Encryption algorithms that run on classical computers that are expected to be resistant to quantum computers.
This is notably not the case of the dominant 2020 algorithms, RSA and elliptic curve cryptography, which are provably broken by Grover's algorithm.
However, as of 2020, we don't have any proof that any symmetric or public key algorithm is quantum resistant.
Post-quantum cryptography is the very first quantum computing thing at which people have to put money into.
The reason is that attackers would be able to store captured ciphertext, and then retroactively break them once and if quantum computing power becomes available in the future.
There isn't a shade of a doubt that intelligence agencies are actively doing this as of 2020. They must have a database of how interesting a given source is, and then store as much as they can given some ammount of storage budget they have available.
A good way to explain this to quantum computing skeptics is to ask them:Post-quantum cryptography is simply not a choice. It must be done now. Even if the risk is low, the cost would be way too great.
If I told you there is a 5% chance that I will be able to decrypt everything you write online starting today in 10 years. Would you give me a dollar to reduce that chance to 0.5%?
Based on the fact that we don't have a P algorithm for integer factorization as of 2020. But nor proof that one does not exist!
The private key is made of two randomly generated prime numbers: and . How such large primes are found: how large primes are found for RSA.
The public key is made of:
n = p*q
- a randomly chosen integer exponent between
1
ande_max = lcm(p -1, q -1)
, wherelcm
is the Least common multiple
Given a plaintext message This operation is called modular exponentiation can be calculated efficiently with the Extended Euclidean algorithm.
m
, the encrypted ciphertext version is:c = m^e mod n
The inverse operation of finding the private
m
from the public c
, e
and is however believed to be a hard problem without knowing the factors of n
.However, if we know the private
p
and q
, we can solve the problem. As follows.First we calculate the modular multiplicative inverse. TODO continue.
Bibliography:
- www.comparitech.com/blog/information-security/rsa-encryption/ has a numeric example