[Cfrg] naive question: QC vs RC vs Moore-blip

Dan Brown <danibrown@blackberry.com> Mon, 08 May 2017 15:31 UTC

Return-Path: <danibrown@blackberry.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 122951294B3 for <cfrg@ietfa.amsl.com>; Mon, 8 May 2017 08:31:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.098
X-Spam-Level:
X-Spam-Status: No, score=0.098 tagged_above=-999 required=5 tests=[BAYES_50=0.8, RCVD_IN_DNSWL_LOW=-0.7, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SN9soBNRe3Ql for <cfrg@ietfa.amsl.com>; Mon, 8 May 2017 08:31:06 -0700 (PDT)
Received: from smtp-p01.blackberry.com (smtp-p01.blackberry.com [208.65.78.88]) (using TLSv1.2 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7E6901294C8 for <cfrg@irtf.org>; Mon, 8 May 2017 08:31:06 -0700 (PDT)
Received: from xct104cnc.rim.net ([10.65.161.204]) by mhs210cnc.rim.net with ESMTP/TLS/DHE-RSA-AES256-SHA; 08 May 2017 11:31:05 -0400
Received: from XMB116CNC.rim.net ([fe80::45d:f4fe:6277:5d1b]) by XCT104CNC.rim.net ([::1]) with mapi id 14.03.0319.002; Mon, 8 May 2017 11:31:04 -0400
From: Dan Brown <danibrown@blackberry.com>
To: "cfrg@irtf.org" <cfrg@irtf.org>
Thread-Topic: naive question: QC vs RC vs Moore-blip
Thread-Index: AdLIDxLailn8AM7oS6K3HHWy2z/Eag==
Date: Mon, 08 May 2017 15:31:03 +0000
Message-ID: <810C31990B57ED40B2062BA10D43FBF501B13ECA@XMB116CNC.rim.net>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.65.160.249]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/1Q6d6RfM2b0IS9xs-uYd2_bCsT4>
Subject: [Cfrg] naive question: QC vs RC vs Moore-blip
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Mon, 08 May 2017 15:31:08 -0000

Dear CFRG,

Please forgive my naivety on the matters below.
 
If quantum computers are realistic enough to warrant standards changes (now or soon), then what about other hypothetical computers, such as:

(1) computers that can do super high-precision, as in the "real computation" model (or whatever variant of this model that can implement Shamir's algorithm to factor using super-large integers in a polynomial (even linear?) number of integer arithmetic steps),

(2) sudden (single) blips exceeding the usual Moore's law (and variants) for future computing power (e.g. are sudden and new 100x faster transistor material, superconductors, photonics, less realistic than quantum computers)?

I don't know the established answers, but would speculate:

(a) quantum computers are deemed more realistic than each of (1) and (2),

(b) model (1) is known [?] to affect all algorithms equally, so we must just give up on it,

(c) most justifications for 128-bit security already include a margin of error for risk (2),

(d) 256-bit security (and variants) are meant to deal with (2).

Are these the established answers, or is there better answers? 

As a research issue, I'd like to know more about (b), if it is correct.

I'd like to know more about (a), the why of it, but am unlikely to understand.

Best regards,

Dan Brown