The currently highest encryption is the RSA-2048 key. The researcher Ed Gerck Ph.D, physicist and mathematician, now claims to have cracked this using a quantum computer. If all of this were true, all companies would have to put the topic of post-quantum cryptography – i.e. quantum-secure encryption – at the top of their to-do list.
The news that researcher Ed Gerck claims to have cracked the RSA-2048 key is currently stirring up a lot of dust. He also claims to have achieved this with a commercial mobile phone or Linux desktop. Ultimately, this would mean that many encryptions for access and passwords in the future would be anything but secure. Gerck, a researcher and founder of Planalto Research, a self-described research institution, claims to have undermined the most secure version of the RSA security protocol. Ed Gerk is no stranger: he has been working in the field of encryption his whole life. At least that's what his own vita shows.
Researchers skeptical: RSA-2048 key cracked
Gerk has announced his success on various portals, like here on LinkedInHe himself writes in somewhat philosophical tones: "Today we were able to announce it. Quantum computing (QC) has become a reality. We have cracked the RSA-2048 key. Ron Rivest is a good friend, but this was necessary to make progress." You have to know that Ron Rivest is a cryptologist who developed the RSA encryption.
Gerk continues: "The version of QC (quantum computing) used here has simultaneous multi-state logic (along the lines of 'all states at once'), with more than a googol of possible states. We show that the equivalence of QC techniques (with IBM, Google and others compared to our version of QC) has been hidden for about 2.500 years - since Pythagoras. All of our QC calculations were performed in a commercial mobile phone or a commercial Linux desktop, as our QC devices opened the user market to many industries. No cryogenics or special materials were used."
However, many comments on his announcement are very cautious and await the published scientific work. He is currently only distributing these individually upon request. However, the general public will not be able to read anything from such a publication anyway.
Post-quantum cryptography – otherwise all passwords will become insecure
Researcher Gerk concludes: "A post-quantum, HIPAA-compliant, end-to-end, patent-free, export-free and secure online solution is being developed based on ZSentry, as used from 2004 to 2014 to replace RSA. A quantum-resistant algorithm is needed because all existing public key encryptions can be cracked. The US NIST must mark RSA as obsolete today! Otherwise SNDL will continue."
SNDL stands for "store-now-decrypt-later". Apparently, cyber criminals are already collecting highly encrypted password files in order to decrypt them later with the right computing power. Google is already using a quantum-safe encryption method (post-quantum cryptography) in its latest version of the Chrome browser. The quantum-safe key encapsulation method in the Chrome browser protects the exchange of symmetric keys when establishing secure TLS connections.
Other companies should also act with similar foresight, who are currently investing in their security infrastructures. You should make sure that these technologies are crypto-agile. This allows a cyber security system to quickly switch to an alternative, new crypto system without making significant changes to the IT system or cyber security system (system architectures, protocols, etc.).