There a number of security assumptions in *nix and WindowZ operating systems with regard to passwords, encryption and more. Do these assumptions fail on a Quantum computer (that we have yet to see)? I have not yet seen a discussion of an OS that is crypto strong to deploy on quantum hardware that is well capable of cracking oldschool encryption mind set assumptions. I am not sure Quantum hardware qualifies as a primary CPU for the OS but it might. Is it sufficient to toss any older encryption method that is not quantum resistant and replace with resistant methods? Even as an IO channel slave device they are potentially able to amplify a modest exploit (as are GPU devices today) but more so. Are people thinking about the OS side of this? Thanks, Tom -- T o m M i t c h e l l _______________________________________________ The cryptography mailing list cryptography@metzdowd.com http://www.metzdowd.com/mailman/listinfo/cryptography

Den fre 3 maj 2019 03:42Tom Mitchell <mitch@niftyegg.com> skrev: > There a number of security assumptions in *nix and WindowZ > operating systems with regard to passwords, encryption and more. Do these > assumptions fail on a Quantum computer (that we have yet to see)? > (First of all, disclaimer: I'm not an expert on this. The information below is a summary of what I've read about quantum computers so for.) The typical quantum computer won't run an OS in the quantum components. They'll just repeat the same algorithm over and over. Every construction proposed so far uses classical computers, qubit hardware (superconductors, suspended electrons, etc), something that link together the qubits, and control hardware. From an algorithmic perspective, the quantum setup is treated as a blackbox function. They don't really have an equivalent for continous threads/processes (yet, if ever). The internal state loses the quantum properties when you read it out. The classical computer programs the qubits via the control hardware, then performs a readout, checks the results, starts over if the result isn't correct. > I have not yet seen a discussion of an OS that is crypto strong to deploy > on quantum hardware that is well capable of cracking oldschool encryption > mind set assumptions. > I am not sure Quantum hardware qualifies as a primary CPU for the OS but > it might. > I can note that in the case of actual networked quantum computers and quantum information networks (communicating by entangled photons, etc), there are indeed classical algorithms otherwise assumed secure that fail, because the act of linking two quantum computers expose more private information than classical communications would expose. Quantum key recovery on AEZ: https://eprint.iacr.org/2017/767.pdf Is it sufficient to toss any older encryption method that is not quantum > resistant and replace with resistant methods? Even as an IO channel slave > device they are potentially able to amplify a modest exploit (as are GPU > devices today) but more so. > As seen above, if you have quantum communications, then no. Otherwise, if you're only communicating the results of symmetric algorithms and other quantum resistant algorithms with classical communications, then yes. > Are people thinking about the OS side of this? > > Thanks, > Tom > > > > -- > T o m M i t c h e l l > _______________________________________________ > The cryptography mailing list > cryptography@metzdowd.com > http://www.metzdowd.com/mailman/listinfo/cryptography _______________________________________________ The cryptography mailing list cryptography@metzdowd.com http://www.metzdowd.com/mailman/listinfo/cryptography

On Fri, May 3, 2019 at 2:01 AM Natanael <natanael.l@gmail.com> wrote: > > > Den fre 3 maj 2019 03:42Tom Mitchell <mitch@niftyegg.com> skrev: > >> There a number of security assumptions in *nix and WindowZ >> operating systems with regard to passwords, encryption and more. Do these >> assumptions fail on a Quantum computer (that we have yet to see)? >> > > (First of all, disclaimer: I'm not an expert on this. The information > below is a summary of what I've read about quantum computers so for.) > > The typical quantum computer won't run an OS in the quantum components. > They'll just repeat the same algorithm over and over. > > Every construction proposed so far uses classical computers, qubit > hardware (superconductors, suspended electrons, etc), something that link > together the qubits, and control hardware. From an algorithmic perspective, > the quantum setup is treated as a blackbox function. > ..... > Quantum key recovery on AEZ: https://eprint.iacr.org/2017/767.pdf > >> >> Thank you. It seems that the early hardware will be connected to cloud hardware. That does make the cloud host a target, from inside or outside. Black boxes ;-) So it seems prudent to tighten up cloud OS systems and policy yesterday knowing how long it takes to retire a cryptographic method and how quickly hardware can be connected to a cloud system. Key management will be interesting. Thank you > -- T o m M i t c h e l l _______________________________________________ The cryptography mailing list cryptography@metzdowd.com http://www.metzdowd.com/mailman/listinfo/cryptography