China to launch unhackable quantum messaging service

[Nefertiti]

Consumer quantum means the power to encrypt would be on the user side. CIA can snoop on you now because all the power is with the service provider presently. There is no encryption democracy - which is what mass availability means.

But that is quite a separate matter from whether the computing is quantum or conventional.  Quantum computing won't change won't change which the "side" on which the encryption is done if service providers insist on a particular "side".    As it is now, if users wish to do their own encryption of anything, they can easily do so and with little cost in computing power.     

The most significant aspect of quantum computing in cryptography  is not that it will make encryption of itself easier or more secure or less costly in computing power, but that it will (through enormous computing) make it easier to break most existing cryptosystems.     The other significant aspect is strictly not a computing one: it is that of dealing with eavesdropping on stuff that is being communicated.   The average consumer should have no cryptographic need for a quantum computer ... unless he or she is up to no good.

I could be wrong but I understand the current encryption architecture is restricted by computing power -especially the "side" aspect.

[MOON Ki]

I could be wrong but I understand the current encryption architecture is restricted by computing power -especially the "side" aspect.

Nop.   Even the most secure cryptosystems today require relatively little computing power.    The decryption too requires relatively little computing power, unless one is engaged in some mischief (i.e. doesn't know the relevant keys).    If you are mathematically-minded, I can give you a short description of why that is the case.

[Nefertiti]

I could be wrong but I understand the current encryption architecture is restricted by computing power -especially the "side" aspect.

Nop.   Even the most secure cryptosystems today require relatively little computing power.    The decryption too requires relatively little computing power, unless one is engaged in some mischief (i.e. doesn't know the relevant keys).    If you are mathematically-minded, I can give you a short description of why that is the case.

I am mathematically minded.

[MOON Ki]

I am mathematically minded.

OK.   The algorithms (as in the mathematics of them) of modern cryptosystems are all well-known, because there is in fact no reason to keep them secret; what should be secret are the various parameters in these algorithms.     As an example, the NSA, which has the responsibility for federal communications in the USA,   happily makes public its algorithms, which must be used by federal agencies (and others communicating "secret" stuff with them)---for anything from "routine" classified" to "top secret".   You can find plenty of stuff on the NSA website or even Wikiepdia: https://en.wikipedia.org/wiki/NSA_Suite_B_Cryptography*** (see also the final note on "quantum resistance").    The NSA etc can make such stuff public because the key is in the key.  So to speak.

[***With the prospects of quantum computing, I think it will be a wait-and-see w.r.t. Suite B, which I think is actually very secure. My guess is that the "quantum resistant" algorithms will be just variations on what we have now and will not have any fundamental changes.]

The nice thing about mathematics is that one cannot limit mathematical curiosity or brain-power or knowledge or ...  to some geeks sitting in a dark basement, and in current cryptography that is neither possible, nor necessary, nor helpful.  So then , to the nitty-gritty ...

The best current cryptosystems are based on one of the following:

(a) the difficulty of factoring a composite integer into primes (and even two well-chosen prime factors will do)

(b) the difficulty of computing discrete logarithms over a finite field, always a prime field.  (Strictly, just about about any finite field field will do, but with a prime field it's easy to find primitive roots, quadratic residues, and such-like good stuff.)

(c) the difficulty of computing discrete logarithms on an elliptic curve defined over a finite field, almost-always prime or binary.  (Any kind of finite field will probably do, but these two types are especially handy for computer use.)

[The preceding is a broad generalization, because there are some very good and well-used algorithms that are  primarily based on hashing.   But, again, even those are actually widely-known. Also, many systems that are primarily based on (b) and (c) additionally make use of (a).]

The key point in all of (a) to (c) is that it is a matter of computing power and time: all of the cryptosystems can be broken, but nobody loses sleep over that because current systems cannot do it in an awfully long time. Quantum computing presents very few unhappy prospects with respect to "I'll be long dead by then".   

Let's consider (a): the core of the encryption will consist of the multiplication of two large primes ... not terribly difficult; and the core of the decryption requires knowledge of one of those prime and is very hard if one does not know how to quickly factor arbitrary, large composite integers ...and right now nobody knows how to do that.   If one knows the prime factors, then it is just another multiplication.   There are all sorts of variations on this theme---for example,  those nominally based on the difficulty in being able to determine whether or not a random number is a quadratic residue---but the core of the cryptosystems boil down to the same thing.

