The problem is Quantum Computers. They might break my security and I wouldn't want that. [NB The utility of this is restricted to *symmetric* crypto. I cannot help with the threat to asymmetric crypto systems.]

What Quantum Computers do (in effect) is to carry out a particular calculation for all possible input values - at the same time. Think of it as the ultimate parallel computer carrying out all those pesky brute force attempts at once. It would make conventional encryption useless. Unless there was a chink in the Quantum Computer's armour. And there is.

The output of a Quantum Computer is a wave function, which is a superposition of all solutions of the problem. When you attempt to read it (by collapsing the wave function), just one of these appears. You have no choice which one, the selection is absolutely random. Not only that, you cannot duplicate the wave function. If you want another answer, you have to recalculate the whole thing over from scratch. If that wasn't enough, there's no way to tell how many solutions are superimposed in a given wave function, even if you are willing to sacrifice it.

The idea is this: arrange the mathematics of the encryption so that there are an infeasibly large number of solutions to a brute force decryption. This is acheived by using only part of each cypher block for data, the rest is filled with entropy, AKA salt (e.g. from /dev/random). For a 256bit cypher block, 128bits of data may combined with 128bits of entropy. This would give the QC a large number of solutions within the wave function (it should be at least 2^64), forcing the use of a great deal of time on the QC for each message.

The price you pay is a doubling of both encryption time and storage space.

To prevent the QC from exploiting relationships between consecutive cypher blocks, CBC and other block chaining methods should not be used. Further, the message should be compressed and entropy-padded to the next encryption boundary before encryption.

If you're thinking of using this in an application such as pgp or IPSEC, don't bother. The asymmetric keys will be attacked and broken long before conventional AES256. If you're thinking of encrypted disk partitions or encrypted swap space, then it could be of value.

NB The 2^64 figure above is a guess, which should be grossly conservative. The actual math is beyond me, so have this checked by a good mathematician with experience in Applied QM before rolling this out for serious applications. It should be safe, but unless you do the math (particularly with QM), you never *really* know.

What do you think of this idea or comment?
(You can change your vote at any time)

I agree

No opinion

I disagree