News: 0175285749

  ARM Give a man a fire and he's warm for a day, but set fire to him and he's warm for the rest of his life (Terry Pratchett, Jingo)

Debunking Hype: China Hasn't Broken Military Encryption with Quantum (forbes.com)

(Saturday October 19, 2024 @05:34PM (EditorDavid) from the quantum-leaps dept.)


An anonymous reader shared [1]this report from Forbes :

> Recent headlines have proclaimed that Chinese scientists have hacked "military-grade encryption" using quantum computers, sparking concern and speculation about the future of cybersecurity. The claims, largely stemming from a recent [2] South China Morning Post article about a Chinese academic paper published in May, was picked up by many more serious publications.

>

> However, a closer examination reveals that while Chinese researchers have made incremental advances in quantum computing, the news reports are a huge overstatement. "Factoring a 50-bit number using a hybrid quantum-classical approach is a far cry from breaking 'military-grade encryption'," said Dr. Erik Garcell, Head of Technical Marketing at Classiq, a quantum algorithm design company. While advancements have indeed been made, the progress represents incremental steps rather than a paradigm-shifting breakthrough that renders current cryptographic systems obsolete. "This kind of overstatement does more harm than good," Dr. Garcell said. "Misrepresenting current capabilities as 'breaking military-grade encryption' is not just inaccurate — it's potentially damaging to the field's credibility...."

>

> In fact, the Chinese paper in question, titled Quantum Annealing Public Key Cryptographic Attack Algorithm Based on D-Wave Advantage, does not mention military-grade encryption, which typically involves algorithms like the Advanced Encryption Standard (AES). Instead, the paper is about attacking RSA encryption (RSA stands for Rivest-Shamir-Adleman, named after its creators)... While factoring a 50-bit integer is an impressive technical achievement, it's important to note that RSA encryption commonly uses key sizes of 2048 bits or higher. The difficulty of factoring increases exponentially with the size of the number, meaning that the gap between 50-bit and 2048-bit integers is astronomically large.

>

> Moreover, the methods used involve a hybrid approach that combines quantum annealing with classical computation. This means that the quantum annealer handles part of the problem, but significant processing is still performed by classical algorithms. The advances do not equate to a scalable method for breaking RSA encryption as it is used in practical applications today.

Duncan Jones, Head of Cybersecurity at Quantinuum, tells Forbes that if China had actually broken AES — they'd be keeping it secret (rather than publicizing it in newspapers).



[1] https://www.forbes.com/sites/craigsmith/2024/10/16/department-of-anti-hype-no-china-hasnt-broken-military-encryption-with-quantum-computers/

[2] https://www.scmp.com/news/china/science/article/3282051/chinese-scientists-hack-military-grade-encryption-quantum-computer-paper



Duh (Score:3)

by gweihir ( 88907 )

I said pretty much the same thing a few days ago. Because it was frigging _obvious_.

Re: (Score:2)

by ArmoredDragon ( 3450605 )

First I've heard of this at all, but the first thought in my mind while reading it was "50-bits of ... symmetric? assymetric? if the latter, ecc, rsa?"

I'm not even an expert at cryptography or anything remotely approaching it, so if I'm asking that, then why aren't journalists? At least Forbes had the sense to ask somebody who is an expert in this case.

Need a tag +IN_10_YEARS+ (Score:2)

by will4 ( 7250692 )

News media stylebooks should require an "+IN_TEN_YEARS+" tag to these stories because they are always going to promise the solution will be cheap, available, helping citizens everywhere, cooling the planet just enough, feeding marginalized women and children, proving ever cleaner water, sending every child to college, and curing cancer in ten years.

Re: (Score:2)

by 93 Escort Wagon ( 326346 )

Guess you should've submitted your comments to Forbes... might've made a few bucks!

Re: (Score:3)

by fluffernutter ( 1411889 )

It's also obvious that current LLM AI will never have reasoning and camera-based self driving will never work, but look at all the hype over those.

I knew this was bullshit (Score:4, Insightful)

by paul_engr ( 6280294 )

If they broke AES, they either would A. Not say shit and save it for something big or more likely B. We'd wake up to a broken internet because the attack had been deployed at scale to wreck the internet. A and B are two points on one timeline.

Re: (Score:2)

by 93 Escort Wagon ( 326346 )

What's AES got to do with the internet?

Re: (Score:1)

by JBeretta ( 7487512 )

> What's AES got to do with the internet?

Really?

AES encryption is commonly used in a lot of ways, including wireless security, processor security, file encryption, and SSL/TLS.

Re: (Score:2)

by 93 Escort Wagon ( 326346 )

Obviously I'm missing something. The asymmetric encryption used for SSL/TLS is not AES, right? It seems like if you haven't broken that, then you wouldn't be able to grab the symmetric encryption key, so you'd have to just keep brute-forcing all of the (post handshake) traffic... which seems impractical for general use.

Re: (Score:2)

by bjoast ( 1310293 )

Oh, only everything.

"Here's your winnings, sir!" (Score:3)

by Tablizer ( 95088 )

It's only a rumor that the Military Industrial Complex spreads rumors about enemy super-weapons when they crave cash.

Re: (Score:3)

by RossCWilliams ( 5513152 )

Actually its the media that spreads rumors like this because they make better clickbait. As a local politician once said "rumor has it" and someone asked where he heard that rumor the said "I just started it." It was an interesting rumor and widely reported and, not coincidentally, served the interests of the local politician and the people who spread it including the people in the room where the rumor started.

and off topic. It will no doubt be used to train AI. I have wondered how "intelligence" can be t

Re: (Score:1)

by Tablizer ( 95088 )

> As a local politician once said "rumor has it"...

Now it's, "Many people are saying..."

Re: (Score:2)

by RossCWilliams ( 5513152 )

No, that's the media's way of reporting it. "Many people are saying" sounds more authoritative than "rumor has it". It implies you have heard it from many sources making it more credible than just a rumor. Once you take all of the vaguely identified sources and unverified claims out of a news story there often isn't much left that is all that interesting.

Smells really bad in here (Score:2)

by paul_engr ( 6280294 )

50 bit! 128 bit md5 was busted 19 years ago on a pentium 4 box. Great progress! I'm not a cryptographer

I knew it was nonsense... (Score:2)

by MpVpRb ( 1423381 )

...when I saw the headline

Unfortunately, there is a LOT of nonsense floating around as wannabe influencers fish for eyeballs and clicks

SCMP is no longer a reliable source so no surprise (Score:3)

by Zontar_Thing_From_Ve ( 949321 )

For those who don't know, SCMP has been the biggest English language newspaper in Hong Kong for a long time. It was a pretty reliable source until recent changes in the law made damn near everything that doesn't kiss China's ass a crime against the state. It's just a shill for the CCP now. I don't trust them for anything. One of their main opinion writers gets paid to write a daily column on how much America sucks, how Hong Kong is freer than it ever was in the past, and all glories to the CCP, the savior of Hong Kong. So yeah, anything they post about how China did something great should be suspect.

"I changed my headlights the other day. I put in strobe lights instead! Now
when I drive at night, it looks like everyone else is standing still ..."
-- Steven Wright