this post was submitted on 18 Nov 2024
483 points (93.2% liked)

TenForward: Where Every Vulcan Knows Your Name

3840 readers
975 users here now

/c/TenFoward: Your home-away-from-home for all things Star Trek!

Re-route power to the shields, emit a tachyon pulse through the deflector, and post all the nonsense you want. Within reason of course.

~ 1. No bigotry. This is a Star Trek community. Remember that diversity and coexistence are Star Trek values. Any post/comments that are racist, anti-LGBT, or generally "othering" of a group will result in removal/ban.

~ 2. Keep it civil. Disagreements will happen both on lore and preferences. That's okay! Just don't let it make you forget that the person you are talking to is also a person.

~ 3. Use spoiler tags. This applies to any episodes that have dropped within 3 months prior of your posting. After that it's free game.

~ 4. Keep it Trek related. This one is kind of a gimme but keep as on topic as possible.

~ 5. Keep posts to a limit. We all love Star Trek stuff but 3-4 posts in an hour is plenty enough.

~ 6. Try to not repost. Mistakes happen, we get it! But try to not repost anything from within the past 1-2 months.

~ 7. No General AI Art. Posts of simple AI art do not 'inspire jamaharon'

~ 8. No Political Upheaval. Political commentary is allowed, but please keep discussions civil. Read here for our community's expectations.

Fun will now commence.


Sister Communities:

[email protected]

[email protected]

[email protected]

[email protected]

Want your community to be added to the sidebar? Just ask one of our mods!


Honorary Badbitch:

@[email protected] for realizing that the line used to be "want to be added to the sidebar?" and capitalized on it. Congratulations and welcome to the sidebar. Stamets is both ashamed and proud.


Creator Resources:

Looking for a Star Trek screencap? (TrekCore)

Looking for the right Star Trek typeface/font for your meme? (Thank you @kellyaster for putting this together!)


founded 11 months ago
MODERATORS
 
you are viewing a single comment's thread
view the rest of the comments
[–] bunchberry 1 points 2 weeks ago* (last edited 2 weeks ago) (1 children)

This is a rather reductive view of quantum cryptography.

Correct = reductive?

The two most common applications of it I hear about is the development of encryption algorithms resistant to being broken on quantum computers

First, I was talking about quantum encryption, not quantum cryptography, which is a bit more broad. Second, we already have cryptographic algorithms that run on classical computers that are not crackable by quantum computers, known as lattice-based cryptography which are way more practical than anything quantum cryptography could offer.

the way, say, Shur’s algorithm is known to break RSA

Shor's algorithm. Yes, it breaks asymmetrical ciphers like RSA, but we have developed alternatives already it cannot break, like Kyber.

and techniques like quantum key distribution

Classical key exchange algorithms prevent someone from reading your key if they intercept the data packets between you. QKD is entirely impractical because it does not achieve this. Rather than preventing someone from reading your key if they intercept the data packets, it merely allows you to detect if someone is intercepting the data packets. You see, in regular cryptography, you want people to be able to intercept your data. It's necessary for something like the internet to work, because packets of data have to be passed around the whole world, and it would suck if your packets got lost simply because someone read them in transit, which is why QKD is awful. If a single person reads the data packet in transit then they would effectively deny service to the recipient.

Both of these are real problems that don’t become meaningless just because one-time pads exist - you need to somehow securely distribute the keys for one-time-pad encryption.

One-time pad encryption is awful as I already explained, it would cut the entire internet bandwidth in half because if you wanted to transmit 10 gigabytes of data you would also need to transmit 10 gigabyte key. QKD is also awful for the fact that it would be unscalable to an "internet" because of how easy it is to deny service. It also doesn't even guarantee you can detect someone snooping your packets because it is susceptible to a man-in-the-middle attack. Sure, the Diffie-Hellman Key Exchange is also susceptible to a man-in-the-middle attack, but we solve this using public key infrastructure. You cannot have public key infrastructure for quantum cryptography.

The only proposed quantum digital signature algorithms are unscalable because they rely on Holevo's theorem, which basically says there is a limited amount of information about the quantum state of a qubit you can gather from a single measurement, thus creating a sort of one-way function that can be used for digital signatures. The issue with this is that Holevo's theorem also says you can acquire more information if you have more copies of the same qubit, i.e. it means every time you distribute a copy of the public key, you increase the probability someone could guess it. Public keys would have to be consumable which would entirely prevent you from scaling it to any significantly large network.

That’s why one-time pads aren’t used everywhere, (“it would cut the whole internet bandwidth in half overnight” would not have been a sufficient reason - that’d be a tiny price to pay for unbreakable encryption, if it actually worked).

You are living in fairy tale lala land. Come back down to reality. If you offer someone an algorithm that is impossible to break in a trillion, trillion years, and another algorithm that is in principle impossible to break, but the former algorithm is twice as efficient, then every company on the entirety of planet earth will choose the former. No enterprise on earth is going to double their expenses for something entirely imaginary that could never be observed in practice. You are really stuck in delulu town if you unironically think the reason one-time pads aren't used practically is due to lack of secure key distribution.

Even prior to the discovery of Shor's algorithm, we were issuing DHKE which, at the time, was believed to be pretty much an unbreakable way to share keys. Yet, even in this time before people knew DHKE could be potentially broken by quantum computers, nobody used DHKE to exchange keys for one-time pads. DHKE is always used to exchange keys for symmetrical ciphers like AES. AES256 is not breakable by quantum computers in practice as even a quantum computer would require trillions of years to break it. There is zero reason to use a one-time pad when something like AES exists. It's the industry standard for a reason and I bet you my entire life savings we are not going to abandon it for one-time pads ever.

[–] LonelyNematocyst 1 points 1 week ago

If you offer someone an algorithm that is impossible to break in a trillion, trillion years, and another algorithm that is in principle impossible to break, but the former algorithm is twice as efficient, then every company on the entirety of planet earth will choose the former. Some companies who pay a lot of money for bandwidth, maybe. "Any company"? Not a chance. Internet is cheap and companies routinely waste money in much more frivolous ways. And for stuff which sells on its security, e.g. messengers like Signal, the advertising value of "our encryption is mathematically unbreakable" would be well worth it. And plenty of individual nerds would opt into it just out of principle, being fully willing to cut their bandwidth in half for fuzzy feelings. Not even to mention military applications. You don't see such things in reality, because this is, unless I misunderstand something truly massive, impossible. You can't do unbreakable encryption over the network because you can't securely share the pad key. Yet, even in this time before people knew DHKE could be potentially broken by quantum computers, nobody used DHKE to exchange keys for one-time pads. Well yes, because that'd be incorrect - by sharing one-time-pad keys with DHKE you're reducing the security to that of DHKE, so you might as well drop the one-time-pad part and use an ordinary encryption algorithm instead.