Chinese Scientists Report Using Quantum Computer To Hack Military-grade Encryption (thequantuminsider.com) 52
UPDATE: Forbes writes that China hasn't broken military encryption.
While factoring a 50-bit integer is an impressive technical achievement, it's important to note that RSA encryption commonly uses key sizes of 2048 bits or higher. The difficulty of factoring increases exponentially with the size of the number, meaning that the gap between 50-bit and 2048-bit integers is astronomically large...
The advances do not equate to a scalable method for breaking RSA encryption as it is used in practical applications today."
Long-time Slashdot schwit1 originally wrote: Chinese scientists have mounted what they say is the world's first effective attack on a widely used encryption method using a quantum computer. The breakthrough poses a "real and substantial threat" to the long-standing password-protection mechanism employed across critical sectors, including banking and the military, according to the researchers.
Despite the slow progress in general-purpose quantum computing, which currently poses no threat to modern cryptography, scientists have been exploring various attack approaches on specialised quantum computers. In the latest work led by Wang Chao, of Shanghai University, the team said it used a quantum computer produced by Canada's D-Wave Systems to successfully breach cryptographic algorithms.
Using the D-Wave Advantage, they successfully attacked the Present, Gift-64 and Rectangle algorithms -- all representative of the SPN (Substitution-Permutation Network) structure, which forms part of the foundation for advanced encryption standard (AES) widely used in the military and finance. AES-256, for instance, is considered the best encryption available and often referred to as military-grade encryption. While the exact passcode is not immediately available yet, it is closer than ever before, according to the study. "This is the first time that a real quantum computer has posed a real and substantial threat to multiple full-scale SPN structured algorithms in use today," they said in the peer-reviewed paper.
The advances do not equate to a scalable method for breaking RSA encryption as it is used in practical applications today."
Long-time Slashdot schwit1 originally wrote: Chinese scientists have mounted what they say is the world's first effective attack on a widely used encryption method using a quantum computer. The breakthrough poses a "real and substantial threat" to the long-standing password-protection mechanism employed across critical sectors, including banking and the military, according to the researchers.
Despite the slow progress in general-purpose quantum computing, which currently poses no threat to modern cryptography, scientists have been exploring various attack approaches on specialised quantum computers. In the latest work led by Wang Chao, of Shanghai University, the team said it used a quantum computer produced by Canada's D-Wave Systems to successfully breach cryptographic algorithms.
Using the D-Wave Advantage, they successfully attacked the Present, Gift-64 and Rectangle algorithms -- all representative of the SPN (Substitution-Permutation Network) structure, which forms part of the foundation for advanced encryption standard (AES) widely used in the military and finance. AES-256, for instance, is considered the best encryption available and often referred to as military-grade encryption. While the exact passcode is not immediately available yet, it is closer than ever before, according to the study. "This is the first time that a real quantum computer has posed a real and substantial threat to multiple full-scale SPN structured algorithms in use today," they said in the peer-reviewed paper.
The computer they use (Score:5, Informative)
The quantum computer they use in this research, the D-Wave quantum computer is built and maintained at Los Alamos national laboratory in the United States. This paper is just about software methods to perform decryption using it, not some secret quantum computer only China has access to.
Re: (Score:2, Troll)
There's a long history of people here calling D-Wave a scam.
At this point I wonder if they were just dumb or disinfo operatives.
Some spooks call those categories professionals and useful idiots
Re: (Score:3, Interesting)
D-Wave is not a general purpose quantum computer. It's also not a scam. It is a special purpose computer, useful for certain particular functions. That it could be used to break "military grade encryption" is a real slam at "military grade encryption".
(FWIW, I expect that story is a lot more complex, but I'm not interested enough in either quantum computers or military grade encryption to dig it out.)
Re: (Score:2)
The problem is there's a lot of truth and a lot of falsehoods because D-Wave is specializing in confusion.
A
Re: (Score:3)
There's a long history of people here calling D-Wave a scam.
At this point I wonder if they were just dumb or disinfo operatives.
China puts out more completely fabricated research papers than all other nations combined, and here you are believing them uncritically. Are you just dumb, or a disinfo operative?
Re:The computer they use (Score:4, Insightful)
I do not think this one is "fabricated". But the title of the story here is, at the very least, grossly misleading. Enough that calling it a lie-by-misdirection would be accurate. This is not even remotely close to an actual or academic break of an actually used secure cipher.
Re: (Score:2)
Are you implying a correlation between liking Trump and being skeptical about the misleading portraying of D-Wave devices as "quantum computers"?
Re: (Score:3, Interesting)
The D-Wave is and always was a scam. That does not mean it cannot do some things. But it can do almost no useful things and the useful things it can do can be gotten far cheaper with other approaches. The only thing it shines at is "simulatining" itself. But that is a bullshit metric.
