Re: QC-proof cipher?
- From: Peter Fairbrother <zenadsl6186@xxxxxxxxx>
- Date: Tue, 23 May 2006 21:47:52 +0100
Paul Rubin wrote:
Peter Fairbrother <zenadsl6186@xxxxxxxxx> writes:
Does anyone know of a secure symmetric cipher which is known to be
resistant to quantum computation techniques?
"Known"? There isn't even a symmetric cipher "known" to be resistant
to conventional computation techniques, let alone quantum computing.
I realise that. Perhaps I misspoke. If we want to be picky, there is only
one "secure" symmetric cipher too, OTP.
What are you really asking?
Isn't it obvious? I'm looking for a symmetric cipher (or even a hash)
designed with resistance to QC in mind.
I'd like a reasonable level of assurance. AES level would be good but almost
certainly not available, even hasty-pudding-level would be good - but
designed under the assumption that qc's are available to the attacker.
I'm preferably looking for something around 512 bits key and 512 bits block
size, for long-term future-proofing.
I'm not getting into the question of whether QC's will exist, or when, just
whether anyone has designed a half-decent or better cipher with resistance
to QC techniques in mind.