The headline is pretty scary: “China’s Quantum Computer Scientists Crack Military-Grade Encryption.”
No, it’s not true.
This debunking saved me the trouble of writing one. It all seems to have come from this news article, which wasn’t bad but was taken wildly out of proportion.
Cryptography is safe, and will be for a long time
EDITED TO ADD (11/3): Really good explainer from Dan Goodin.
Who? • October 22, 2024 9:48 AM
My background in theoretical physics (named “fundamental physics” at my University) makes it clear to me that, even if sending information a few microseconds to the past is possible following the rules of the quantum mechanics, turning into a possibility starting the next iteration of an algorithm before the previous one ends, each iteration consumes a certain amount of energy.
Even if quantum computers are able to run computations that would require thousands of years on a classical counterpart, the amount of energy required to fullfill this process will be prohibitively high.
I know, some people on this forum has talked about the possibility of running those quantum computers connected to their own nuclear power plants (something I do not doubt is a possibility for an intelligence agency), but even in this case we need to provide that huge amount of energy required to complete the decryption process on a short time period. No, it is not feasible with our current technology and, even if it were, breaking a single cryptographic secret will be incredibly expensive so, at best, we can expect highly targeted attacks using these quantum computers.
I agree with Bruce, we are far away of achieving this goal and, even in this case, we are doing research on quantum-resistant encryption algorithms right now. As this technology evolves, we will see how these quantum-resistant counterparts survive but right now it seems we have an answer to a problem that does not exist yet.
SevenKeys • October 22, 2024 10:21 AM
Unless they deliberately “leaked” this information to lull us into a false sense of security, that our RSA/AES are a long way from being broken.
Daniel Popescu • October 22, 2024 11:35 AM
Loved the 2018 essay, thanks!
iAPX • October 22, 2024 3:14 PM
From the debunking article:
While factoring a 50-bit integer is an impressive technical achievement..
The worst case is 16 million division (24-bit) to factor a 50-bit integer (yes after 2 you don’t try any even number), and that its something that takes around a millisecond for mass-marketed modern 64-bit CPUs accounting for multicore and vector units.
Clive Robinson • October 23, 2024 4:22 AM
@ SevenKeys,
“Unless they deliberately “leaked” this information to lull us into a false sense of security, that our RSA/AES are a long way from being broken.”
You are only thinking of time going in one direction, with information that has no mass or energy thus no forensic footprint it’s different.
Think of a digitally signed contract for like a land lease etc. That is a contract that could be valid for a thousand or more years (there is one in Ireland for longer with a well known brewery). Traditionally such contracts are protected by being registered and copies kept with an impartial agent (such as a Gov Land Registry). However impartial agents cost significant money to run and have all sorts of issues with “historic document preservation”. Modern neo-con arguments are that this is inefficient and should be replaced with something less expensive (even if one heck of a lot less secure).
As long as the “secret key” remains secret the contract should be not just “unalterable” but “verifiable” as well.
Now imagine that you can find the secret key from the public key in less than fifty years. This in effect puts an “end of life” on all contracts at between seven to fifty years.
After that you can nolonger trust the digital signed contract as being original thus accurate…
Traditional paper or velum contracts at least have forensics that can assist in authenticating their age and provenance, digital information does not.
It’s an argument “Blockchain” people like, but when you consider the power consumption of a blockchain then the cost can be a lot higher than expected and not even realistically secure either. Because what ails PubKey systems with QC also has an effect on anything else based on “One Way Functions”(OWFs).
Clive Robinson • October 23, 2024 8:06 AM
@ LXE,
Re : Forbes Factoring Primes
The article does say,
“Its security relies on the computational difficulty of factoring large prime numbers—a task that is feasible for small numbers but becomes exponentially harder as the numbers grow larger.”
I guess the question is,
“Did the author not have knowledge or was say a word edited out?”
Editors in mainly non technical media are known to just pull out or substitute words with no regard to the actual knowledge domain.
So “the product of” could have been edited out / removed after the word “factoring”.
But a look at the author info gives,
“Craig S. Smith, Eye on AI host and former NYT writer, covers AI.”
Hmm odd, so a little further digging gives,
“Craig holds undergraduate and graduate degrees from Columbia University.”
But does not say what in… So time to sing the Dwarf Work Song of
“We dig dig dig, We dig dig dig, We dig the whole day long.”
And on WikiWand we find,
“Smith received his undergraduate degree from Columbia University in 1979 with a joint major in English literature and a master’s in Western philosophy. He also earned a master’s degree from the Columbia University Graduate School of Journalism in 1987. His father was an assistant general counsel of IBM.”
So neither maths or science. But with a little further clicking tells us his Father in Law was also at IBM and is a Nobel Prize winner.
And a further search out on what he has written is filled with a quick look on “Muck Rack”. Which shows he has an entry with a lot of AI articles over the past four years,
https://muckrack.com/craigss/articles
Apparently he is also CEO of the pod cast Eye on AI and spent his working life in mostly non science/tech journalism. Oh and wants to be thought of as an entrepreneur.
