[11590] in cryptography@c2.net mail archive
Re: Quantum computers inch closer?
daemon@ATHENA.MIT.EDU (Ed Gerck)
Fri Aug 30 22:07:50 2002
Date: Fri, 30 Aug 2002 13:30:42 -0700
From: Ed Gerck <egerck@nma.com>
To: bear <bear@sonic.net>
Cc: cryptography@wasabisystems.com
X-Rcpt-To: <cryptography@wasabisystems.com>
bear wrote:
> On Sat, 17 Aug 2002, Perry E. Metzger wrote:
>
> >
> >[I don't know what to make of this story. Anyone have information? --Perry]
> >
> >Quantum computer called possible with today's tech
> >http://www.eet.com/story/OEG20020806S0030
> >
> ..
> The papers I've been reading claim that feistel ciphers (such as
> AES, DES, IDEA, etc) are fairly secure against QC.
>
> But I don't see how this can be true in the case where the
> opponent has a plaintext-ciphertext pair.
> ...
> I'm not a quantum physicist; I could be wrong here. In
> fact, I'm probably wrong here. But can anyone explain
> to me *why* I'm wrong here?
I'm a quantum physicist. Your argument is good but it has
nothing to do with quantum physics. The claim that feistel
ciphers are fairly secure against QC has to do with a
complex calculation that has no counterpart in a physical
system that could be used to "calculate" it. Not that the
calculation is not possible, but that it cannot be efficiently
transposed to a QC. Other ciphers may be a lot easier in this
regard -- for example, there is a good similarity between
factoring the product of two primes and calculating
standing wave harmonics in a suitable quantum system.
Cheers,
Ed Gerck
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com
