• “Given today’s common hardware and software architectural paradigms, operating systems security is a major primitive for secure systems – you will not succeed without it. This area is so important that it needs all the emphasis it can get. It is the current ‘black hole’ of security.”

    Brian Snow, Former Technical Director of the US National Security Agency (NSA), "We need assurance!", 1999-2008

  • “Briefly and simply, assurance work makes a user or a creditor more confident that the system works as intended without flaws, without surprises, even in the presence of malice.” … “The major shortfall is absence of assurance or safety mechanisms in software.  If my car crashed as often as my computer does, I’d be dead by now.”

    Brian Snow, Former Technical Director of the US National Security Agency (NSA), "We need Assurance", AusCERT 2008

  • "First and foremost, there is no proper excuse for continued use of a broken cryptographic primitive (MD5) when sufficiently strong alternatives are readily available, for example SHA-2. Secondly, there is no substitute for security awareness." ... "Advice from experts should be taken seriously and early in the process. In this case, MD5 should have been phased out soon after 2004."

    Alexander Sotirov, Marc Stevens, Jacob Appelbaum, Arjen Lenstra, David Molnar, Dag Arne Osvik, Benne de Wegerr, "MD5 considered harmful today - Creating a rogue CA certificate", December 2008
  • “Consider the use of smart cards ... for especially critical functions.  Although more costly than software, when properly implemented the assurance gain is great.  The form-factor is not as important as the existence of an isolated processor and address space for assured operations – an ‘Island of Security,’ if you will.  Such devices can communicate with each other through secure protocols and provide a web of security connecting secure nodes located across a sea of insecurity in the global net.”

    Brian Snow, Former Technical Director of the US National Security Agency (NSA), "We need assurance!", 1999-2008

  • "But conventional security is not enough. The complexity of today's operational environment means organisations must embrace a level of business resilience that is normally associated with the protection of critical national infrastructure."

    Detica, a BAE Systems Company

  • The software security industry today is at about the same stage as the auto industry was in 1930" ... "it looks fast, goes nice but in an accident you die.” ... "The major shortfall is absence of assurance (or safety) mechanisms in software. If my car crashed as often as my computer does, I would be dead by now."

    Brian Snow, Former Technical Director of the US National Security Agency (NSA), "We need assurance!", 1999-2008

  • "Some physicists predicted that within the next 10 to 20 years quantum computers will be built that are sufficiently powerful to implement Shor’s ideas and to break all existing public key schemes. Thus we need to look ahead to a future of quantum computers, and we need to prepare the cryptographic world for that future.

    Prof Seth Lloyd of MIT, MIT Review 2008

  • "There is a good chance that large quantum computers can be built within the next 20 years.  This would be a nightmare for IT security if there are no fully developed, implemented, and standardized post-quantum signature schemes."

    Prof. Johannes Buchmann, et al, “Post-Quantum Signatures”, Oct 2004, Technische Universität Darmstadt

  • “Business now relies on information infrastructures that are interlinked and interdependent… The way in which these hidden interdependencies pervade our everyday lives is staggering and, in some cases, may go unchecked for many years until an incident occurs that revels the true nature of the interdependences' impact.”

    The British Government’s Technology Strategy Board, 2008
  • “The time needed to factor an RSA integer is the same order as the time needed to use that same integer as modulus for a single RSA encryption.   In other words, it takes no more time to break RSA on a quantum computer (up to a multiplicative constant) than to use it legitimately on a classical computer.”

    Professor Gilles Brassard,  "Quantum Information Processing: The Good, the Bad and the Ugly", 1997

  • Build-in Security: Ensure that security is considered and built into the design of new infrastructure, so that our critical assets are protected from the start and more resilient to naturally-occurring and deliberate threats throughout their life-cycle."

    Obama-Biden Plan, Agenda: Homeland Security, December 2008

Resources Expert Opinions Quantum computing

Quantum computing

This section quotes leading cryptographic and quantum computing experts on the timing, capabilities and impact of quantum computers on global security systems. These quotes are often longer and more detailed than the quotes that cycle on the right hand side of each page.

Title Filter     Display # 
# Article Title
1 quote: Johannes Buchmann, Jintai Ding, Building quantum computers since 1996
2 quote: Seth Lloyd, Building quantum computers since 1996
3 quote: ARDA, New concepts for QC appear almost weakly
4 quote: ARDA, Quantum computers is a rapidly evolving field
5 quote: ECRYPT, Breakthrough in quantum computation would spell doom
6 quote: Prof. Johannes Buchmann, Good chance large quantum computers in 20 years... This would be a nightmare for IT security if...
7 quote: Brian Snow, Public key crypto would essentially be flat-lined by quantum computing
8 quote: ECRYPT, 30 to 50 year security should take quantum computers into consideration
9 quote: ECRYPT, Recommendations made today should be assigned a rather small confidence level
10 quote: Seth Lloyd, Even a relatively small quantum computer could break all known codes
11 quote: Seth Lloyd, Given their power to intercept and disrupt
12 quote: Gilles Brasssard, Takes no more time to break RSA than to run it
13 quote: Brian Snow, Quantum computers flat-line RSA, D&H, and ...
14 quote: ARDA, Code breaking quantum computers may be a decade or two away
15 quote: SecurIST, We need to be prepared for large quantum computers
 
This website uses cookies to manage authentication, navigation, and to provide you with a better and more personal service. By continuing to use this website, you are consenting to this use. Find out more here.
Synaptic Laboratories Limited: Technologies For A Safe and Secure High Performance Computing and Communications Ecosystem.

 

Related Items