Search Mailing List Archives

Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] Is Most Encryption Cracked?

Gregory Maxwell greg at
Wed Jul 17 11:24:36 PDT 2013

On Wed, Jul 17, 2013 at 10:18 AM, Collin Sullivan <collins at> wrote:

HALP. I've slipped on a snake oil spill and can't get up!

> "[...]Here’s why we think many of these encryption algorithms are cracked;
> • These entities want something complicated enough to keep others out,
> but easy enough for them to get into.  Your secret is safe with them.

If this is true its an argument for using standard encryption:
Knowledge of the fact that the US government has cracked AES would be
so insanely valuable, and it's leak so devastating a loss of
capability that unless you presented an existential threat they
wouldn't dare do something that could possibly leak this fact.

> • They are using computer technology that’s at least 30 years advanced
> someone says “that’ll take 30 years to crack”, they mean you’ll have
> to take 30 years to try all the possible keys.  With a quantum
> computer, that’s less than a second.  Even Google is now buying
> quantum computers, this one for $10 million.

This is a a bit of recursive snake-oil: I assume what this is
referring to is the much criticized DWAVE systems.  The dwave devices
are claimed to be quantum simulated annealers. They are not purported
to be quantum turing complete.  They perform a single algorithm (which
generalizes to classical computation, but not quantum computation) and
are not even theorized to be able to do the things an actual quantum
computer is theorized to be able to do.  This isn't to say that they
may not be useful for some applications, but it doesn't appear that
breaking AES is among those applications which is it even
theoretically useful for.

People often misunderstand the expected capabilities of quantum
computers they are not even _theorized_ to perform exponential in poly
time in the general case.  There are some tasks which would be much
faster on quantum computers (such as quantum simulation and
factoring), and other tasks that could at best be only moderately
faster.  Cracking symmetric ciphers generally falls into the latter
category, as the best general speedup against non-linear search that
quantum computation can give is a sqrt() speedup (analogous to halving
the number of bits of keyspace).  Though perhaps cryptographers doing
cryptanalysis with the help of QC powered theorem provers might be a
bit more potent at finding regular classical attacks. :)

> • Public domain encryption wouldn’t be allowed into the pubic unless
> it was cracked, because they wouldn’t be able to spy on you.  They
> wouldn’t be promoting something as good unless it was easy for them to
> get into it.  They’re spies after all."

I know a bunch of cryptographers, and I don't know any in the US who
are having their scheme suppressed in recent memory.  So this one
requires that you believe not that shadowy government groups are
suppressing stuff, but that no one is even coming up with anything
secure at all.  This streaches credibility, and even if the claim were
true why would this particular thing be the exception?

Maybe the next step in the plan is that when their crowfunding gets
taken down for being snakeoil they'll claim their work was too good to
be allowed to exist?

More information about the liberationtech mailing list