On Mon, 12 Jan 2015 18:48:41 +0000 Ciaran McCreesh wrote: > On Mon, 12 Jan 2015 19:44:46 +0100 > Kristian Fiskerstrand <k...@gentoo.org> wrote: > > Shor's would be effective against discrete logs (including ECC) as > > well, so wouldn't be applicable to this selection. For post-quantum > > asymmetric crypto we'd likely need e.g a lattice based primitive. > > We're not post-quantum,
Are you sure? The simplest Shor's factorisation machine was already built and published in open press: http://arxiv.org/abs/quant-ph/0112176 This was done 14(!!) years ago. I don't doubt there was a significant progress in this field thereafter. But it is likely that results are classified. And Yale university have annonced a serious progress in errors correction recently: http://news.yale.edu/2013/01/11/new-qubit-control-bodes-well-future-quantum-computing > and if we were no-one knows how anything would > do anyway... Why not stick to threats that actually exist? They are exist. No agency will announce that they broke RSA regardless of the key length. This information will be kept top secret as long as possible, so one should prepare today and beforehand. There are post-quantum solutions and implementations, see app-crypt/codecrypt. Best regards, Andrew Savchenko
pgpgUJFDhMuDa.pgp
Description: PGP signature
