this post was submitted on 28 Oct 2025
107 points (90.8% liked)

Technology

75756 readers
3729 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago
MODERATORS
L3s@lemmy.world
enu@lemmy.world
technopagan@lemmy.world
L4s@lemmy.world
L3s@hackingne.ws
L4s@hackingne.ws
107
Quantum Attacks on encryption will probably be feasible by 2030 (www.youtube.com)
submitted 3 days ago* (last edited 3 days ago) by wuffah@lemmy.world to c/technology@lemmy.world
20 comments fedilink hide all child comments
 

DEF CON 33 - Post Quantum Panic: When Will the Cracking Begin, & Can We Detect it? - K Karagiannis

Due to recently published algorithmic improvements (1399 qubits @ 2048 bit key length for Shor's) and leaps being made in quantum computing hardware (IBM Starling @ 200 logical qubits in 2029, and IBM Blue Jay @ 2000 logical quibits from 2033 and on), encryption is in danger of State-sponsored and high end-criminal attacks as soon as 2030. Particularly susceptible are crypto-currencies like Bitcoin, which rely on the Elliptic Curve Discrete Logarithm Problem (ECDLP) and are attackable by Shor's factoring capability on a predictably feasible quantum computer.

you are viewing a single comment's thread
view the rest of the comments
[–] vacuumflower@lemmy.sdf.org 3 points 3 days ago (1 children)

... Which is why we all should immediately switch to post-quantum encryption possibly much weaker against conventional cryptanalysis. Thank you, NIST, NSA and other such respectable official bodies. Of course I believe you.

In general the whole "everyone should use standard state-of-the-art cryptography" turned out to be a con. And somehow the more "standard state-of-the-art" things were broken, the more was the confidence that they are what should be used. In the 90s "standard state-of-the-art" things were being broken casually, and non-standardized ciphers were made and used far more often than now, and somehow that was fine.

I dunno, we're all using AES with even hardware implementations of it, potentially backdoored, and with approved recommended S-boxes, without explanation how were these chosen ("by the criteria of peace on earth and goodwill toward men" is not an explanation, a mathematical paper consisting of actions you repeat and unambiguously get the same set would be that).

I think if you are afraid of your cryptography rotting, embracing some pluralism outside of cryptography is what you should do. Like maybe partitioning (by bits, not splitting into meaningful portions god forbid) the compressed data and encrypting partitions with different algorithms (one AES, one Kuznetchik, one something elliptic, one something Chinese).

[–] sefra1@lemmy.zip 2 points 3 days ago (1 children)

... Which is why we all should immediately switch to post-quantum encryption possibly much weaker against conventional cryptanalysis.

There's no need to switch, you can just layer it, and should be done asap

[–] vacuumflower@lemmy.sdf.org 1 points 2 days ago

I was being sarcastic. An if you are layering it, you better use a different secret.