![]() ![]() One may say that quantum computers do not actually exist (not "true" QC, the kind which can eat RSA at breakfast), and when they exist (if that ever happens) then they will be very expensive at first. See this answer for examples of password entropy calculations. ![]() Say, aim for 120 bits of password entropy, and you should be all fine. In the context of password-based encryption of a file, where the key is (derived from) a password, you are in the "symmetric" world, so if you fear quantum computers then it "suffices" that you choose a password with twice as much entropy. Roughly speaking, an n-bit key offers resistance 2 n/2 against a QC (compared to 2 n for a classic computer). To put it in simple (and somewhat simplistic) terms:Ī quantum computer, if it ever exists, will totally break the most used asymmetric encryption and key exchange algorithms (RSA, ElGamal, Diffie-Hellman.) but not all asymmetric algorithms (QC does not break the concept of asymmetric encryption, only some of its incarnations).įor symmetric encryption, key space exhaustive search is faster, but still expensive. Actually quantum computers are not that much a threat for symmetric encryption. ![]()
0 Comments
Leave a Reply. |