The dogma is that it should be assumed that the actual encryption technique is public, and that security depends upon the key.

So, if you are using symmetric encryption (the same key encrypts and decrypts - like on a password-protected memory stick or zip file) then transmitting a key is necessary otherwise your recipient will not be able to read the data.

The classic description of public key encryption (PKE), while it requires transmitting of a key, it only requires transmitting of a "public key" which is not of relevance to security. The scenario is as follows: Alice wants to send Bob a message. Bob chooses a key pair; he keeps the private key secret, and sends the public key to Alice. Alice takes Bob's public key, and encrypts her message with it. Bob receives the message, and uses his private key to decrypt it. The public key only encrypts; the private key decrypts. Because PKE does not place any requirement on the security of the public key, there is no need to have a method of securely transferring a key.

In practice, PKE is computer-resource intensive, requiring a lot of CPU capacity. Symmetric encryption, OTOH, is utterly trivial in terms of computer resources. For this reason, PKE is not generally used to encrypt computer files or messages directly. Instead, the sender chooses a symmetric key, then uses symmetric encryption to encrypt the message. PKE is then used to transmit the symmetric key to the recipient.

In addition to the above, conventional description of PKE, there are a variety of additional techniques (known as key exchange techniques) which allow two parties to mutually agree a symmetric key, without either party directly choosing the key and transmitting it to the other. However, like conventional PKE systems, they depend on the discrete logarithm problem, and a quantum computer could break them.

Quantum encryption (or to be more precise, quantum key exchange) as you say relies on the fact that the observer effect will alter the transmission of the key, and hence the key will be known to be compromised, and the communication can be aborted. Yes, interception will break a quantum key exchange system. However, QKE is a strict point-to-point system, with an optical fibre directly connecting both ends. Realistically, disabling this system requires technology no more advanced than a pair of pliers, or a well placed JCB bucket. In that way, it's not really that much different than most current methods of internet connection, which are just as susceptible to cables being cut.

Share this post


Link to post
Share on other sites

Chumpy for science minister then. The Pin regime creepily takes form while you are asleep. :lol:

Share this post


Link to post
Share on other sites

Quantum encryption (or to be more precise, quantum key exchange) as you say relies on the fact that the observer effect will alter the transmission of the key, and hence the key will be known to be compromised, and the communication can be aborted. Yes, interception will break a quantum key exchange system. However, QKE is a strict point-to-point system, with an optical fibre directly connecting both ends. Realistically, disabling this system requires technology no more advanced than a pair of pliers, or a well placed JCB bucket. In that way, it's not really that much different than most current methods of internet connection, which are just as susceptible to cables being cut.

that's an aspect I'd never thought of - that using quantum key exchange methods will need to go back to physical connections - so no 3g/4g/wireless (unless we go back to analogue signals to transmit data) - so it's incredibly retrograde. Another possible breaking of the internet

Share this post


Link to post
Share on other sites

All systems can be broken or manipulated eg phishing. Not to mention that banks can legally charge a transaction fee whenever you access your money. I'm surprised that certain folk are so keen to go cash free. It means they are voluntarily putting themselves under surveillance and giving more power to their bank.

Share this post


Link to post
Share on other sites

Google has just announced in the last few days that they have developed their own "post-quantum" encryption system (post quantum encryption refers to a public key encryption technique which is resistant to quantum computers - symmetric encryption in general is quantum computer resistant anyway) based on lattice based cryptography and have incorporated it into their preview version of chrome, called "chrome canary".

The idea is to try to get it out into general browser use in due course, so that web servers can be upgraded to use it.

Unlike some of the incumbent web encryption techniques, this method also offers "perfect forward secrecy". As I mentioned in one of my earlier posts, you can use public key encryption to transmit a key for a symmetric encryption system. Then switch to symmetric encryption, which is much easier on a computer's CPU/battery. There is a risk with this approach, that if someone records an encrypted communication, and then later cracks the public key encryption, they can go back to their recording, and decode the key, and then decode the whole communication.

Perfect forward secrecy uses a more complicated method of key exchange, such that the key is not actually transmitted, rather there is a negotiation between both sides to reach a mutually agreed key. Due to the mathematics involved, even if the negotiation is recorded and decoded, it is not possible to recover the key.

http://www.theverge.com/2016/7/7/12120280/google-chrome-canary-quantum-computing-encryption-new-hope

Share this post


Link to post
Share on other sites

So just how would Captain James T Kirk talk a quantum computer into destroying itself...?

XYY

You have spotted the greatest strength of quantum computers; that they can simultanously hold contradictory answers without malfunctioning. This in turn eliminates any tendency to spark and catch fire.

Share this post


Link to post
Share on other sites

  • Recently Browsing   0 members

    No registered users viewing this page.

  • The Prime Minister stated that there were three Brexit options available to the UK:   30 members have voted

    1. 1. Which of the Prime Minister's options would you choose?


      • Leave with the negotiated deal
      • Remain
      • Leave with no deal

    Please sign in or register to vote in this poll. View topic


×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.