[tor-talk] Will Quantum computing be the end of Tor and all Privacy?

Seth David Schoen schoen at eff.org
Mon Nov 28 16:53:50 UTC 2016


Flipchan writes:

> I dont think so, quantum 4times at fast so we just need to generate 4times as strong keys the entropy will just be bigger, But as Long as we are not useing like 56 bit des keys its okey

You're probably thinking of safety of symmetric encryption, where there
is a quadratic speedup from quantum computers.

https://en.wikipedia.org/wiki/Grover's_algorithm

The situation is a lot worse with public-key encryption, where there
is a much bigger speedup

https://en.wikipedia.org/wiki/Shor%27s_algorithm

So experts generally believe that we don't really need new symmetric
encryption algorithms to defend against quantum computers (things like
AES are OK), but we do need new public-key algorithms (things like RSA
are not OK).  This is discussed in the beginning of

https://www.pqcrypto.org/www.springer.com/cda/content/document/cda_downloaddocument/9783540887010-c1.pdf

-- 
Seth Schoen  <schoen at eff.org>
Senior Staff Technologist                       https://www.eff.org/
Electronic Frontier Foundation                  https://www.eff.org/join
815 Eddy Street, San Francisco, CA  94109       +1 415 436 9333 x107


More information about the tor-talk mailing list