[E-Lang] MintMaker with ACLs

Karp, Alan alan_karp@hp.com
Thu, 1 Feb 2001 12:17:42 -0800

The interesting thing about using quantum computing for factoring is that
the time needed is independent of the key size.  The space needed grows, but
only linearly in the key size.  Thus, longer keys don't help because it
takes as much time and space to use them as to break them.

Alan Karp
Principal Scientist
Decision Technology Department
Hewlett-Packard Laboratories MS 1U-2
1501 Page Mill Road
Palo Alto, CA 94304
(650) 857-3967, fax (650) 857-6278

> -----Original Message-----
> From: Bill Frantz [mailto:frantz@communities.com]
> Sent: Wednesday, January 31, 2001 6:39 PM
> To: Ralph Hartley; e-lang@eros-os.org
> Subject: Re: [E-Lang] MintMaker with ACLs
> At 02:01 PM 1/31/01 -0500, Ralph Hartley wrote:
> >What would be the effect of quantum computation on the basic 
> design of 
> >security systems? It is clear that the effect would be 
> substantial, but 
> >would it be total? That is, could old principles and designs 
> still be 
> >used, with relatively small changes to block new threats and 
> exploit new 
> >possibilities, or would you have to basically start over 
> from scratch? 
> >Is the design of E one that would survive?
> >
> >Quantum computing would allow new threats to security, and new 
> >capabilities, some of which might be completely impossible in 
> >conventional computation.
> >
> >An example of a new threat would be the fact that quantum 
> computers are 
> >known to efficiently solve some problems believed to be very 
> hard for 
> >conventional computers. The most famous of these if factoring the 
> >product of two primes, but there are others. Anything that 
> relied on the 
> >difficulty of such a problem for its security would be compromised.
> All of the discrete log public key algorithms are isomorphic 
> to factoring,
> and so can be attacked by quantum computers.  I am not sure about the
> ecliptic curve algorithms, but I think they are also vulnerable.
> E uses public key algorithms for identifying vats, and for 
> encryption and
> message-authentication key agreement.  These functions will have to be
> replaced, or their security enhanced by using longer keys.  
> (I have a vague
> memory that the required key length is only painfully slow 
> with today's
> computers.  Please tell me if I am wrong.)
> _______________________________________________
> e-lang mailing list
> e-lang@mail.eros-os.org
> http://www.eros-os.org/mailman/listinfo/e-lang