## 1978 Cryptosystem Resists Quantum Attack 185

KentuckyFC writes

*"In 1978, the CalTech mathematician Robert McEliece developed a cryptosystem based on the (then) new idea of using asymmetric mathematical functions to create different keys for encrypting and decrypting information. The security of these systems relies on mathematical steps that are easy to make in one direction but hard to do in the other. Today, popular encryption systems such as the RSA algorithm use exactly this idea. But in 1994, the mathematician Peter Shor dreamt up a quantum algorithm that could factorise much faster than any classical counterpart and so can break these codes. As soon as the first decent-sized quantum computer is switched on, these codes will become breakable. Since then, cryptographers have been hunting for encryption systems that will be safe in the post quantum world. Now a group of mathematicians have shown that the McEliece encryption system is safe against attack by Shor's algorithm and all other known quantum algorithms. That's because it does not depend on factorisation but gets its security from another asymmetric conundrum known as the hidden subgroup problem which they show is immune to all known quantum attacks."*
## Re:Timeless saying applies here... (Score:3, Insightful)

> If it can be engineered, it can be reverse-engineered.

How does that apply to this article, in any way?

## Re:Timeless saying applies here... (Score:5, Insightful)

If it can be engineered, it can be reverse-engineered.That only works for "security through obscurity" type of problems. A good encryption should not be "solvable" - it must be brute forced. The question is how expensive the brute force method is in processing power and time.

## Re:Timeless saying applies here... (Score:5, Insightful)

It doesn't apply to this article. The way that one typically breaks a cryptosystem is not by reverse engineering (which is not even meaningful here, given that the algorithm is already completely open), but by finding a clever new way to solve the mathematics underlying the system using less information than the designers of the system had thought was needed.

## Re:conspiracy theory (Score:5, Insightful)

Simplistically:

If THEY bought out 50% of the researchers in the field, without arousing suspicion amongst those who turned down the offer, THEY would only have a 50% chance of having one first.

More realistically,

If THEY bought out a significant percentage of the researchers in the field, without arousing suspicion amongst those who turned down the offer, THEY would likely only be a few months / years (at best) ahead.

And since the outlook on the QC front is rather bleak (in terms of a functional QC with any real power) the odds are strongly in favor of THEY not having squat.

Especially in today's world it isn't like top researchers are fragmented and isolated. In the past it was possible for a governmental organization to use its greater vision to collect isolated researchers and be the first to introduce them to each other, magnifying their individual efforts. Today everybody who is anybody in these fields is

at leastaware of the others, if not following closely.## Re:Timeless saying applies here... (Score:5, Insightful)

## Re:conspiracy theory (Score:3, Insightful)

## Re:New assymetric algorithms needed? (Score:3, Insightful)

What you're describing is a NP-complete problem -- assuming P != BQP != NP. But I'm guessing that you already know that :)

Still, it's still very hard to build a cryptosystem that exploits the hardness of solving NP-complete problems. The main problem is, NP-completeness only guarantees that

someinstance of the problem is hard, it says nothing about a specific instance. So, for instance, if you have a specific 3-SAT formula, there's no guarantee someone can't come up with a solution for it in polynomial time.That being said, there are some candidates for a cryptosystem based on NP-completeness. Check for example the McEliece cryptosystem [wikipedia.org].

## Re:Timeless saying applies here... (Score:1, Insightful)

This exchange is illustrated here:

http://imgs.xkcd.com/comics/security.png