Larger keys won't make the algorithms quantum-safe either.

Tostino · 2025-01-08T16:31:55 1736353915

If I'm not mistaken, larger keys require more qbits in a machine to all be coherent together to be able to break it.

So it would be a slight increase in complexity, but if we are able to build a machine with enough qbits to crack 1024 keys, I don't think the engineering is all that far off from slightly scaling things up 2x-10x.

dist-epoch · 2025-01-08T17:27:55 1736357275

Which is why post-quantum algos were invented.

TacticalCoder · 2025-01-08T18:40:39 1736361639

> Which is why post-quantum algos were invented.

Yup. And I don't even think quantum resistance was the goal of some of the algos that, yet, happen to be believed to be quantum resistant. Take "Lamport signatures" for example: that's from the late seventies. Did anyone even talk about quantum computers back then? I just checked and the word "quantum" doesn't even appear in Lamport's paper.

bawolff · 2025-01-08T20:19:48 1736367588

> Did anyone even talk about quantum computers back then?

Not unless they have a time machine. Shor's algorithm was discovered in the 90s (sure the concept of a quantum computer predates that, but i don't think anyone really realized they had applications to cryptography)