Hacker News new | ask | show | jobs
by Shank 750 days ago
> The downfall will be cheap quantum computers; it seems like we have some time until those are available.

This is limited to things that can be easily cracked with a quantum algorithm like public key cryptography via shor's algorithm.

"Quantum computers won't solve hard problems instantly by just trying all solutions in parallel." -- Scott Aaronson
2 comments
Hasz 750 days ago
Totally fair, I am conflating two pretty different things.

For symmetric crypto, there is Grover's algorithm, which we can mitigate by just doubling key size. However, for asymmetric crypto, shor's algorithm is going to wreck it; intelligence agencies are hoovering up traffic right now to crack latter when it's cheaply available.

I would point out the field is in its infancy and new attacks/discoveries will be made that will change things dramatically. These attacks also depend on having access to a "sufficiently large" quantum computer, which in my amateur opinion is 10s of years away from public availability.

There is a whole field of "post-quantumn" cryptography being discussed now, but they not really standard or ready for prime-time afaik.

link
NegativeK 750 days ago
It's been a very long time, but: wouldn't Grover's algorithm apply to password hashes, shortening effective bit length by half?

That said, "double your password complexity/length" shouldn't be a problem if people are actually using password managers.

link
Shank 750 days ago
I suppose if we look at the world strictly in terms of a "classic" hash, I believe the answer is yes. However, "modern" password hashes are designed to be memory and CPU intensive. Scrypt hashes, for example, are designed to "waste" cycles and memory to bolster security. The size of the underlying password can remain static while the requirements imposed by scrypt can change.

Granted, I'm sure many sites are still using bad hash-based algorithms like md5 without salt today. But modern applications are often built with the goal of slowing down even offline attacks with salting, memory consumption, and CPU cycle consumption. The goal isn't just slow, but costly.

link