The idea of "appear to be resistant to attack" is an empirical one. When someone... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

doomrobo on April 11, 2024 | parent | context | favorite | on: Quantum Algorithms for Lattice Problems

The idea of "appear to be resistant to attack" is an empirical one. When someone says that, they are saying that we simply have not found a good attack against this problem. That can change any day, in principle. Unfortunately, "we don't know of an attack" is about as strong a statement you can make in cryptography, when talking about a fundamental hardness assumption. More verbosely, you'd say "the best known attacks take 2^whatever operations on a computer (classical or quantum), and that's expensive, so we're probably fine unless someone makes a significant leap tomorrow"

adgjlsfhk1 on April 11, 2024 [–]

imo, this isn't quite true. there are a lot of areas where we can say "this looks sufficiently secure for now, but given the rate of advancement in this area in the last decade, we expect it will probably lose a few bits of security in the next decade"

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact