Featured in this episode of Chaos Lever
At the annual RSA conference, Adi Shamir and Clifford Cocks participated in a panel, making the argument that defending against quantum computers breaking encryption is a bit of a wild goose chase. The simple fact is that most encrypted communications are useless dreck, and decrypting it efficiently is not even in the realm of possibility with current quantum computers.
Asked whether folks should adopt “quantum safe” cryptography to future proof communications, Anne Dames from IBM agreed that fears are over-hyped, but the longer and more secure the keys, the better. There is a real computing cost involved with using longer keys, so that should be balanced against the sensitivity of your comms.
Of much greater worry is protecting against insider threats, where all the encryption in the world won’t save you if they already have the keys to the castle. Rather than tilting at quantum windmills that may or may not be there, organizations should instead invest their time and effort into protecting against more mundane and realistic threat vectors.