←back to thread

Why haven't quantum computers factored 21 yet?

(algassert.com)
335 points ingve | 5 comments | 31 Aug 25 12:14 UTC | HN request time: 0.237s | source
Show context
alchemist1e9 ◴[31 Aug 25 13:33 UTC] No.45083047[source]
And these are the same quantum computers that will eventually break ecliptic curve cryptography? Now I’m very confused.
replies(7): >>45083084 #>>45083090 #>>45083099 #>>45083208 #>>45083232 #>>45083263 #>>45083447 #
1. privatelypublic ◴[31 Aug 25 13:39 UTC] No.45083084[source]
Hasn't classical already severely crippled ECC because of some mathematical Assumptions that somebody came back in 2022 and Proved were wrong?
replies(4): >>45083106 #>>45083142 #>>45083188 #>>45083869 #
2. markusde ◴[31 Aug 25 13:44 UTC] No.45083106[source]
Could you link to any more information about this?
3. kevindamm ◴[31 Aug 25 13:50 UTC] No.45083142[source]
Which assumptions? ECDLP is still considered computationally hard, and ECC considered secure. There are invalid curve attacks and small subgroup attacks but that's a problem with key selection, not a fundamental problem with ECC.

Do you have a citation?

4. bitexploder ◴[31 Aug 25 13:58 UTC] No.45083188[source]
Not in general, no. It is still secure and used. There are of course attacks but those were not completely breaking
5. cwmma ◴[31 Aug 25 15:22 UTC] No.45083869[source]
I believe you are thinking of "Supersingular isogeny Diffie–Hellman key exchange" or SIKE which is a post quantum encryption algorithm that was spectacularly broken a couple years ago. The math involves elliptical curves but it's different from the elliptical curve cryptography used in your browser.