[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [GNUnet-developers] Post-quantum symetric crypto
|
From: |
Jeff Burdges |
|
Subject: |
Re: [GNUnet-developers] Post-quantum symetric crypto |
|
Date: |
Mon, 22 Feb 2016 14:45:58 -0800 |
On Tue, 2016-02-23 at 00:28 +0300, LRN wrote:
> On 22.02.2016 23:14, Jeff Burdges wrote:
> >
> > Symmetric crypto might start worrying more about being post-quantum
> > soon : http://arxiv.org/abs/1602.05973
>
> There was a presentation about post-quantum crypto at 32c3[1], they
> even
> have a website[2].
>
> [1] https://media.ccc.de/v/32c3-7210-pqchacks
> [2] http://pqcrypto.org
>
Yes, I always love their talks. :)
1602.05973 was submitted just four days ago. It claims :
"This is the first exponential speed up of a classical symmetric
cryptanalysis technique in the quantum model"
It potentially reduces the query complexity for some symmetric cyphers
from O(2^{n/2}) to O(n) in a quantum setting. It's still nowhere near
as bad as the O(1) query complexity of Shor's algorithm, so no
immediate concerns but maybe some adjustments to future cypher choices.
In particular, if HHFHFH?? by DJB, et al. were less vulnerable than
AEZ then that's interesting.
In addition to cypher choice, it might make nonce size and use more
important, or increase the value of larger block sizes or rotating keys
faster.
Jeff
signature.asc
Description: This is a digitally signed message part