cross-posted from: https://lemmy.world/post/2112774

There’s a growing concern that “bad-actors” are amassing troves of encrypted data, and storing it away for possible future decryption using quantum computers. Many services have put in efforts to make certain that their encryption algorithms are “quantum-safe”, so as to protect against such attacks. Has Matrix done the same?

  • Platform27@lemmy.ml
    link
    fedilink
    arrow-up
    25
    arrow-down
    1
    ·
    edit-2
    1 year ago

    Until quantum computers actually exist, I wouldn’t believe a lot of the marketing you hear about “quantum encryption “. Every time I think about this subject I think about that case where their “quantum encryption” was broken, by a regular (decade old) computer, within an hour:

    https://www.theregister.com/2022/08/03/nist_quantum_resistant_crypto_cracked/

    Right now it’s all marketing, with some nice research. Right now we need regular, actually useable encryption.

  • The Bard in Green@lemmy.starlightkel.xyz
    link
    fedilink
    arrow-up
    15
    ·
    edit-2
    1 year ago

    I don’t 100% agree with the poster that said it’s all hype. Is it a very young technology? Yes. Is more testing needed? Yes. But while some new algorithms have been found to be vulnerable, as per @Platform27’s linked article, others have been heavily tested.

    That same year, NIST actually selected an encryption method called Kyber CRYSTALS, which is so far, a safe algorithm. One implementation of Kyber has been found to be be vulnerable to side channel attacks:

    https://therecord.media/a-key-post-quantum-algorithm-may-be-vulnerable-to-side-channel-attacks

    IF you have a big ass neural network and time / expertise to spend training it. But that was just that one implementation. Other people are trying to attack this algorithm (and there are rewards / bounties out there to incentivize research) and so far it’s solid. Cloudflare offers it as an encryption option, and Microsoft has build an OpenVPN implementation that can leverage it (my company is planning to offer it to our customers as part of a VPN solution as well).

    I think the Quantum Skeptics are going to be right until they’re wrong, just like the people who thought something like GPT-4 was 5-10 years away… until suddenly it wasn’t and I applaud you thinking about it at this stage.


    So, let’s answer your question. Is Matrix’s encryption quantum safe? The answer is… Maybe. Or at least “partly.”

    Matrix uses something called a “double ratchet” encryption solution, which is interesting in that it starts with asymmetric encryption, using a variant of your standard Diffie Hellman PKE (which is EXACTLY the kind of encryption that is vulnerable to Shor’s algorithm - aka NOT quantum safe) but then it uses that to “ratchet” to a symmetric encryptions scheme (which are NOT KNOWN to be vulnerable to quantum algorithms). I emphasize the “not known” because who knows what kind of witchy magic nonsense is hiding in quantum enabled mathematics (and might be too complex for humans to handle and only uncovered by future LLMs leveraging quantum processors). We just don’t know. We DO know that some post quantum crypto schemas specifically cannot be cracked by quantum processors (but then they might turn out to be vulnerable to conventional processors lulz).

    So Matrix is sort of quantum safe (but only because it leverages symmetric encryption, NOT because it leverages true post quantum asymmetric encryption). And it has to fall back on regular old, quantum vulnerable Diffie Hellman exchanges as to negotiate the initial key exchange… and if you can crack those, you might be able to extract the symmetric keys and then decrypt the symmetric encryption layer… IDK how feasible that would be, we’ll need an ACTUAL professional cryptographer to weigh in on that question… I’m just a netsec guy.

  • ExtremeDullard@lemmy.sdf.org
    link
    fedilink
    arrow-up
    4
    arrow-down
    1
    ·
    1 year ago

    Can you predict the future and what decryption technology will be available then?

    If you’re that worried and what you say is that sensitive, assume it will be compromised one day.