quantum Quantum computing and Encryption

[sun_day 0]

With the latest revelation from google about Quantum Computing, I would like to know how safe arewith with Airvpn? What is the best encryption method and how do we implement it .

[OpenSourcerer 1435]

What we're using right now, possibly ChaCha20 for embedded devices in the future.

We have no chance against quantum computers with classic cryptography, but quantum cryptography is being developed parallel to the computer itself. Right now, though, quantum computers are a great research project good for one use only: Eating up energy

[NoiselessOwl 26]

Agreed with giganerd. Regarding to Google milestone with quantum computing didn't mean the fall of the classic cryptography yet. Quantum Computing is extremely new and usually occurred in the research lab. It will stay in the research lab for good reason. New technology that appeared from R&D likely will release to the professional/consumer market in 10, 20 or 30 years later. The major factor is that they are extremely high cost, use materials that contributed to higher cost, likely to consume much energy which is not feasible with the current climate. For now, they need to develop a way to bring the cost down and improving the efficiency which that will take a long time. Remember the news about Carbon Nanotube? The one that can be used as logic gates in the CPU, why we are not seeing that in the professional and consumer market? That because Carbon Nanotube have a very extensive expensive production to produce a small yield of it. Again, we will not see carbon nanotube in the consumer market for a long while until they figure a way to bring the cost down and produce a higher yield.

For now we are safe with the current encryption method. By the time when quantum computing is viable for governments (later pro/consumer market) to use, the quantum-resistant encryption will be out and ready to use. We have the time to get to that point. For now, don't freak out and just mellow out for a bit.

[Staff 9971]

On 10/24/2019 at 7:45 PM, sun_day said:

With the latest revelation from google about Quantum Computing, I would like to know how safe arewith with Airvpn? What is the best encryption method and how do we implement it .

Hello!

Your message is from 2019 and in the meantime new challenges and problems arose in quantum computing, but anyway we have an important update. We offer WireGuard with per-client pre-shared key for post-quantum resistance, so we're ready, in the extremely unlikely event that a powerful quantum computer could work effectively during our life time. WireGuard pre-shared key is offered by default, you don't need any specific action.

Kind regards
 

[kbps 29]

On 2/16/2023 at 10:18 AM, Staff said:

Hello!

Your message is from 2019 and in the meantime new challenges and problems arose in quantum computing, but anyway we have an important update. We offer WireGuard with per-client pre-shared key for post-quantum resistance, so we're ready, in the extremely unlikely event that a powerful quantum computer could work effectively during our life time. WireGuard pre-shared key is offered by default, you don't need any specific action.

Kind regards
 

Thanks air.  Noticed the server status page now says. 

WireGuard Ciphers: ChaCha20-Poly1305, Post-quantum resistance So came looking for an explanation.  Is there going to be an official announcement in the announcement thread?

[Staff 9971]

@kbps

Hello!

Not really, because the feature is included in our WireGuard setup since the very beginning, when we offered WireGuard as a beta feature some years ago.  If you want more information, please see here:
https://www.wireguard.com/protocol/

In this way we can implement a recognized as quantum-resistant cipher if needed, according to our customers request . You may ask why don't you pick one PQ cipher right now? You already configured the most part!

We have excellent reasons not to do so right now:

1. It's premature. In spite of the hype, currently a quantum computer doesn't work for any practical purpose to break even the weakest encryption algorithm and in the last 40 years or so the expected date to have a working quantum computer capable to perform something more than basic arithmetic have been shifted decade after decade. Research has progressed more slowly than ultra-optimists expected. To break RSA 2048 in a reasonable time a rigorous simulation shows that you need at least 1 million (probably up to 10 millions) of physical qubit (you need probably at least 10'000 logical qubits, and due to the astronomically high error rate of qc, to rely on them you need ~ x100 physical qubits). Nowadays the biggest companies are struggling to beat 433 logical qubits qc (IBM promised 1000 logical qubits machine within the beginning of 2024).
2. It hits performance. Some promising PQ ciphers use 64 KB or larger public and private keys and you will notice a performance hit if you have a Gbit/s line and you're used to the high performance our infrastructure is normally capable to provide. The load both on server and client will increase.
3. It exposes our customers to unnecessary risks. Post-quantum algorithms are far less well-studied. Any PQ algorithm, that today is considered safe, can be compromised tomorrow by "classical" computes.. It happened already to SIKE, which before the spectacular fall was considered one of the strongest and best algorithm for Diffie-Hellman key exchange in a post-quantum world. It was cracked in a matter of hours a few months ago with a program running in a single thread of a single core of a desktop CPU.  SIKEp434 was broken within approximately an hour, SIKEp503 cracking required 2 hours, SIKEp610 8 hours and SIKEp751 21 hours. See also https://www.securityweek.com/nist-post-quantum-algorithm-finalist-cracked-using-classical-pc/

So, we have the infrastructure ready to add a PQ cipher, when and above all if it will be necessary, without exposing you to risks of cracking by classical computers and/or "performance hit for nothing".

Kind regards

 

[ss11 15]

There is absolutely no sense to worry $today about quantum computers. From what I was able to read, the most expensive one built barely computed a square root of a small number, which you could easily do in your head. The research is now blocked at something else than adding qbit capacity to chips - for example, there is no good known method to have error correction or data validation with a quantum computer. In simple words, if you give it an operation to compute that is too advanced for a regular computer nowadays, and the quantum computer reaches a result, there is no good clear way to actually know if that result is accurate.  This is a more complex problem than you might think, because we live in an universe where anything can be in one place at a given time. Qbits tend to manipulate this assumption, and change "position" when queried, thus making an error verification algorithm hard to come up with. Many people (much smarter than me) are convinced it's quite impossible to work... we'll see how it evolves in time, it's a nice research project.