Date: Sat, 24 Jan 2015 13:07:29 -0800 From: Tao Effect <[email protected]>
So, I understand that QM algos can pretty much dismantle all popular asymmetric encryption algos with enough q-bits, but I haven't thought hard enough to see if they also can be used to compromise communications that used DH to do PFS underneath the initial handshake. Yes. Shor's algorithm can compute finite field and elliptic curve discrete logs, so an attacker who saved a transcript of g^a, g^b over the wire today can, if/when quantum computers become available, compute a, b, and g^ab and retroactively decrypt the rest of the encrypted transcript. _______________________________________________ Messaging mailing list [email protected] https://moderncrypto.org/mailman/listinfo/messaging
