--
You received this message because you are subscribed to the Google Groups "pqc-forum" group.
To unsubscribe from this group and stop receiving emails from it, send an email to pqc-forum+...@list.nist.gov.
To view this discussion on the web visit https://groups.google.com/a/list.nist.gov/d/msgid/pqc-forum/9fcc9744-405c-4bc7-a9b3-6b222052a0cbn%40list.nist.gov.
No Problem Thomas,
Someone already asked that question in ChatGPT:
Sure, here are a few cryptographic primitives that are believed to be resistant to attacks other than brute-force search through the keyspace, even when Grover's algorithm is taken into account:
It's worth noting that while these cryptographic primitives are currently believed to be secure against attacks other than brute-force search, future advancements in quantum computing or other areas of technology could potentially render them insecure. Therefore, it's important to regularly review and update the cryptographic primitives used to protect sensitive data to ensure that they remain secure in the face of new and emerging threats.
Met vriendelijke groet,
Ad Koolen
Government Crypto Specialist
06 816 124 88
Mob: + 31 681 612 488
To view this discussion on the web visit https://groups.google.com/a/list.nist.gov/d/msgid/pqc-forum/f57d9bb6-40d2-4d96-b2dd-b59c33ccfad2n%40list.nist.gov.
Ad,
With regarding to #3, it has been proven that factor-based asymmetric key encryption like RSA is vulnerable to Shor's algorithm which reduces the exponential computation to polynomial. This seems a better approach than using Grover's algorithm for an exhaust brute force search.
Paul
-- Shuangbao Wang, Ph.D. Professor and Chair Department of Computer Science Morgan State University https://p-neumann.github.io/paul/ 443-885-4503/3962 "Integrity, Intelligence, and Energy"
To view this discussion on the web visit https://groups.google.com/a/list.nist.gov/d/msgid/pqc-forum/002d01d94530%24ee0b3940%24ca21abc0%24%40compumatica.com.
Nice Thomas,
Txs for the update!
Btw, did you see this ?
I'm pleased to share the info with you how we have recovered the private key from the RSA-encrypted public key by using a quantum simulator.
You can find the detailed procedures from the URL below.
https://lnkd.in/emFgrUSP
A total of 58 Qubit was utilized and the computing time consumed was ca. 1hr 54m.
Should you have any queries in this regard, please feel free to email me at how...@norma.co.kr, or to...@norma.co.kr
If any of you are visiting the MWC 2023 exhibition in Barcelona next week, I will be glad to meet and talk.
You can find our stand from the URL below.
https://lnkd.in/eGf6wB8K
With best regards,
Howard Y. Jung
Met vriendelijke groet,
Ad Koolen
To view this discussion on the web visit https://groups.google.com/a/list.nist.gov/d/msgid/pqc-forum/70eed5b2-51b0-4902-84f6-c3a4e48a5fa7n%40list.nist.gov.
It’s a bit off topic but related. During Corona lockdown, I fine-tuned a GPT-2 instance on all IACR eprint abstracts as hobby project:
The tool can write a new abstract, write the abstract to a given title, or complete Title + partial abstract.
It also knows a bit about PQC. However, similar to a lot of GPT related systems – some of the text sounds good but is not necessarily correct or useful. I have my doubts that these systems will design or break crypto in the near future.
Cheers
Thomas
From: 'Bas Westerbaan' via pqc-forum <pqc-...@list.nist.gov>
Sent: Montag, 20. Februar 2023 02:52
To: Doge Protocol <dogepr...@gmail.com>
Cc: pqc-forum <pqc-...@list.nist.gov>
Subject: Re: [pqc-forum] Hypothetical scenario; Post AI cryptography?
Caution: This e-mail originated outside Infineon Technologies. Do not click on links or open attachments unless you validate it is safe. |
To view this discussion on the web visit https://groups.google.com/a/list.nist.gov/d/msgid/pqc-forum/CAMjbhoXRdDapx6yhSgVX7-_f625RGS8c8r%3DcKpkdvVT9EhgmEA%40mail.gmail.com.
TL;DR: My intuition is that AI/ML-assisted cryptanalysis will accelerate the pace of discovering new better factoring and lattice-reduction algorithms, but there’s nothing fundamentally new about the algorithms discovered by ML-assisted research methods that would invalidate our current security proofs.
AI/ML is able to make astounding progress on problems such as human genetics or drug discovery, but keep in mind that the human genome is 725 mb and there are tens of millions of known organic compounds, whereas the key space of AES-256 is like 10^66 TB – more than the number of atoms on earth (estimated at 10^50). So unless we’ve thoroughly goofed in designing our permutation functions, you would need more input-output pairs in the “training data” than there are atoms on the planet. So I’m skeptical that AI/ML could break modern ciphers with substantially less computational resources than the brute-force method of building a lookup table.
I like to de-magic things be replacing the terms “AI / ML” with the term “computational statistics”. So then the question becomes “Can large-scale computational statistics do a better job at cryptanalysis than contemporary approaches?”. But of course computational statistics has been in the cryptanalysis toolbox since the days of Claude Shannon and Alan Turing, so it’s not fundamentally new; Claude Shannon coined the terms “confusion and diffusion” as cipher design principles exactly to counter this sort of statistical cryptanalysis.
Now to AI/ML-assisted research methods. This is bearing fruit in medical research where, for example, an AI/ML can evaluate vast numbers of chemical compounds for ones that may behave similarly to existing pharmaceuticals, leaving researchers with a short-list of compounds to investigate manually. I imagine a similar technique could be used to discover, for example, lattice reduction algorithms, but there’s nothing fundamentally new about the classes of algorithms that an AI would discover, including statistical methods (ie the lattice-reduction alg is itself AI/ML), so they would have to obey bounds established in our current security proofs.
---
Mike Ounsworth
From: pqc-...@list.nist.gov <pqc-...@list.nist.gov>
On Behalf Of Thomas.Po...@infineon.com
Sent: Monday, February 20, 2023 12:36 PM
To: b...@cloudflare.com; dogepr...@gmail.com
Cc: pqc-...@list.nist.gov
Subject: [EXTERNAL] RE: [pqc-forum] Hypothetical scenario; Post AI cryptography?
WARNING: This email originated outside of Entrust.
DO NOT CLICK links or attachments unless you trust the sender and know the content is safe.
.
To view this discussion on the web visit https://groups.google.com/a/list.nist.gov/d/msgid/pqc-forum/59204bcfef01486b9c2ecf0a45670165%40infineon.com.
--
You received this message because you are subscribed to the Google Groups "pqc-forum" group.
To unsubscribe from this group and stop receiving emails from it, send an email to pqc-forum+...@list.nist.gov.
To view this discussion on the web visit https://groups.google.com/a/list.nist.gov/d/msgid/pqc-forum/83633dc9-c364-45a6-9b83-a304d25f650fn%40list.nist.gov.
To view this discussion on the web visit https://groups.google.com/a/list.nist.gov/d/msgid/pqc-forum/98A1D61A-B759-407E-93BD-3F3D5B1556D5%40gmail.com.