Busted! Internet Community Caught Unprepared

Internet Security (TLS) is no longer safe. That green HTTPS word, the golden padlock, all lies. The beneficiaries: trusted third parties who charge for certificates. Yes, it sounds like a scam, but not one actively peddled, this one is from complacency from the people who oversee the standards of the internet. Is there bribery involved? Who knows.

A month ago, there were no problems with TLS. Because it was only the 6th of October when a paper was published which paves the way to build machines which can break TLS. Update: Now a whole Q-computer architecture has been designed publically (what has been done privately?), and can be built under $1B. These machines are called Quantum Computers. So where’s the scam?

The nerds behind the Internet, knew long ago about the threat of developing such a machine. They also knew that new standards and processes could be built unbreakable even by a Quantum Computer. But what did they do? They sat on their hands.

I predicted in 2010 that it would take 5 years before a Quantum Computer would be feasible. I wasn’t specific about a mass production date. I was only 4 months out. Now it’s feasible for all your internet traffic to be spied on, including passwords, if the spy has enough money and expertise. But that’s not the worst part.

Your internet communication last year may be deciphered also. In fact, all of your internet traffic of the past, that you thought was safe, could be revealed, if an adversary was able to store it.

I wrote to Verisign in 2010 and asked them what they were doing about the looming Internet Emergency, and they brushed my concern aside. True, users have been secure to date, but they knew it was only a Security Rush. Like living in the moment and getting drunk, not concerned about tomorrow’s hangover, users have been given snake oil, a solution that evaporates only years later.

All of these years, money could have been poured into accelerated research. And there are solutions today, but they’re not tested well enough. But the least that could be done is a doubling of security. Have both the tried and tested RSA, as well as a new theoretically unbreakable encryption, in tandem.

Why is there still no reaction to the current security crisis? There are solid solutions that could be enacted today.

Updates

  • 2018-08-05: “If you have a secret today, don’t encrypt it with RSA if you believe quantum computing is coming.” —Matthias Troyer, Microsoft. see https://spectrum.ieee.org/view-from-the-valley/computing/hardware/quantum-computing-researchers-on-the-pace-of-development-managing-a-quantum-group-and-the-end-of-bitcoin
  • 2018-01-02: What if Shor’s algorithm isn’t optimal? What if the factors can be found using fewer Qubits? What if there is a completely different algorithm? Although Governments may already have a Quantum Computer with many more Qubits than expected, lowering the requirement is another way to advance quickly.
  • 2017-12-12: “applications in fields such as drug design and catalyst development are likely to materialize sooner, as they’re able to make use of smaller quantum computers with hundreds of qubits, compared to the thousands required to break cryptography” https://arstechnica.com/gadgets/2017/12/microsofts-q-quantum-programming-language-out-now-in-preview/
  • 2017-11-16: “We’re going to look back in history and say that [this five-year period] is when quantum computing emerged as a technology” “Gil believes quantum computing turned a corner during the past two years. Before that, we were in what he calls the era of quantum science” “But 2016 to 2021, he says, will be the era of “quantum readiness,” a period when the focus shifts to technology that will enable quantum computing to actually provide a real advantage”
  • 2017-06-29: Qubits hold superposition of two states. Quadits hold more than two, requiring less Quantum entangled particles. Less particles means less chance of decoherence and therefore earlier date of seeing a Quantum Computer silently cracking the internet’s encrypted secrets. If not already. see http://spectrum.ieee.org/tech-talk/computing/hardware/qudits-the-real-future-of-quantum-computing
  • 2017-05-26: “In a recent commentary in Nature, Martinis and colleagues estimated that a 100-million-qubit system would be needed to factor a 2,000-bit number—a not-uncommon public key length—in one day.” see http://spectrum.ieee.org/computing/hardware/google-plans-to-demonstrate-the-supremacy-of-quantum-computing
  • 2017-02-21: Here’s a great video which explains Quantum Computing and the maths behind it. They don’t quite realise the security threat today, but that’s ok, it’s a great video – https://www.youtube.com/watch?v=IrbJYsep45E
  • 2017-02-03: A feasible Q-computer architecture has been designed, with thorough public critique. see http://theconversation.com/how-we-created-the-first-ever-blueprint-for-a-real-quantum-computer-72290
  • 2016-07-09: Apparently Google heard me – http://arstechnica.com/security/2016/07/https-crypto-is-on-the-brink-of-collapse-google-has-a-plan-to-fix-it/. They’re focusing on the PQC named “Ring Learning With Errors”.
  • 2016-03-29: Another breakthrough reducing the amount of locial blocks for a swap. It’s clear that there’s a lot of interest and investment in Quantum Computing. Will this create an exponential cycle of discovery and additional funding/interest? Will Drug companies start to invest directly and more strongly? see http://www.cio.com.au/article/596836/quantum-computing-now-big-step-closer-thanks-new-breakthrough/

One thought on “Busted! Internet Community Caught Unprepared”

Leave a Reply

Your email address will not be published. Required fields are marked *