The currently highest encryption is the RSA-2048 key. The researcher Ed Gerck Ph.D, physicist and mathematician, now claims to have cracked this using a quantum computer. If all of this were true, all companies would have to put the topic of post-quantum cryptography – i.e. quantum-secure encryption – at the top of their to-do list.
The news that researcher Ed Gerck claims to have cracked the RSA-2048 key is currently stirring up a lot of dust. He also claims to have achieved this with a commercial mobile phone or Linux desktop. Ultimately, this would mean that many encryptions for access and passwords in the future would be anything but secure. Gerck, a researcher and founder of Planalto Research, a self-described research institution, claims to have undermined the most secure version of the RSA security protocol. Ed Gerk is no stranger: he has been working in the field of encryption his whole life. At least that's what his own vita shows.
Researchers skeptical: RSA-2048 key cracked
Gerk has announced his success on various portals, like here on LinkedIn. He himself writes in somewhat philosophical tones: “Today we were able to announce it. Quantum computing (QC) has become a reality. We cracked the RSA-2048 key. Ron Rivest is a good friend, but this was necessary to move forward.” You have to know that Ron Rivest is a cryptologist who developed the RSA encryption.
Gerk continues: “The QC version used here (editor's note: quantum computing) has simultaneous logic with multiple states (according to the motto “all states at once”), with more than one Googol of possible states. We show that the equivalence of QC techniques (with IBM, Google and others compared to our version of QC) has been hidden for about 2.500 years - since Pythagoras. All of our QC calculations were performed in a commercial mobile phone or a commercial Linux desktop, as our QC devices opened the user market to many industries. No cryogenics or special materials were used.”
However, many comments on his announcement are very cautious and await the published scientific work. He is currently only distributing these individually upon request. However, the general public will not be able to read anything from such a publication anyway.
Post-quantum cryptography – otherwise all passwords will become insecure
Researcher Gerk offers one final sentence: “A post-quantum, HIPAA-compliant, end-to-end, patent-free, export-free and secure online solution is being developed, based on ZSentry as it was used from 2004 to 2014, to replace RSA. You need a quantum-resistant algorithm because all existing public key encryption can be cracked. The US NIST must mark RSA as deprecated today! Otherwise, SNDL will continue.”
SNDL means “Store-now-decrypt-later”. Apparently Cybergangster is already collecting highly encrypted password files in order to decrypt them later with the appropriate computing power. Google is already using a quantum-safe encryption process (post-quantum cryptography) in its latest version of the Chrome browser. The quantum-safe key encapsulation process in the Chrome browser protects the exchange of symmetric keys when establishing secure TLS connections.
Other companies should also act with similar foresight, who are currently investing in their security infrastructures. You should make sure that these technologies are crypto-agile. This allows a cyber security system to quickly switch to an alternative, new crypto system without making significant changes to the IT system or cyber security system (system architectures, protocols, etc.).