Kevin Hoover, Facebook asked:
Will quantum security change online security?
Ross - Quantum computing appears to be somewhat stalled. It showed great promise back in the 1990s where there was a prospect of algorithms that wouldn’t allow people to factor large numbers quickly and the Los Alamos report, which looked at the state of the art in prospects said 10 years ago, that within a decade, that is by now, we should have proper working quantum computers that we could use to explore architecture. But we’re still stuck at the stage of messing around with machines with a maximum of 7 cubits. And now, scientists are beginning to wonder why it is that quantum computing doesn’t work as it promised and this, with luck, may lead to breakthroughs in physics, but I don’t see it as changing the world of cryptography any time soon.
Dave - So, by 7 cubits, you mean that they can factor a number up to that 128?
Ross - Well in fact, the largest number they’ve been able to factor so far is 15.
Dave - Probably not that useful.
Ross - So, there's something missing there and what’s missing is a source of interesting research in its own right.
Likely the interesting research is classified. Govs will never let it see the light of day, like cold fusion or nanotech.. Too many powerful people have too many trillions of $s to lose. We are not free...not even close. yamo, Sun, 23rd Sep 2012
nanotechnology is already out. As for quantum computing... I think china will be the first to crack that cookie. All Im saying. johnab1, Sat, 12th Jan 2013
BB84 is better in the respect that an eavesdropper - rather than a man in the middle - can be detected imatfaal, Wed, 30th Jan 2013
Eavesdropper yes - he damages quantum states.
To detect/prevent m-in-the-m you tend to rely on other techniques - whilst your interloper might have your optical fibre compromised, does he have the post, telephone, etc as well. ie the m-in-the-middle is pretty much screwed if the first message is "remember to use the one-time pads to cypher and de-cypher even with the quantum encryption - use the pads I gave you at that party last year starting with number 25!" imatfaal, Tue, 5th Feb 2013
Indeed, as I have written, beside the quantum channel the attacker would also need to control the classical ones ...
I see your point Jarek - although I think the eaves-dropper is the primary concern.
Ciphertext only attacks are just impossible against modern cryptosystems (...unless we get time-loop computers). They are designed to resist much stronger attacks, like adaptive chosen plaintext attacks, where the attacker can adaptively feed cryptosystem (using a fixed key) with chosen plaintext and observe ciphertexts it produces to try to deduce the key.