SAFENetwork Quantum Resistant?

minitrue · December 22, 2018, 1:03pm

Will the SAFENetwork/SAFECoin be quantum resistant? Here is an recent article on how quantum computing will disrupt bitcoin.

Best,

AGEID

draw · December 22, 2018, 3:34pm

It has to be seen if, when and how quantum computing will work (see this post and the replies).
The SAFE Network uses mainly AES-256, which is quantum resistant unlike ECDSA, RSA etc (see also this post).

draw · December 24, 2018, 9:17pm

Although I’ve my doubts, there is a lot of quantum computing R&D:

minitrue · December 24, 2018, 9:36pm

China and Europe are also investing at least $1 billion.

draw · March 14, 2019, 5:51pm

neo · March 15, 2019, 12:13am

This last paragraph seems to sum it up

But while some may be overselling the qubit’s codebreaking capabilities over the course of the next decade, researchers have already set their sights on alternatives to today’s encryption standards that may one day prove more quantum-resistant. And it looks like we might have a good few decades to work on those while quantum gets up to speed.

Mirage · March 24, 2019, 11:59pm

To me that article sounds like opinions and assumptions à la “if everything continues as expected, then …”.
I think @draw put it very well in his first answer

It has to be seen if, when and how quantum computing will work

Until that is not clear, I believe the OP question can not be answered definitely.

piluso · March 25, 2019, 11:30am

While we don’t know how the hardware might perform, there are few quantum algorithms that would take advantage of a quantum computer for cracking.

Without algorithms, the quantum computers might as well be the heaviest paperweight in the world.

Two major ones are Shor’s algorithm (for asymmetric crypto) and Grover’s algorithm (for symmetric crypto)
The one that applies to SafeNetwork would be Grover’s, and it only reduces the actual strength to half. So a AES-256 would have the strength of a AES-128 on a quantum computer with Grover’s algorithm.
It is similar for the hash function SHA3.

So that’s the current theoretical limit of the advantages that you can get on a fully functional quantum computer.

PS: as a side note, Shor’s algorithm completely destroys the future viability of current public-key cryptography.

tjf · March 25, 2019, 5:45pm

Correct me if I am wrong, but half of AES-256 is AES-255, right? Difficulty doubles with each increment.

Warren · March 25, 2019, 8:35pm

Power of the q computer doubles with each new bit. How long until it cracks the one time pad? There is always that as a recourse against the quantum.

Two people meet up and exchange quadrillions of serial one time pads and then each with a copy of the random 1 time pads can communicate indefinitely at distance going through their one time pads.

If they can just exchange some strange action at a distance physical bits (being sure they are not coupled on the way to other such bits) they might not even have to meet to exchange pads. If quantum teleportation which has been demostrated is possible so also is quantum communication- qbits in a q machine use such a channel as a kind of bus. Even if quantum communication turns out to not be super practical even beyond pad exchange there can always be pad exchange. But I guess people might also be left hand decrypting electronically communicated messages because how would you trust storing the pads electronically even if electronics generated the pads- and you’d destroy the isolated pad generators any way.

urrtag · March 26, 2019, 9:17am

Ok, what kind of PubKey crypto is Safe using? There has to be some kind of PubKey crypto for node IDs, SafeCoin owners etc.

edit: Hash-based Signatures could be used, but hard to impl

piluso · March 26, 2019, 7:34pm

Currently I think they are still using the libsodium library so they are using Curve25519xsalsa20poly1305 for Public-key authenticated encryption, xsalsa20poly1305 for Secret-key authenticated encryption, ed25519 as Public-key signatures and SHA-512.

But in Nov 17 @dirvine said:

It would be interesting if there was any updates on that idea.

In this case, Grover’s algorithm halves the effective key length for symmetric encryption.
AES-512 → AES-256
AES-256 → AES-128
So even though it takes a significant hit, it would be still considered fairly secure (aka. “quantum resistant”)

tfa · March 26, 2019, 8:56pm

No, only sha3_256 and not from libsodium but from tiny_keccak. They are using cryptographic primitives from rust_sodium (a library wrapper over libsodium) but not its hash part anymore.

A long time ago they were using sha512, and I think the evolution has been:

sha512 from libsodium
sha256 from libsodium
sha3_256 from tiny_keccak

Fabian_Cook · April 10, 2019, 1:40am

Are there more sources available stating that AES-256 is quantum resistant?

I’ve been watching this project closely: https://csrc.nist.gov/projects/post-quantum-cryptography/round-2-submissions

Zoki · April 10, 2019, 6:33am

Like this. You could build this in two a messaging app. Meet in person with a friend, rub your phone’s together as you generate one time pads.

Next to each friend in your address bar, have a one time pad health bar, visual indication of how many more secure messages you can send.

Warren · April 11, 2019, 4:36am

Yeah, I like it too! It reminds me of one of the quantum isms- two things that touch forever resonate. Given the singularity it would seem there is already a quantum back channel.

TylerAbeoJordan · September 20, 2019, 11:57pm

I’ve been sceptical that Quantum computing would develop fast enough to become a serious threat to network security in the near term (in any network) … but now beginning to think it needs to be taken very seriously.

draw · September 21, 2019, 9:39am

From Financial Times article:

The system can only perform a single, highly technical calculation, according to the researchers, and the use of quantum machines to solve practical problems is still years away.

And in this article from MIT Technology Review some other critical remarks.

TylerAbeoJordan · September 21, 2019, 10:11am

The paper on NASA’s website was taken down … they sure have stirred the pot and are inviting a lot of speculation and conspiracy … publicity stunt? IDK. Wait and see I guess.

Even if it’s a minor improvement, Moore’s law may apply to qubits too, so IMO nothings off the table yet.

Southside · September 21, 2019, 10:49am

As I see it - and I am not in the field - once knew a bit about photo-lithography - Moore’s “law” is not a law in the sense that Newton’s Laws are, merely a remarkably prescient observation and prediction on the evolving state of semi-conductor technology with major emphasis on photo-lithography. These advances continued until we ran up against some quantum roadblocks which mean we are unlikely to see any further huge increases in the density of devices on a wafer.
So these advantages are already won and cannot be won again in a parallel field. However as more teams work on qubits and there are more eyes on the problem/field making all the bugs shallower, we can expect the pace to pick up. But nothing so far suggests anything like the dramatic gains of Moore;s law is in effect . Yet…

Topic		Replies	Views
SAFE network safety against quantum computing Features	4	1540	May 29, 2015
Quantum / AI - The new Willow chip Support maidsafe	3	129	December 11, 2024
Quantum security Features	9	96	December 17, 2024
Andreas M. Antonopoulos - Thoughts on the Future of Programmable Money - Scottish Blockchain Meetup - June 19th, 2019 Videos	7	905	September 6, 2019
Blogger "unsafecoin" claims SafeNet needs Proof of Work Community	5	1315	May 23, 2017

SAFENetwork Quantum Resistant?

Related topics