The Yang 2020 post-quantum policy here: https://www.yang2020.com/policies/quantum-computing/
is, unfortunately, a little incorrect. Facts are wrong. AES-256 will be slightly weakened by remains strong in a post-quantum world in the medium term. Exhaustive search will still be required making AES weaker but resistant. RSA and elliptic curve public key encryption will break with larger bit post-quantum computing, still quite a few years away but seemingly inevitable. Most banking, https, etc. will be compromised. Another example, bitcoin hashes (history) safe (SHA256x2) but bitcoin tx's (coin theft) at risk (public key).
The #yanggang concern is well placed. Perhaps even more urgent than the recent quantum breakthrough suggests. This is due to the ability to decode older stored ciphertext as the US did with old Soviet Verona cyphers after capture. No one wants all their old messages/passwds/transactions/texts being viewed. Privacy concerns are not just forward-looking; they need to be retrospective. It is perhaps already too late in some regards. I'd imagine it may be expressed similar to the Yang climate policy: "it is worse than you think" ;-)
There are many good alternatives already for post-quantum encryption. The policy platform should be a nod to pushing that forward and hasten the existing NIST process, including defining private company requirements for data in flight and at rest. That is, plant the tree now as it should have been planted twenty years ago.
Post-quantum at NIST FYI: https://www.nist.gov/news-events/news/2019/01/nist-reveals-26-algorithms-advancing-post-quantum-crypto-semifinals
Please fix the policy. It is well-intended but naive.
There are Yang policies I disagree with, but the platform overall seems pretty terrific to my simple self. This policy is just erroneous in presentation and needs some fairly minor tweaks to prevent some technical embarrassment.
No comments:
Post a Comment