Is bank account encryption resilient to Shor’s algorithm?

Shor’s algorithms could be applied to break RSA encryption: http://web.archive.org/web/20121115112940/http://people.ccmr.cornell.edu/~mermin/qcomp/chap3.pdf.

How are financial institutions planning for the day when there will be no secrets?

 

Add Comment
3 Answer(s)

The question could be posed: are they even planning for it…? But, at least, it seems that some other entities are working on this – researchers from Microsoft claim that they have developed a quantum-proof encryption scheme which requires only a 21% overhead (in their tests). Interestingly, their method appears to rely on the NP-Hardness of the Shortest Vector Problem (SVP), so perhaps the door is not quite closed.
Article from Technology Review
Microsoft’s paper
Ring Learning with Errors Problem (Wikipedia)

Add Comment

I believe recently NIST has done efforts to move towards quantum proof cryptography , I believe will change their algorithms in the future to quantum proof. Although I am pretty skeptical that they would do it in the short term, since the cost to change the whole banking hash algorithm would be inappropriately large.

Answered on May 11, 2016.
Add Comment

A fair question @Marcos, nevertheless the reality goes in a different direction.

While Shor’s Factoring can provide a method to open the cryptographically-protected content, there are other means that protect the content in parallel, so the whole task is not just to decipher a block of cryptic data ( if one already has a QC-engine ready & available to use for such trivial task, ehm, attack … ).

On the other hand, banks have much bigger issues recently — to meet all mandatory parts of the all moving regulatory rules ( which on it’s own becomes harder and harder throughout the last decade )

At the same time, banks know how to handle externalities of this sort. Banks do handle “broken protection” on a regular basis — false banknotes, credit/debit card frauds, various publicly discussed and privately kept IT/IS attacks’ based losses, different types of so called white-collar criminality or other cases of a brute-force robbery, so they have both steps and measures to live with the fact the levels of protection are balanced with losses they observe.

Ultimate protection does not mean a golden bullet or a sure option. It has to have balanced a costs/benefits ratio. Protecting ad-infinitum accrues CAPEX/OPEX costs that even a Cold War MIL-STD crypto systems have to fix federal  budgeting resources for some 50+ years to cover and survive with.

Answered on May 11, 2016.
Add Comment

Your Answer

By posting your answer, you agree to the Terms & Privacy policy.