If Alice and Bob have a secure channel for key exchange and Mallory doesn't man-in-the-middle attack them, but in the future eavesdrops on their connection and sees the key exchange, can Mallory break it like RSA with a quantum computer?
Asked
Active
Viewed 6,111 times
7
-
1While the title (after moving is at the beginning) makes a good question, the body has problems: it is assumed "a secure channel for key-exchange", when I think it should be assumed "an insecure channel over which it is performed Diffie-Hellman key exchange"; also "in the future eavesdrop connection and see the key exchanged" likely should be "eavesdrops the messages in a key exchange, and saves that for attack in the future". Ah and only Alice gets caps :-) – fgrieu Dec 07 '12 at 11:28
1 Answers
14
A quantum computer solves the discrete logarithm problem for both finite fields and elliptic curves. Being able to efficiently calculate discrete logarithms implies being able to break Diffie-Hellman, so Diffie-Hellman on either of them is not secure against an adversary who owns a large quantum computer.
There might be other groups in which DL problem is hard even against a quantum computer, but I've never heard of such a group.
CodesInChaos
- 24,841
- 2
- 89
- 128
-
-
2@mary Leave that to your other question, and don't ask new questions in comments. – CodesInChaos Dec 07 '12 at 11:32
-
Is there a paper you know that talks about the quantum algorithm you mention in more detail? – ions me Nov 01 '22 at 22:44
-
@IonSme It's called Shor's algorithm and can break RSA/factoring, DLP, EC-DLP. – CodesInChaos Nov 02 '22 at 08:02