Hacker News new | ask | show | jobs
Ask HN: Isn't encryption *temporary* privacy?
2 points by microb 4786 days ago
Given that current encryption will someday be broken by quantum computers, all the companies who have copies of your encrypted data will have access to a massive backlog of your personal information. This includes the torrent of encrypted wifi data which exists in almost every household in America. Therefore, encryption is temporary privacy, wouldn't you say?
4 comments
claudius 4786 days ago
Only if the encrypted data is still around when decryption becomes feasible. I doubt someone is sitting in my closet and recording every bit of wifi traffic in my local network, so this traffic should, in theory, be fine. The same goes for encrypted hard drives – most of them won’t ever go through an agency capable of/interested in storing encrypted data.

Furthermore, I think that there are (classical and practicable[0]) encryption schemes which cannot be attacked by e.g. Shor’s factorisation algorithm, although I fail to remember their names.

So, depending on the threat model, encryption may well be permanent privacy, but of course you have to take future developments into account – even classical computers will get better.

[0] At least more practicable than XOR with a key the length of the plaintext.

link
tptacek 4786 days ago
(a) All security does indeed have a time/value component.

(b) The word "current" in your sentence is inaccurate in its most generous interpretation. All mainstream secret-key cryptography is believed to resist quantum computers.

(c) If you're relying on potentially-susceptible number-theoretic encryption algorithms like RSA, you could at some point switch to lattice or code-based alternatives.

You should read "An Introduction To Post-Quantum Cryptography", by Daniel Bernstein.

link
microb 4786 days ago
Very helpful. Thanks for the information.
link
mooism2 4786 days ago
Who is saving copies of our encrypted data that is not already able to decrypt it?

The power of quantum computers to break existing cryptographic algorithms is greatly exaggerated in the popular imagination. e.g. a quantum computer would not be able to instantly factorise large integers; it would be able to factorise them in about the time in which we can currently factorise integers half the length. Yes, attacks only get better, and computers get faster, but quantum computers aren't a magic silver bullet.

link
hardwaresofton 4786 days ago
I'm not in New Hampshire, but I think that time-based context is pretty important here... If you know the password I used 5 years ago, it may matter significantly less today.

Now if current encryption methods will be easily broken by quantum computers, we just need to create methods that become even more time consuming/difficult to use quantum computers to model. As two-way encryption moves forward, what is stopping people from layering encryptions on the legacy data?

link