Contrary to what a team of Chinese researchers recently claimed, the RSA encryption system is not about to be rendered obsolete by the quantum computer. And the researchers behind the counter-study remind us that the quantum threat should not make us forget the other attacks.
Three weeks ago, a team of Chinese researchers affirmed than the RSA, a fundamental brick of our digital security, could be broken by a quantum system of only 372 qbits. The problem being that this raw quantum power is on our doorstep, since a player like IBM has just announced the first 433 qbit processor and promises 10,000 qbits by 2026. The threat is significant, because the Chinese researchers were talking about a 2048-bit security key, the same level of protection that is used for key exchange.
However, the wave of panic did not take hold among security researchers. During the Enigma 2023 conference held on Tuesday January 24 in the Californian city of Santa Clara (suburb of San Francisco), several specialists refuted these announcements. Including Simson Garfinkel, great specialist in security issues, former NIST. Who has crushed quantum computers by declaring them above all good “ to have papers published in prestigious journals “or even just” good enough to receive funding “.
Read also: IBM took 20 years to protect us from a quantum threat that doesn’t yet exist (July 2022)
And the researchers to present their demonstration invalidating the Chinese research work. All with the support of colleagues working in the quantum field, such as the director of the center for quantum information at the University of Austin in Texas, Scott Aaronson. Who qualifies the Chinese scientific paper as ” one of the most misleading articles I’ve read on quantum computing in 25 years, and I’ve seen… plenty “. A point of view shared by the technological company Fujitsu which abounded in the direction of the detractors of the Chinese article, arguing that it would rather be a machine not of 372 qbits, but a titan of 10,000 qbits with (especially!) 2 .23 trillion (trillion) quantum gates with an (efficient!) error correction system… And working full time for 104 days.
If the discussion is still open as to the power needed to break this famous encryption algorithm, whether quantum computers will manage to increase in power and adapt to this kind of problem, for security researchers, the problem is elsewhere.
Dealing with current threats and strengthening the existing ones
By mentioning the capacities of quantum computers to occupy the foreground of the news and to reap generous funding, security researchers are above all concerned about the urgency of guarding against conventional attacks. And highlight the way in which this kind of problem is handled, namely to base computer security on a single algorithm. No more than focusing on a still distant threat. In this case, the famous Shor’s algorithm which would allow, if a sufficiently powerful quantum computer is developed, to shatter the RSA. “ Too many people are focused on Shor’s algorithm, without even considering that RSA might (may be) be easily broken by other factorial attacks performed by classical computers said Mr. Garfinkel.
If the quantum threat is real, researchers like those at IBM – who design the most advanced quantum computers – have developed so-called post-quantum algorithms, designed to prevent future machines from unfolding their power. And again, the researchers caution against putting all the eggs in one basket. ” We must not be satisfied with these post-quantum algorithms (…). We should (rather) use them in parallel with the RSA “, notes Mr. Garfinkel.
Ars-Technica
