The term “Post-Quantum Cryptography” is increasingly being used to describe the growing body of work on classical encryption systems which appear to be unbreakable (in polynomial time) by quantum (or classical) computers. A google search of this term already yields thousands of hits. In particular, note that “PQCrypto” conferences were held in 2006, 2008, and a third one is scheduled on May 25-28, 2010. Also, a compendium of articles in book form, entitled “Post-Quantum Cryptography” (Springer, 2009), edited by Bernstein, Buchmann, and Dahmen, has already been published.
The existence of PQ encryption systems makes quantum cryptography, and a quantum internet, OBSOLETE technologies.
My previous posts on quantum cryptography
In support of the above contentions, let me quote the prophet Elijah. Scott Aaronson hath saith here, verily, verily
———————————-
Scott Says:
Comment #15 June 7th, 2010 at 5:01 am
Evan: Look into lattice-based crypto — it really ought to be better-known among the nerd public than it is! Admittedly, lattice-based schemes are still less practical than RSA in terms of the key sizes and ciphertext sizes, but they’ve improved a great deal on those counts within the last decade. Plus, they enable amazing tasks like fully homomorphic encryption that we don’t know how to achieve with RSA-like systems.
And yes, my guess is that, if they had sufficient motivation, the cryptographers could make lattice-based schemes competitive enough to supplant RSA for many or most applications.
(And no, we don’t know how to break lattice-based cryptography with a quantum computer, despite almost a decade of serious attempts. Part of the explanation is that, while factoring and discrete log reduce to an abelian Hidden Subgroup Problem, finding short lattice vectors reduces to a nonabelian HSP, which is much more complicated.)
Comment by rrtucci — June 7, 2010 @ 4:04 pm