How quantum physics can make encryption stronger | Vikram SharmaHe starts with scare stories about data breaches, including saying that the cyberthreat is now affecting our democrat processes because some Democrat National Committee emails were stolen.
Tuesday, March 27, 2018, 7:58 AM
As quantum computing matures, it's going to bring unimaginable increases in computational power along with it -- and the systems we use to protect our data (and our democratic processes) will become even more vulnerable. But there's still time to plan against the impending data apocalypse, says encryption expert Vikram Sharma. Learn more about how he's fighting quantum with quantum: designing security devices and programs that use the power of quantum physics to defend against the most sophisticated attacks.
Except that we don't actually know that a cyberattack had anything to do with those emails. It was widely reported that 17 intelligence agencies looked at this, but in fact none did, as the DNC refused to let the FBI look at the servers, presumably because they contained incriminating data.
Many also believe that DNC insider Seth Rich leaked those emails to WikiLeaks.
It also appears that these leaks improved our democratic processes because they exposed primary favortism and fundraising collusion within the DNC.
And his companies products would not be any help. He brags about a product that generates "true random numbers" by hardware, not software. And he raves about the potential of quantum key distribution.
His products and plans are nearly worthless. Random numbers are not hard. The following method has been around for 25 years or so. Flip a coin 160 times. Apply SHA-1 repeatedly to this bit string followed by a counter, to generate all the random numbers you want.
Quantum key distribution doesn't really solve any problems, because you need to replace all your routers with quantum computers, and because you cannot authenticate anything, and because it is nearly impossible to make equipment that matches the theoretial models.
He also repeats this nonsense that physical assurances of security are somehow better than mathematical assurances. He and others in this field like to say that they are relying on the laws of physics to be truly uncrackable, instead of math-based cryptography that has shown to be fallible again and again.
I can't think of a single example of a business or orgranization that suffered some loss because of a break in math-based cryptography, when the system was following generally accepted best practices. That goes for DES, RSA, SHA, DSA, ECDSA, etc. Systems have been broken because of bugs and implementation flaws and even hardware failures, but not from breaking the math.
On the other hand, the quantum key distribution devices have all been broken.
QKD theory will make assumptions like the device emitting a single photon with a particular frequency and polarization, and a detector will measure that photon's polarization. This sort of precision is physically impossible. You can emit light that is probably 0, 1, or 2 photons in approximately the right color and orientation. But you need special info that might leak info in a hardware attack.