Researcher Claims to Have Cracked RSA-2048 With Quantum Computer
Researchers are highly skeptical about the claim of another scientist who says that he has developed an inexpensive system to crack RSA encryption, the most commonly used public key encryption.
The researcher who claims to have cracked RSA is Ed Gerck. According to his LinkedIn profile, he is a quantum computing developer at a company that he founded called Planalto Research.
Most cryptographers think the most viable approach to break RSA and other crypto is to use Shor’s algorithm, invented by Peter Shor in 1994 – but it requires more powerful quantum computers than exist today.
Gerck says, and this is why most researchers doubt his claims, that his QC computations were done in a commercial cellphone or Linux desktop with a hardware cost of less than $1,000.
He claims that rather than using Shor’s Algorithm, he used a system based on quantum mechanics which can run off commercial hardware.
At this point, it is a bit of a standoff. Unless Gerck can prove that he can factor the large prime numbers used in RSA, very few people will believe that he has done what he claims.
On the other hand, the government is working feverishly on implementing post-quantum cryptography. That starts with understanding where all the crypto is – in hardware, software and firmware, so you can figure out what will eventually need to be replaced.
NIST has already proposed a number of post-quantum algorithms and they are being field tested right now.
Our adversaries have been collecting encrypted data for years now (as have we), waiting for the day when they can decrypt it. Some data will age out and be useless – that was the theory behind encrypting everything. In the early days, we only encrypted valuable data – which made it easy to figure out what to collect. Now that everything is encrypted at least with TLS (web traffic and email), that problem is harder.
The NSA wants to fully replace all non-quantum crypto in the next 10 years. While that seems to be a long time, it really is not given how hard the problem is.
If you have not started by taking inventory, you should start.
If you need help, please contact us. Credit: Data Breach Today