A new "quantum proof" encryption standard is broken by a low-end PC

Originally published at: A new "quantum proof" encryption standard is broken by a low-end PC | Boing Boing

9 Likes

angry employee office destruction GIF

19 Likes

welp… it’s back to the too stupid to be considered (TSTBC) encryption method for me: Vigenère with ‘moıst’ for the key (ssssh)

dcj txeqpaslo woge o ainqoualt cakbrfiyx

12 Likes

How humiliating that must be for the cryptographer-designers.

4 Likes

I am a cryptographer and I approve of this message.

6 Likes

And this is why Good Crypto algorithms are open, transparent, and need to be beaten upon heavily before it’s declared a standard.

And it was just one core on the E5-2630v2 processor (which is a six core chip running on the Ivy Bridge architecture and was released in Q3 of 2013).

“Alongside the vintage processor, Castryck and Decru used a key recovery attack on the Supersingular Isogeny Diffie–Hellman key exchange protocol (SIDH) that was based on Ernst Kani’s ‘glue-and-split’ theorem.”

To quote Kevin Reed, CISO of Acronis: “It’s still better than if it was discovered after it is standardized.”

(Gleaned mostly from The Register.)

21 Likes

mel brooks password GIF

14 Likes

There’s a good chance SIKE is pronounced “seek” or “seek-eh”, but how ironic would it be that a broken cryptography algo’s name would be pronounced like syke?

syke
A word used to establish that the previous statement was false, usually followed by laughing. This is usually used when the user is unsure weather or not the joke was realised or wants to make it apparent that he or she was using sarcasm.
Dude that’s some cool car you have…syke! XD Bahahahaha
by Meister_X April 28, 2010

5 Likes

Ah, but you see, by the time we have code-cracking quantum computers, there won’t be any 2013-era computers around to crack the crypto any more.

12 Likes

Pretty sure this system is still uncrackable, but one computer needs to snail-mail the key to the other one first so there is a bit of lag-time involved.

6 Likes

You need to send your message in pig Latin.

5 Likes

The math gets cerebral, and Galbraith suggests if you really want to understand it, you need to study Richelot isogenies and abelian surfaces.
Damn. Another missed opportunity during lockdown.
But we digress

that is one i also missed

i think that tends to be the problem. the entire text of wikipedia is only about 20gb. so you’d need a pretty big pad for modern data

5 Likes

I just assumed, based on the cringe-y nature of so many things crypto, that it was pronounced like the word. Now excuse me while I finish my work on my own crypto standard - Steganographic Combinatorial Authentication Micromatrix, or SCAM for short.

7 Likes

Nah. Humilation is foreign to these particular designers. They’re cats.

11 Likes

This is good. If you are going to avoid a person-in-the-middle attack, you ought to go and meet them anyway. Anything else is not secure.

3 Likes

Nerds are more likely to be into The Three Stooges, so PL would be a likely default. So, amscray!

3 Likes

With all the (well-justified) animosity here toward cryptocurrency, I understand your annoyance. But please do not make the mistake of conflating cryptocurrency with cryptography. The former is a planet-burning ponzi scheme. The latter is a highly technical academic field with a rich history applications to mathematical theory, military intelligence, and international commerce.

The discipline’s academics all hate cryptocurrency just as much as you do, and they’re a victim of this glib verbal conflation, not the perpetrators of it.

13 Likes

Needs to send it in a way that they can prove it wasn’t intercepted. But a true OTP isn’t just uncrackable today, it was proven uncrackable in general by Shannon. The proof is pretty intuitive, too.

3 Likes

Navaho is where it’s at.

5 Likes

Or you encrypt and send the (small) key(s) for another strong cryptosystem using the one-time pad then encrypt the (large) data set with that other system using the encrypted keys.

1 Like