“When will we be secure? Nobody knows for sure – but it cannot happen before commercial security products and services possess not only enough functionality to satisfy customers’ stated needs, but also sufficient assurance of quality, reliability, safety, and appropriateness for use. Such assurances are lacking in most of today’s commercial security products and services.”

Brian Snow, Former Technical Director of the US National Security Agency (NSA), "We need Assurance", 2005

“The time needed to factor an RSA integer is the same order as the time needed to use that same integer as modulus for a single RSA encryption.   In other words, it takes no more time to break RSA on a quantum computer (up to a multiplicative constant) than to use it legitimately on a classical computer.”

Professor Gilles Brassard,  "Quantum Information Processing: The Good, the Bad and the Ugly", 1997

“Never underestimate the attention, risk, money and time that an opponent will put into reading traffic.”

Robert Morris, former Chief Scientist of the US National Security Agency (NSA), National Computer Security Center, "Crypto '95 invited talks by R. Morris and A. Shamir", 1995

"Unfortunately, the security issues of a technology near the end of its lifetime are typically overlooked.  The best known example is that of cryptographic keys and algorithms which may need to offer in some cases security for 50 to 100 years."

“New concepts for quantum computer implementations, algorithms, and advances in the theoretical understanding of the physics requirements for quantum computers appear almost weekly in the scientific literature.”

ARDA, Report of the Quantum Information Science and Technology Experts Panel

“The more complex the threats become, the more you have to do the basics and groundwork really well. Staying aware and on top of new vulnerabilities and ensuring that patches and software updates are rapidly implemented is crucial.”

Jeff Shipley, Cisco Intelligence Collection Manager, Cisco 2008 Annual Security Report

“The rapidly evolving field of quantum computers is one of the most active research areas of modern science, attracting substantial funding that supports research groups at internationally leading academic institutions, national laboratories, and major industrial-research centers.”

ARDA, Report of the Quantum Information Science and Technology Experts Panel, 2004

"There is a good chance that large quantum computers can be built within the next 20 years.  This would be a nightmare for IT security if there are no fully developed, implemented, and standardized post-quantum signature schemes."

Prof. Johannes Buchmann, et al, “Post-Quantum Signatures”, Oct 2004, Technische Universität Darmstadt

“Systems built without requirements cannot fail; They merely offer surprises. Usually unpleasant!

Robert Morris, former Chief Scientist of the US National Security Agency (NSA), National Computer Security Center, 1995

"Given their power to intercept and disrupt secret communications, it is not surprising that quantum computers have the attention of various U.S. government agencies.  The National Security Agency, which supports research in quantum computing, candidly declares that given its interest in keeping U.S. government communications secure, it is loath to see quantum computers built. On the other hand, if they can be built, then it wants to have the first one.”

Prof Seth Lloyd of MIT, MIT Review 2008

“Given today’s common hardware and software architectural paradigms, operating systems security is a major primitive for secure systems – you will not succeed without it. This area is so important that it needs all the emphasis it can get. It is the current ‘black hole’ of security.”

Brian Snow, Former Technical Director of the US National Security Agency (NSA), "We need assurance!", 1999-2008

“Assurance is best addressed during the initial design and engineering of security systems, NOT as an after market patch. The earlier you include a security architect in your design process, the greater the likely hood of a successful and robust design. As the quip goes, he who gets to the (module) interface first wins.”

Brian Snow, Former Technical Director of the US National Security Agency (NSA), "We need Assurance", AusCERT 2008

"Security and dependability issues typically go along with the life cycle of a technology.  The trend to first deploy a technology and later fix its problems – typically driven by economic motives – is gradually making way for security by design, resulting in improved security at the beginning of the life cycle."

Florence Luy asks the question: "Is the writing on the wall for 1024-bit (RSA) encryption?"
Dutch mathematician Hendrik Willem Lenstra: "The answer to that question is an unqualified yes."

Florence Luy, Hendrik Lenstra, “A mighty number falls”, 21 May 2007, École Polytechnicque Fédérale de Lausanne

"My colleagues at MIT and I have been building simple quantum computers and executing quantum algorithms since 1996, as have other scientists around the world. Quantum computers work as promised. If they can be scaled up, to thousands or tens of thousands of qubits from their current size of a dozen or so, watch out!”

Prof Seth Lloyd of MIT, MIT Review 2008

“a significant breakthrough in quantum computation would spell doom for all these systems (ECC-192 or RSA-2048).”

European Network of Excellence for Cryptography, "D.AZTEC.2 Alternatives to RSA", July 2005

“Briefly and simply, assurance work makes a user or a creditor more confident that the system works as intended without flaws, without surprises, even in the presence of malice.” … “The major shortfall is absence of assurance or safety mechanisms in software.  If my car crashed as often as my computer does, I’d be dead by now.”

Brian Snow, Former Technical Director of the US National Security Agency (NSA), "We need Assurance", AusCERT 2008

"In the medium term, we need to be prepared for the eventuality that large quantum computers could be built: this would require an upgrade of most symmetric cryptographic algorithms and a completely new generation of public-key algorithms."

SecurIST, “D3.3 – ICT Security & Dependability Research beyond 2010: Final Strategy”, January 2007