# 1978 Cryptosystem Resists Quantum Attack

#### KentuckyFC (1144503) writes | more than 3 years ago

1
KentuckyFC (1144503) writes *"In 1978, the CalTech mathematician Robert McEliece developed a cryptosystem based on the (then) new idea of using asymmetric mathematical functions to create different keys for encrypting and decrypting information. The security of these systems relies on mathematical steps that are easy to make in one direction but hard to do in the other. The most famous example is multiplication. It is easy to multiply two numbers together to get a third but hard to start with the third number and work out which two generated it, a process called factorisation. Today, popular encryption systems such as the RSA algorithm use exactly this idea. But in 1994, the mathematician Peter Shor dreamt up a quantum algorithm that could factorise much faster than any classical counterpart and so can break these codes. As soon as the first decent-sized quantum computer is switched on, these codes will become breakable. Since then, cryptographers have been hunting for encryption systems that will be safe in the post quantum world. Now a group of mathematicians have shown that the McEliece encryption system is safe against attack by Shor's algorithm and all other known quantum algorithms. That's because it does not depend on factorisation but gets its security from another asymmetric conundrum known as the hidden subgroup problem which they show is immune to all known quantum attacks (although the work says nothing about its safety against new quantum (or classical) attacks)."*

Link to Original Source

## Ciphertext only attack? (1)

## elucido (870205) | more than 3 years ago | (#33289362)

The problem with most encryption systems isn't that they will be cracked by the ciphertext alone. It's that it will be cracked by other means. Alice might be able to communicate with Bob, but it does not protect them from Eve. Basically the security of any cryptosystem is limited by the physical security of Alice and Bob which will not be very strong except in situations where a state is physically securing Alice and Bob. And while this may protect Alice and Bob from the robberhose attack and while a strong cipher may protect Alice and Bob from a ciphertext only attack, it does not protect them from Eve. Enigma is very secure for example but with bugs in the system and other types of creative lines of attack it's impossible to even securely use Enigma. This means theoretically secure is not the same as being secure in practice as none of these crypto-systems are secure in practice.

What these systems must be is strong enough that ordinary individuals will not be able to crack it with the ciphertext only. It must be robust enough to protect against man in the middle attacks. Whether or not it protects from quantum attacks at this time is irrelevant because anybody who has the money and expertise to launch a quantum attack could probably use other attacks alone with it. The day when quantum computers become mainstream or consumer based, that is the day when RSA factoring based encryption will be obsolete. When that happens there are other algorithms, and I do not believe any of these algorithms will make that much of a difference for the consumer who probably will protect themselves with a weak password on Windows7/8. Banks probably can use quantum encryption so once again this is moot.