Standard notes' future proofness: Store now, decrypt later & quantum computers
Standard notes' future proofness: Store now, decrypt later & quantum computers
After seeing the video of veritasium on these topics, I wondered how standard notes was prepared for these innovations. - how is store now, decrypt later hindered (if that's possible) - is the current encryption algorithm resilient against quantum computing etc.
Does somebody have some expertise on this? It would also be great of standard notes themself put a blog post or video out on that topic.
The "store now, decrypt later" is an issue with public key cryptography- which is most internet traffic. Symmetric encryption isn't really messed up by quantum computing even in theory- your 256 bit thing might become effectively a 128 bit thing, but that's still incredibly impossible to worry about (there's some general purpose algorithm that requires a quantum computer that would generally halve the key size I think).
What is likely threatened by quantum computing are public key algorithms that work on the idea of one way being easy, and another way being hard. Like factoring- multiplication of huge numbers is fast, factoring them is not. Shor's algorithm is the famous one to be able to do this fast enough given a good quantum computer. But a lot of these allegedly one-way functions would be varying degrees of screwed up in the so-called 'post-quantum world'.
In a normal SSL connection, you use public key cryptography to exchange a symmetric key, then you use that. So if you were to record an entire SSL connection and then in the future be given a big quantum computer, you could in theory work it all out- first by undoing the public key initial piece, and then by reading the symmetric key directly, at which point you would be able to decrypt the remainder normally.
From my understanding, standard notes wouldn't actually be subject to this, as it never transmits your actual key- you encrypt it with your real key locally, and then it gets sent as TLS stuff. So while the public key could be discovered, and the private key for the TLS session, the actual payload data would be encrypted with a key derived from your password that is never transmitted.
Now, if it does actually transmit that key at some point, then all bets are off. But it couldn't really be secure if it transmitted your key anyway right? So it probably doesn't do that.
Security depends upon who the threat agent is that you are trying to protect against. A common person, an experienced expert/criminal hacker or a nation/state. Given that in theory any nation/state has "potentially unlimited" resources, to the point of there being at least one known case of a cyberattack on an air-gap computer, I would say all bets are off if you are doing something shady enough to attract the attention of the government of a powerful nation such as the USA or UK and be viewed as a potential threat to national security. Beyond that, I'd say within reason most encryption accomplishes its job by at the very least slowing the person down big time and requiring more resources to extract the data than the data is worth.
I'm way late to this conversation, decided to poke my head in this community and see what was going on.
The answer is yes, standard notes is resistant to this form of attack because it uses symmetric encryption. Quantum computing has the potential to disrupt asymmetric encryption not symmetric encryption.