6

1

If quantum computers advance to the point where they can defeat RSA, DSA, SHA (and really all existing classical public key encryption or and authentication) then it appears that it would be impossible to make secure transactions on the internet.

It would be impossible to maintain the security of user accounts for social media, amazon, eBay, online banking, etc. It seems that the economic repercussions of this would be catastrophic on a global scale.

What measures can be taken against attacks on cryptosystems by quantum computers?

At lest for now, I see a big problem with giving an answer that involves saying we could just use quantum encryption algorithms. The main reason is that in order for the encryption to be effective the end users would have to be in possession of a quantum encrypt/decrypt device. Not a problem for a bank or Amazon on their end, but a big problem for a guy trying to order a pizza on his smart phone.

If end users were not actually in possession of a small quantum computer, and instead used a cloud based service to access a quantum device an attacker could just target the last segment of the transaction (between a cloud service and their device).

For end users to possess quantum crypto devices one would need to bring the cost down to a few hundred dollars max or the average person would not be able to afford it. Right now most quantum systems are priced in the hundreds of thousands or millions of dollars range.

Also, all of the viable quantum systems I have seen run near absolute zero. I don't know of anyone who makes a dilution refrigerator the size of a AA battery. So you couldn't perform transactions on portable devices.

Is the only option then to classify all quantum crypto research until these problems can be solved?

1The government has of course classified all kinds of research in the past when they felt it was necessary. Some of Von Neumann's early papers on computers were kept secret for years. A lot of practical research about nuclear energy was and still is kept secret. There are plenty of other examples. But you are right, eventually someone else will discover the information one way or another. – user4574 – 2018-07-01T00:34:02.890

The computing power of classical computers is growing at an exponential rate over time following Moore's law. One problem I see with making larger and larger keys is that the number of q-bits in quantum computers is likely to also follow Moore's law. Since quantum computers can solve exponentially larger problems as the number of q-bits grows, the growth in computational power over time of quantum computers is likely to be an exponent of an exponent. At some point you won't be able to make a classical computer that can handle the key size you would need. – user4574 – 2018-07-01T00:45:13.797

@user96037: Classifying research is different from banning it, like your title suggests. And as for a quantum version of Moore's law, I'm not worried. You can always make a key size large enough that it should stand secure for the next 50 years. It might be HUGE, but it's always possible. Furthermore, as my answer suggests, you can also abandon public key cryptography and then quantum computers just give a square root speed-up on an exponentially growing cost, which means they are not really a threat there either. – user1271772 – 2018-07-01T01:11:20.707