A newly discovered trade-off in the way time-keeping devices operate on a fundamental level could set a hard limit on the performance of large-scale quantum computers, according to researchers from the Vienna University of Technology.

  • Arthur BesseA
    link
    fedilink
    English
    arrow-up
    4
    ·
    1 year ago

    It isn’t expected that a quantum computer will be able to instantly break symmetric encryption, as is used in full disk encryption. It will give an enormous advantage (halving the number of bits of security) but attacking that will still require a large amount of time and energy. What a CRQC will very quickly break is the asymmetric primitives, as used in TLS, encrypted email and chats, etc.

    On the other hand, using default parameters from not so long ago, it is cheaper than you might expect to brute-force your disk passphrase already today without a quantum computer… which is why you should use a stronger key derivation function (in addition to a strong passphrase, of course).