Is bank account encryption resilient to Shor’s algorithm?
Shor’s algorithms could be applied to break RSA encryption: http://web.archive.org/web/20121115112940/http://people.ccmr.cornell.edu/~mermin/qcomp/chap3.pdf.
How are financial institutions planning for the day when there will be no secrets?
The question could be posed: are they even planning for it…? But, at least, it seems that some other entities are working on this – researchers from Microsoft claim that they have developed a quantum-proof encryption scheme which requires only a 21% overhead (in their tests). Interestingly, their method appears to rely on the NP-Hardness of the Shortest Vector Problem (SVP), so perhaps the door is not quite closed.
Article from Technology Review
Microsoft’s paper
Ring Learning with Errors Problem (Wikipedia)
I believe recently NIST has done efforts to move towards quantum proof cryptography , I believe will change their algorithms in the future to quantum proof. Although I am pretty skeptical that they would do it in the short term, since the cost to change the whole banking hash algorithm would be inappropriately large.
A fair question @Marcos, nevertheless the reality goes in a different direction.
While Shor’s Factoring can provide a method to open the cryptographically-protected content, there are other means that protect the content in parallel, so the whole task is not just to decipher a block of cryptic data ( if one already has a QC-engine ready & available to use for such trivial task, ehm, attack … ).
On the other hand, banks have much bigger issues recently — to meet all mandatory parts of the all moving regulatory rules ( which on it’s own becomes harder and harder throughout the last decade )
At the same time, banks know how to handle externalities of this sort. Banks do handle “broken protection” on a regular basis — false banknotes, credit/debit card frauds, various publicly discussed and privately kept IT/IS attacks’ based losses, different types of so called white-collar criminality or other cases of a brute-force robbery, so they have both steps and measures to live with the fact the levels of protection are balanced with losses they observe.
Ultimate protection does not mean a golden bullet or a sure option. It has to have balanced a costs/benefits ratio. Protecting ad-infinitum accrues CAPEX/OPEX costs that even a Cold War MIL-STD crypto systems have to fix federal budgeting resources for some 50+ years to cover and survive with.
Hello @Marcos!
The first thing we need to realize before throwing your computer out of the window or be concerned about your privacy is this:
- Shor’s algorithm literally works, but you need a flawless quantum system, which we are very far from achieving.
- We have something called ‘BB84’ protocol which with his scheme of encryption, no fully flawless quantum computer could break (the encryption).
- Moreover, when ‘Quantum Computers’ would be that mainstream so that hackers could use it for hacking, the ‘BB84’ protocol would be installed a long time before on the ‘Banks’ or any other organization computers.
For now, I can’t possibly see a way that banks could improve their security; well, not until quantum computers could be used by them.
Thanks for the question’, and I hope I could help you find the right answer.
Sincerely, xelopden!
