|
|
|
|
|
|
by FergusArgyll
283 days ago
|
|
|
<pedantry> "On the other hand, symmetric algorithms such as AES are believed to be immune to Shor. In most cases, the best-known quantum key recovery attack uses
Grover’s algorithm which provides a generic square-root speed-up over classical
exhaustion in terms of the number of queries to the symmetric algorithm. In other
words, Grover would recover the 256-bit key for AES-256 with around 2^128 quantum
queries to AES compared to around 2^256 classical queries for exhaustion.
" - https://csrc.nist.gov/csrc/media/Events/2024/fifth-pqc-stand... </pedantry> the paper itself concludes "the practical security impact of Grover with existing techniques on plausible near-term quantum hardware is limited." |
|
|