SciAm reports:
This demonstration of his recently discovered laws of perspective is said to have occurred sometime between 1415 and 1420, if his biographers are correct. The use of the laws of perspective amazed bystanders, altered the course of Western art for more than 450 years and, more recently, led to mathematical discoveries that enable elliptic curve cryptography. This is the security scheme that underpins Bitcoin and other cryptocurrencies and has become a fast-growing encryption method on other Internet platforms as well.The article explains how the above art inspired projective geometry, over the next few centuries.
You would think that Microsoft and Google would be able to quickly adapt to a superior software technology, but that has not happened.
Elliptic curve cryptography is a relative latecomer to the encryption game. The first suite of tools did not appear until 2004, far too late to become a standard for the Web but early enough to adopted by the inventors of Bitcoin, which launched in 2009.Current thinking is to abandon elliptic curve cryptography, and switch to new quantum-resistant protocols.Its status as the de facto standard for cryptocurrencies made people more familiar with it and more comfortable implementing it, although it still lags behind RSA encryption, the standard method in use today, by a wide margin.
Yet elliptic curve cryptography has distinct advantages over RSA cryptography: it provides stronger security per bit and is faster than RSA. An elliptic curve cryptographic key of just 256 bits is roughly as secure as a 3,072-bit RSA key and considerably more secure than the 2,048-bit keys that are commonly used.
The trouble is, if the industry could not switch from RSA to ECC, how will it switch to quantum-resistant?
ECC is superior to RSA in every respect, except compatibility with ancient systems. ECC is is faster, more secure, less error-prone, and smaller. The new quantum-resistant methods will be worse in all those things, except that it will supposedly resist some quantum computer that might be built in 50 years.
Most people think that non-euclidean geometry means curved manifolds, such as a sphere or hyperbolic space. But the original non-euclidean geometry was projective geometry. Projective geometry also indirectly led to the discovery of relativity.
Think of it this way. A geometry could be defined by the formula for the distance between two points. On a more elementary level, a geometry can be defined by what the lines are. In special relativity, the light rays are the lines of particular interest, and they are different from Euclidean geometry.
I agree, the breathless headlong rush to change over to completely unproven "post-quantum" ciphers is extremely foolhardy! The existing public key ciphers we have have withstood tons of collaborative scrutiny and constant attack, and the mathematics behind them are well studied and understood. Not so with all these new-fangled "post quantum" ciphers that are created and understood by a few. I do know that in many encoding schemes, sometimes when you try to increase entropy(i.e. randomness or uncertainty) by performing some algorithmic computation on your data, you actually end up inadvertently DECREASING the entropy. An instance of this would be trying to encipher a plain text message multiple times with a single cipher. The layman would say "well see there that just scrambles things up even more!", while in reality it opens up vulnerabilities! Indeed something like this could occur with these new cockamamie post quantum schemes. This is much better understood with the standard number theoretic ciphers we all use now. Also, if I'm wrong (you see, I can hypothetically accept that possibility, unlike zany dogmatic types like Scott Aaronson), there is the McEliece cipher that can be used in the advent "quantum computing" is realized. That is lattice based encryption and is not based on number theoretical NP-indeterminate problems for its security (what RSA and ECC use). That would make it resistant to the supposed sped up cryptanalytic algorithms that could supposedly be run a quantum computer. McEliece cipher has been around a while, and while not perfect, I would jump to that in case of a huge "quantum" emergency situation. But I always like to joke that "OTP is my post quantum cipher suite" (OTP being "one time pad"). That jocular statement tends to enrage the quantum weenies quite a bit.
ReplyDeleteMy guess is that the USA govt will switch to quantum resistant cryptography, and encourage everyone else to switch, but few will until RSA and ECC are broken.
ReplyDeleteLet's hope the contractor who gets the contract to patch federal TLS systems with "post quantum ciphers" isn't the same one that did the Obongocare website
Delete