Cheraw Chronicle

Complete News World

NIST Creates Encryption Algorithms That Can Withstand Quantum Computers

MD5 and SHA1 are not encryption methods, they are hashes. The purpose of hashing is not to output data again, but to throw the same data through the algorithm again and get the same result. There is no way around this problem at the moment, but computers are fast enough that with the help of it you can get effective brute force, and things like rainbow tables have reduced the amount of processing power required for simple hashes.

When you talk about encryption, you’re likely talking about things like AES, elliptic curves, or RSA.

The problem we have is that we know that most asymmetric encryption can be easily broken once we have a powerful enough quantum computer. It’s not “if,” it’s “when,” even if the “when” could be 30 years in the future. Now, AES, if all goes well, is securely protected against this, but asymmetric encryption is typically used to format the AES key; AES doesn’t need to be cracked as long as you can crack the key assignment. This is different from DES, for example, where the Americans shortened the key to 56 bits so that it wasn’t strong enough to be unbreakable. 3DES improved this a bit (112-bit keys), but because the block size is so small, you can attack the key after capturing three-quarters of a terabyte of encrypted data. With AES, the block size is 128 bits, which helps a lot with these types of attacks.

Major governments are currently capturing and storing a lot of data (also encrypted) for unknown reasons. The suspicion is that these authorities are waiting until they have the necessary cracking hardware so that they can see all the traffic years later. Good for arresting terrorists and murderers, less useful for arresting activists, politicians and whistleblowers.

See also  Ghent has a new 'unicorn': a company that makes ordering food online easy (Ghent)

Post-quantum cryptography has been under consideration for many years; it has been there on time and has taken the time to get it right. The technology behind it is not new or modern, precisely because it is not easy to change cryptographic mechanisms without the necessary trust.

If you don’t trust them, you can choose these types of parameters yourself in most encryption programs. Disable the new parameters in your program/browser/server, and you won’t have any problems.

[Reactie gewijzigd door GertMenkel op 16 augustus 2024 11:56]