"Dumb or disinfo operatives"? Nope. The term you are looking for is "people with a clue". As these are rare, I get your confusion. But not everybody is clueless and identifying those that are not is hard for the clueless majori
Progress (Score:3)
Title makes it sound like its 'hacked'. Instead it is 'progress towards a hack'.
Re: (Score:3)
Indeed. And these happen all the time. This may be "closer than ever before", but at the same time it is nowhere close at all.
Re: (Score:2)
Which isn't to say we shouldn't migrate to post-quantum crypto as soon as practical, just that it isn't a 'OMG that box from the 1995 movie Hackers is real *today*; No More Secrets' situation.
Re: (Score:3)
We very definitely should _not_ migrate to post-quantum crypto at this time. It is untried, has not stood the test of time, and there have already been some rather embarrassing failures. Incidentally, the D-Wave is not a Quantum Computer.
Re: (Score:2)
We very definitely should _not_ migrate to post-quantum crypto at this time. It is untried, has not stood the test of time, and there have already been some rather embarrassing failures.
Interesting point. Do you have links to any of those failures?
Re: (Score:2)
For example, this one: https://www.securityweek.com/n... [securityweek.com]
A finalist should be almost as good as the winner. This does not bode well.
Re: (Score:2)
“Our attack exploits the existence of a small non-scalar endomorphism on the starting curve, and it also relies on the auxiliary torsion point information that Alice and Bob share during the protocol.”
That's beyond my ability.
Re: (Score:3)
Re: (Score:2)
Nice reference! Entertaining and insightful _and_ from a well-known and respected expert.
Sneakers (Score:2)
Too many secrets
You have to keep this in mind (Score:3, Insightful)
Re: (Score:3)
As I note above, this is just a paper about a method for using an American quantum computer. If you had the hundreds of thousands of dollars buying time on a research quantum computer requires, you could run the algorithm they present in the paper yourself. It's pretty reproducible. You know, if you can read Chinese.
Not sure what fraud is possible in this scenario.
Re: (Score:2)
I'd imagine that the price would be a higher obstacle than the language. Much higher.
It's pretty reproducible.
So, you know Chinese. Hiring you will be cheaper than leasing the quantum computer, no? Problem solved (if I had the money).
Re: (Score:2)
Mod parent up. If this discovery was of any value, we wouldn't have heard about it.
Re: (Score:2)
It makes complete sense if the goal is to urge people to move to post-quantum encryption, or to sell post-quantum encryption.
Western scientists and cryptographers have been making similar warnings.
what? (Score:3)
"Military grade".
Any time you see that, rest assured the author is completely clueless, unless the phrase is in scare quotes.
Re: (Score:2)
or used the word plutonium, or describing back to the future movies.
Re: what? (Score:3)
Re: (Score:2)
AES is used all over the place including the military and is the recommended standard encryption for many military use cases. So if the military is specifying that their communications products should use it, then how would that not be military grade?
Re: what? (Score:2)
Re: (Score:2)
When I see "military grade X", I like to swap in "military grade jock strap" or "military grade bra", it adds a sense of gravity to the pronouncement.
Re: (Score:2)
Not only did their attack fail, they're not even attacking AES. They're attacking simplified algorithms that they consider the "representative" of the "foundation" of AES.
FUD (Score:2)
Re: (Score:2)
I'm ignorant here. Do you have any supporting info?
Re: (Score:2)
Also, the D-Wave is not actually a "Quantum Computer".
Re: (Score:2)
Gee, thanks, Dad.
Maybe if you make a claim, you can back it up. I'm asking OP to back up his claim. OP made a claim without evidence. Where is the evidence for the claim?
Re: (Score:2)
Where is the evidence for the claim?
1. Internet comments are not scientific papers
2. Don't claim to be so credulous of internet comments that you're going to weigh their truth based on evidence that they claim. Purported evidence provided by the same person making a claim has no value in understanding an issue, or weighing the truth of a claim. If you can't determine for yourself, using trusted sources, if a claim is true or false, then you will never know.
Also, Son, stop listening to your dad. He's also not a trusted source.
Re: (Score:2)
Symmetric encryption is not thought to be particularly vulnerable to quantum attacks.
Re: (Score:2)
Difficult paper to find (Score:5, Informative)
Re: (Score:2, Informative)
Re: (Score:3)
Re: (Score:2)
"closer than ever before" = "still not close" (Score:2)
This is just a small, incremental step and not anything to worry about.
Caesar Cypher is Roman military grade. (Score:2)
Prove it (Score:2)
Somebody needs to set up a challenge machine with a prize for successfully hacking it. Something substantial like "we'll extract you from the country, set you up on a private island with excellent security" and the challenger has to prove that they used quantum computing to do it.
Re: (Score:3)
That prize already exists: You'll be swiftly extracted, and be transported immediately to a private island. It's excellent security a consequence of your unmarked grave.
Re: (Score:2)
the challenger has to prove that they used quantum computing to do it.
This condition should be removed. "Using" quantum computing could meaning anything, even doing something small and unnecessary for the task. Crack it using whatever you want.