I don't know how much you'd like, but most systems in (b) will in fact have (a)  as some basis, and one can in fact interpret "logarithm" in the usual sense, except that the underlying field now is finite and addition and multiplication are defined differently.    And if there is anything confusing about (c), it is in "logarithm", which most people interpret in terms of "powers".

If you are really keen, how about this: I'll give you, in a couple of  paragraphs or so, how to encrypt, in a couple of hours, whatever you have on your computer, in such a way that the CIA, NSA, KGB, MI5, ABC, and XYZ will not get at it for the next 20 years or so.   Unless they successfully torture you or you dog. Nothing to do with computing power or even being clever ... with (c), it's just a matter of choosing some curve and a base point on that curve.   

[Kichwa]

Moon Ki. Not mathematically minded and did not understand much but still found it very interesting and riveting.

I am mathematically minded.

OK.   The algorithms (as in the mathematics of them) of modern cryptosystems are all well-known, because there is in fact no reason to keep them secret; what should be secret are the various parameters in these algorithms.     As an example, the NSA, which has the responsibility for federal communications in the USA,   happily makes public its algorithms, which must be used by federal agencies (and others communicating "secret" stuff with them)---for anything from "routine" classified" to "top secret".   You can find plenty of stuff on the NSA website or even Wikiepdia: https://en.wikipedia.org/wiki/NSA_Suite_B_Cryptography*** (see also the final note on "quantum resistance").    The NSA etc can make such stuff public because the key is in the key.  So to speak.

[***With the prospects of quantum computing, I think it will be a wait-and-see w.r.t. Suite B, which I think is actually very secure. My guess is that the "quantum resistant" algorithms will be just variations on what we have now and will not have any fundamental changes.]

The nice thing about mathematics is that one cannot limit mathematical curiosity or brain-power or knowledge or ...  to some geeks sitting in a dark basement, and in current cryptography that is neither possible, nor necessary, nor helpful.  So then , to the nitty-gritty ...

The best current cryptosystems are based on one of the following:

(a) the difficulty of factoring a composite integer into primes (and even two well-chosen prime factors will do)

(b) the difficulty of computing discrete logarithms over a finite field, always a prime field.  (Strictly, just about about any finite field field will do, but with a prime field it's easy to find primitive roots, quadratic residues, and such-like good stuff.)

(c) the difficulty of computing discrete logarithms on an elliptic curve defined over a finite field, almost-always prime or binary.  (Any kind of finite field will probably do, but these two types are especially handy for computer use.)

[The preceding is a broad generalization, because there are some very good and well-used algorithms that are  primarily based on hashing.   But, again, even those are actually widely-known. Also, many systems that are primarily based on (b) and (c) additionally make use of (a).]

The key point in all of (a) to (c) is that it is a matter of computing power and time: all of the cryptosystems can be broken, but nobody loses sleep over that because current systems cannot do it in an awfully long time. Quantum computing presents very few unhappy prospects with respect to "I'll be long dead by then".   

Let's consider (a): the core of the encryption will consist of the multiplication of two large primes ... not terribly difficult; and the core of the decryption requires knowledge of one of those prime and is very hard if one does not know how to quickly factor arbitrary, large composite integers ...and right now nobody knows how to do that.   If one knows the prime factors, then it is just another multiplication.   There are all sorts of variations on this theme---for example,  those nominally based on the difficulty in being able to determine whether or not a random number is a quadratic residue---but the core of the cryptosystems boil down to the same thing.

I don't know how much you'd like, but most systems in (b) will in fact have (a)  as some basis, and one can in fact interpret "logarithm" in the usual sense, except that the underlying field now is finite and addition and multiplication are defined differently.    And if there is anything confusing about (c), it is in "logarithm", which most people interpret in terms of "powers".

If you are really keen, how about this: I'll give you, in a couple of  paragraphs or so, how to encrypt, in a couple of hours, whatever you have on your computer, in such a way that the CIA, NSA, KGB, MI5, ABC, and XYZ will not get at it for the next 20 years or so.   Unless they successfully torture you or you dog. Nothing to do with computing power or even being clever ... with (c), it's just a matter of choosing some curve and a base point on that curve.   

[Nefertiti]

Interesting stuff. Always suspected these geek types dominate the blogosphere.

If you are really keen, how about this: I'll give you, in a couple of  paragraphs or so, how to encrypt, in a couple of hours, whatever you have on your computer, in such a way that the CIA, NSA, KGB, MI5, ABC, and XYZ will not get at it for the next 20 years or so.   Unless they successfully torture you or you dog. Nothing to do with computing power or even being clever ... with (c), it's just a matter of choosing some curve and a base point on that curve.   

I'm really keen.