Path: csiph.com!weretis.net!feeder6.news.weretis.net!usenet.blueworldhosting.com!feed1.usenet.blueworldhosting.com!peer03.iad!feed-me.highwinds-media.com!news.highwinds-media.com!feeder.usenetexpress.com!tr1.iad1.usenetexpress.com!69.80.99.26.MISMATCH!Xl.tags.giganews.com!local-2.nntp.ord.giganews.com!nntp.earthlink.com!news.earthlink.com.POSTED!not-for-mail NNTP-Posting-Date: Mon, 16 Jan 2023 05:48:32 +0000 Subject: Re: Danger Will Robinson ! Aussies Invent Gigabit Quantum-Computing Method, ALL Encryption At Risk SOON Newsgroups: comp.os.linux.misc References: <-ZCcnXkzqKzxoF_-nZ2dnZfqn_ednZ2d@earthlink.com> From: "26C.Z968" <26C.Z968@noaada.net> Date: Mon, 16 Jan 2023 00:48:13 -0500 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.13.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 8bit Message-ID: <8gOdnRB1c4OteFn-nZ2dnZfqnPSdnZ2d@earthlink.com> Lines: 41 X-Usenet-Provider: http://www.giganews.com NNTP-Posting-Host: 68.222.41.46 X-Trace: sv3-KOBp58DzNsNeGv4HmAy/6R91RwPSWA1V8U6TSEt59pHE7nim/mAVF2B/OJL5kTY5zQB+32t92gojvN+!ZGswi11cN9GOp+xqXWencQ122gTuxB8teC5TtctDonMXNpr1/8HqV7HEoo/1LDxuNnE6GhQ1mkvL!Atv7ApkeL2b+fxR5mlA= X-Abuse-and-DMCA-Info: Please be sure to forward a copy of ALL headers X-Abuse-and-DMCA-Info: Otherwise we will be unable to process your complaint properly X-Postfilter: 1.3.40 X-Received-Bytes: 3424 Xref: csiph.com comp.os.linux.misc:36701 On 1/15/23 10:28 AM, Richard Kettlewell wrote: > "26C.Z968" <26C.Z968@noaada.net> writes: >> On 1/14/23 6:32 AM, Richard Kettlewell wrote: >>> Quantum-safe replacements for asymmetric schemes are well underway. You >>> can use LMS/HSS and XMPP today, though you will need to think carefully >>> about state management, and IIRC some requirements to use LMS are coming >>> down the line in certain contexts. Looking further ahead several >>> stateless schemes are currently undergoing standardization. We don’t >>> know when a CRQC will be built but both standards/compliance bodies and >>> implementors are taking the prospect very seriously. >>> [1] assuming correct implementation, absence/mitigation of side >>> channels, proper use of authenticated encryption - all the stuff we >>> already need for a block cipher anyway. >> >> Symmetric block ciphers are good for protecting files ... but >> the SSL that gets them from a server to your PC is an asymmetric >> scheme. qPCs might do well with MIM attacks ... meaning the 's' >> in https becomes a joke. > > That’s what the quantum-safe asymmetric schemes are for. Yea ... but gotta DO them, STANDARDIZE/CERTIFY/DEPLOY them ..... Ain't seen THAT yet. And "a few years" may not be soon ENOUGH. There are 'intermediate fixes' ... just ASSUME https is NOT gonna be totally secure and never transmit files or bits thereof in the clear assuming https is gonna take care of things. Final decryption would have to be shifted to LOCAL PCs. When you look at ANY bits of a database - yer account/login stuff at Google for instance - using a browser it would only SEEM to be clear text ... but instead go thru an additional symmetric decryption step on yer PC. Quantum-resistant https/TLS is badly needed now, but WHEN will we see it ??? When is there 'httpq' ??? See what I'm aiming at ?