I asked Gerck if this was theoretical, or if they had cracked RSA-2048 in a real-world setting, if they planned to demonstrate this to any quantum computing experts who might vouch for their findings, and when their peer-reviewed findings would be published.
He responded, “We broke a public RSA-2048. We cannot risk impersonation.”
Woodward, after reviewing the Gercks’ research paper, said it appears to be “all theory proving various conjectures - and those proofs are definitely in question.”
He added, “I’ll believe they have done this when people can send them RSA modulus to factor and they send back two primes. Until I see that, I’m just confused and not convinced they’ve done what they claim in the headlines.”
Generating an RSA private key involves multiplying two different large prime numbers to generate a key that is used to encrypt data. These so-called trapdoor algorithms make encryption easy but decryption difficult.
Using classical computers, which process data sequentially, brute-force cracking a strong key would require an enormous amount of time - perhaps hundreds if not trillions of years. But a big enough quantum computer, because it can use qubits to process data in parallel, could be used to easily crack even large keys generated using algorithms such as RSA in days if not hours.
Technology giants, including cloud providers, have already begun transitioning to post-quantum cryptography. In August, the Chromium Project adopted a hybrid cryptographic algorithm - X25519Kyber768 - for Chrome and Google Servers. As of Aug. 15, the latest version of Chrome includes a quantum hybrid key agreement mechanism. Amazon Web Services, Cloudflare, IBM and Microsoft are among the cloud providers also researching and updating products for post-quantum cryptography.
Schwartz is an award-winning journalist with two decades of experience in magazines, newspapers and electronic media. He has covered the information security and privacy sector throughout his career. Before joining Information Security Media Group in 2014, where he now serves as the executive editor, DataBreachToday and for European news coverage, Schwartz was the information security beat reporter for InformationWeek and a frequent contributor to DarkReading, among other publications. He lives in Scotland.
I asked Gerck if this was theoretical, or if they had cracked RSA-2048 in a real-world setting, if they planned to demonstrate this to any quantum computing experts who might vouch for their findings, and when their peer-reviewed findings would be published.
He responded, “We broke a public RSA-2048. We cannot risk impersonation.”
Woodward, after reviewing the Gercks’ research paper, said it appears to be “all theory proving various conjectures - and those proofs are definitely in question.”
He added, “I’ll believe they have done this when people can send them RSA modulus to factor and they send back two primes. Until I see that, I’m just confused and not convinced they’ve done what they claim in the headlines.”
Generating an RSA private key involves multiplying two different large prime numbers to generate a key that is used to encrypt data. These so-called trapdoor algorithms make encryption easy but decryption difficult.
Using classical computers, which process data sequentially, brute-force cracking a strong key would require an enormous amount of time - perhaps hundreds if not trillions of years. But a big enough quantum computer, because it can use qubits to process data in parallel, could be used to easily crack even large keys generated using algorithms such as RSA in days if not hours.
Technology giants, including cloud providers, have already begun transitioning to post-quantum cryptography. In August, the Chromium Project adopted a hybrid cryptographic algorithm - X25519Kyber768 - for Chrome and Google Servers. As of Aug. 15, the latest version of Chrome includes a quantum hybrid key agreement mechanism. Amazon Web Services, Cloudflare, IBM and Microsoft are among the cloud providers also researching and updating products for post-quantum cryptography.
https://www.bankinfosecurity.com/blogs/researcher-claims-to-crack-rsa-2048-quantum-computer-p-3536
About the Author Mathew J. Schwartz
Executive Editor, DataBreachToday & Europe, ISMG
Schwartz is an award-winning journalist with two decades of experience in magazines, newspapers and electronic media. He has covered the information security and privacy sector throughout his career. Before joining Information Security Media Group in 2014, where he now serves as the executive editor, DataBreachToday and for European news coverage, Schwartz was the information security beat reporter for InformationWeek and a frequent contributor to DarkReading, among other publications. He lives in Scotland.
Thanks
Don’t have to show me the tech, show me the money.