[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] NSA supercomputer

Anthony Papillion wrote:
. Granted, quantum computing
will shred most (all?) of the ciphers we currently use.

Which actually is a bit sad, cause RSA appears to be replaceable Latice-based cryptography:


As the article says though one needs to choose one of two drawbacks here, performance or proven(!) security. They are intersting, cause they are not NP-Hard and still can't be attacked by today's knowledge. There is at least one alternative that is hard for quantum computers and in fact is NP-Hard, which is the McEliece cryptosystem. However it has properties that appear to basically render it insecure.

One hast to also keep in mind that the symmetric algorithm to be fast enough. I don't know - or better said, I didn't find - anything about this topic yet. In general one shouldn't forget that the attacker can always "simply" use the weaker cipher and currently it really seems to be AES, because it's harder to know about its propertierties, being not simply based on prime numbers. Also there are a number of attacks on it now, some of them that maybe someone could find out about how they can be used correctly.

But still, the chances of finding an attack against an application that reveals the plaintext in some way is something that's a way more likely threat and attacks against applications are something that constantly happens. Bad behavior, timing attacks, etc. are a way more realistic attack vector. And hey, they can try to figure out who sends traffic that is encrypted and appears in certain intervals, etc. making them look suspicious and visit them. That's where Tor outperforms stuff like VPN that is easier to analyze it seems, cause all the do is encrypting traffic.

I hope someone finds some flaws in this and tells me, cause I wanna know whether I am right about all this.
tor-talk mailing list