Re: QC-proof cipher?



Unruh wrote:
Ie, the search requires 2^256 queries of the encryption function if you
know what the plaintext is (known plaintext attack).

You don't need to know the plaintext, just be able to algorithmically
distinguish it from pseudorandom bits.

a way of getting it to evaluate the encryption function in a reversible
manner must be found (Probably not difficult).

Trivial. Building the computer is the only hard part here. That and the 2^256 complexity of the attack, of course.

-- Ben
.