From: Eugen Leitl (eugen@leitl.org)
Date: Sat Aug 31 2002 - 06:07:29 MDT
-- -- Eugen* Leitl leitl ______________________________________________________________ ICBMTO: N48 04'14.8'' E11 36'41.2'' http://eugen.leitl.org 83E5CA02: EDE4 7193 0833 A96B 07A7 1A88 AA58 0E89 83E5 CA02 ---------- Forwarded message ---------- Date: Fri, 30 Aug 2002 13:30:42 -0700 From: Ed Gerck <egerck@nma.com> To: bear <bear@sonic.net> Cc: cryptography@wasabisystems.com Subject: Re: Quantum computers inch closer? bear wrote: > On Sat, 17 Aug 2002, Perry E. Metzger wrote: > > > > >[I don't know what to make of this story. Anyone have information? --Perry] > > > >Quantum computer called possible with today's tech > >http://www.eet.com/story/OEG20020806S0030 > > > .. > The papers I've been reading claim that feistel ciphers (such as > AES, DES, IDEA, etc) are fairly secure against QC. > > But I don't see how this can be true in the case where the > opponent has a plaintext-ciphertext pair. > ... > I'm not a quantum physicist; I could be wrong here. In > fact, I'm probably wrong here. But can anyone explain > to me *why* I'm wrong here? I'm a quantum physicist. Your argument is good but it has nothing to do with quantum physics. The claim that feistel ciphers are fairly secure against QC has to do with a complex calculation that has no counterpart in a physical system that could be used to "calculate" it. Not that the calculation is not possible, but that it cannot be efficiently transposed to a QC. Other ciphers may be a lot easier in this regard -- for example, there is a good similarity between factoring the product of two primes and calculating standing wave harmonics in a suitable quantum system. Cheers, Ed Gerck --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com
This archive was generated by hypermail 2.1.5 : Sat Nov 02 2002 - 09:16:35 MST