Who? • October 23, 2024 12:49 PM
I ask myself… would China (or any other country) announce they have the ability to break military-grade encryption if they really can do it? I doubt it, better keeping it secret while listening to communications (e.g. see what happened when Enigma was broken during WWII).
Z.Lozinski • October 23, 2024 7:42 PM
@Bruce,
The hype, about every eight months, is a distraction. We need to transition to the new NIST standards for Post Quantum Cryptographic (PQC) algorithms (FIPS-203, FIPS-204 and FIPS-205). The last thing we need is irrational panic. We need well thought out plans.
@Who?
IBM Research has built and deployed over 70 quantum computers since 2015. In our experience they don’t need nuclear power plants. There are two requirements for energy in a superconducting transmon quantum computer. (Other designs of quantum computer [“modalities” in the trade] are available e.g. trapped ion, diamond vacancy etc. First, the Dilution Refrigerator, which cools the processor from room temperature (293K) to 10-15mK. The golden chandelier you see in the widely published pictures is inside the fridge.. Second, the Room Temperature Electronics (RTE), these interact with the individual qubits by sending microwave pulses to the processor and processing the response. Think a few 10s of KW for a quantum computer not the 10s of MW of a hyperscale datacenter.
disclaimer: this is where I work ..
Clive Robinson • October 24, 2024 5:12 PM
@ Who?
Re : Encryption v encryption.
You ask,
“[W]ould China (or any other country) announce they have the ability to break military-grade encryption if they really can do it?”
The answer is actually quite interesting.
In essence there are three types of Pre “Post-Quantum Computing”(PQC) encryption systems,
1, Systems using genuinely nondeterministic keys as long as the message that should –if used correctly– have “Perfect Secrecy”.
2, Symmetrically keyed systems that use relatively short (say 256bit) keys that “Quantum Computing”(QC) does not have significant effects against (basically doubling of key length).
3, Pre QC Asymmetric keyed systems that use large key sizes (8Kbits and up pre Quantum Computing).
The question then becomes one of what the types are used for.
The “perfect secrecy” type systems are usually simple to use need little more than a pencil and box of matches along with what is often called the “One Time Pad”. The downside is also the upside, in that the amount of “Key-Material”(KeyMat) is the same or more as the message length. Thus in military and some commercial use they do get used for “Engineering Order Wire”(EOW) use. One such is emergency key transfer to bring “Asymmetric Systems” back up after a critical event such as power failure or “bug out”.
The military in many places favour Asymmetric Crypto systems because they have many advantages. One such is sending null traffic to reduce the effects of enemy “traffic analysis”.
Apart from the US, Asymmetric Systems tend to be avoided by many diplomatic, military, and certain major commercial systems, where symmetric systems are trusted and thus favoured.
However Asymmetric Systems are what the “Internet Economy” can not run without, and that is a major problem.
Consider the US and China usage of electronic communications and the Internet…
The entire US economy needs the Asymmetric Systems to function in all but a very minor handful of financial systems.
Back when the “Obama Big Red Off Button” was touted it quickly became clear the US would very probably die in at most 30days without the Internet… Various “minor” effects on the Internet since has shown this not to be a “hypothetical danger” where some one had their maths wrong.
China still has communications systems that are separate to the Internet for good reason. Although China would be effected by the Internet becoming stopped, China’s entire Internet design is one where “secrecy” is actively worked against by the government for “Political Control” and Surveillance reasons (hence the separate communications systems and research into “Quantum Crypto” which has “Perfect Secrecy” via the current accepted laws of physics).
Quantum Computing if it happens in a short period of time is going to hurt the US way way more than China. Even the threat of it has a way more significant “Chilling Effect” on the US and the West than China.
So as far as “economic warfare” is concerned Quantum Computing is the equivalent of a high yield fussion bomb for the US and West. But to China little more than limited range field artillery. That is it is “Very Asymmetric In Use”.
Interestingly though, the original paper is not hype or propaganda. That was done by a certain MSM outlet that aims at the US and West in it’s reporting, and this would not be it’s first “Chicken Little” type piece.
Do the US and the West need to reduce it’s reliance on the Internet, the obvious answer is “yes”. But then neo-con mantra is such that dependence on the Internet will be increased in just about every way possible and,
“Security of nation, economy, and citizens be dammed…”
Clive Robinson • October 31, 2024 8:59 PM
@ Folks,
On rereading my above comment I found,
“The military in many places favour Asymmetric Crypto systems because they have many advantages.”
It should say “Symmetric Crypto” not “Asymmetric Crypto”.
I suspect “fat finger syndrome” snuck in…
Subscribe to comments on this entry
Sidebar photo of Bruce Schneier by Joe MacInnis.
LXE • October 22, 2024 8:02 AM
“computational difficulty of factoring large prime numbers”
Aaaaaaaaaah et tu Forbes!