Chinese researchers break 22-bit RSA encryption.

It’s still important news but that headline is deliberately missing that crucial little bit of scope.

Funny, neither the article nor the paper seem to mention Shor’s Algorithm. I’m going to read up more on this in the morning.

Cracking encryption is one of the things we expect quantum computers to be extremely good at, so I’m not particularly surprised by this development.

.

I think Schneier wrote this well before quantum computers were a reality - did he miss something fundamental in regards to them? Quantum computers are relatively new but the theory behind them is nearly a century old.

*One of the consequences of the second law of thermodynamics is that a certain amount of energy is necessary to represent information. To record a single bit by changing the state of a system requires an amount of energy no less than kT, where T is the absolute temperature of the system and k is the Boltzman constant. (Stick with me; the physics lesson is almost over.)

Given that k = 1.38×10-16 erg/°Kelvin, and that the ambient temperature of the universe is 3.2°Kelvin, an ideal computer running at 3.2°K would consume 4.4×10-16 ergs every time it set or cleared a bit. To run a computer any colder than the cosmic background radiation would require extra energy to run a heat pump.

Now, the annual energy output of our sun is about 1.21×1041 ergs. This is enough to power about 2.7×1056 single bit changes on our ideal computer; enough state changes to put a 187-bit counter through all its values. If we built a Dyson sphere around the sun and captured all its energy for 32 years, without any loss, we could power a computer to count up to 2192. Of course, it wouldn't have the energy left over to perform any useful calculations with this counter.

But that's just one star, and a measly one at that. A typical supernova releases something like 1051 ergs. (About a hundred times as much energy would be released in the form of neutrinos, but let them go for now.) If all of this energy could be channeled into a single orgy of computation, a 219-bit counter could be cycled through all of its states.

These numbers have nothing to do with the technology of the devices; they are the maximums that thermodynamics will allow. And they strongly imply that brute-force attacks against 256-bit keys will be infeasible until computers are built from something other than matter and occupy something other than space.*

I’m not a physicist but quantum particles were still considered to be matter the last time I checked.

This is why perfect forward secrecy is mandatory even if you have quantum encryption on your VPN.

As for file storage, even if it’s quantum resistant, we may see a time in the future where you need to periodically re-encrypt your files to keep them a little bit less in danger

Sure they did. Sure sure sure. We totally believe them.

There’s a lot of misinformation in this thread. Sure, they broke 22-bit RSA encryption. But here’s the thing - that’s proof that a suitably large quantum computer can break any size RSA encryption in the same amount of time it took to break 22-bit RSA encryption.

Because of the way the annealing process works, it’s a known-time process, no matter how many inputs or q-bits are used. We don’t have the ability to create a computer with sufficient q-bits to break anything more than 22-bit at the moment, but current estimates are that in 10 - 15 years we will have enough to break 1024-bit.

And it’ll take the same amount of time as this 22-bit process took.

And that basically means we need new encryption processes within 10-15 years, that are quantum safe, or all our encryption is belong to whoever has these quantum computers.