• "But conventional security is not enough. The complexity of today's operational environment means organisations must embrace a level of business resilience that is normally associated with the protection of critical national infrastructure."

    Detica, a BAE Systems Company

  • "The future ability of quantum computers might be a decade or two away, their future ability to break public-key cryptography has important implications for the encryption of highly sensitive information today. For these applications, we must already design new public-key cryptosystems and one-way functions that are immune to quantum cryptanalysis."

    ARDA, Report of the Quantum Information Science and Technology Experts Panel, 2004

  • “The time needed to factor an RSA integer is the same order as the time needed to use that same integer as modulus for a single RSA encryption.   In other words, it takes no more time to break RSA on a quantum computer (up to a multiplicative constant) than to use it legitimately on a classical computer.”

    Professor Gilles Brassard,  "Quantum Information Processing: The Good, the Bad and the Ugly", 1997

  • “When will we be secure? Nobody knows for sure – but it cannot happen before commercial security products and services possess not only enough functionality to satisfy customers’ stated needs, but also sufficient assurance of quality, reliability, safety, and appropriateness for use. Such assurances are lacking in most of today’s commercial security products and services.”

    Brian Snow, Former Technical Director of the US National Security Agency (NSA), "We need Assurance", 2005

  • "Even a relatively small quantum computer, one that had a few tens of thousands of qubits, could consider so many different values at once that it would be able to break all known [ed: RSA, D&H, ECC, AES-128] codes commonly used for secure Internet communication.”

    Prof Seth Lloyd of MIT, MIT Review 2008

  • "Some physicists predicted that within the next 10 to 20 years quantum computers will be built that are sufficiently powerful to implement Shor’s ideas and to break all existing public key schemes. Thus we need to look ahead to a future of quantum computers, and we need to prepare the cryptographic world for that future.

    Prof Seth Lloyd of MIT, MIT Review 2008

  • “The current way which organisations approach security can be recognised as an underlying market failure which consists of fire fighting security problems, silo'd implementation of technologies, uncontrolled application development practices and a failure to address systemic problems. Organisations tend to deal with one problem at a time that results in the deployment of point solutions to treat singular problems. This failure is typical of an uncontrolled marketplace evolving with little or no co-ordination.

    The British Government’s Technology Strategy Board, 2008
  • “Briefly and simply, assurance work makes a user or a creditor more confident that the system works as intended without flaws, without surprises, even in the presence of malice.” … “The major shortfall is absence of assurance or safety mechanisms in software.  If my car crashed as often as my computer does, I’d be dead by now.”

    Brian Snow, Former Technical Director of the US National Security Agency (NSA), "We need Assurance", AusCERT 2008

  • “Given today’s common hardware and software architectural paradigms, operating systems security is a major primitive for secure systems – you will not succeed without it. This area is so important that it needs all the emphasis it can get. It is the current ‘black hole’ of security.”

    Brian Snow, Former Technical Director of the US National Security Agency (NSA), "We need assurance!", 1999-2008

  • “The more complex the threats become, the more you have to do the basics and groundwork really well. Staying aware and on top of new vulnerabilities and ensuring that patches and software updates are rapidly implemented is crucial.”

    Jeff Shipley, Cisco Intelligence Collection Manager, Cisco 2008 Annual Security Report

  • "First and foremost, there is no proper excuse for continued use of a broken cryptographic primitive (MD5) when sufficiently strong alternatives are readily available, for example SHA-2. Secondly, there is no substitute for security awareness." ... "Advice from experts should be taken seriously and early in the process. In this case, MD5 should have been phased out soon after 2004."

    Alexander Sotirov, Marc Stevens, Jacob Appelbaum, Arjen Lenstra, David Molnar, Dag Arne Osvik, Benne de Wegerr, "MD5 considered harmful today - Creating a rogue CA certificate", December 2008
  • "Given their power to intercept and disrupt secret communications, it is not surprising that quantum computers have the attention of various U.S. government agencies.  The National Security Agency, which supports research in quantum computing, candidly declares that given its interest in keeping U.S. government communications secure, it is loath to see quantum computers built. On the other hand, if they can be built, then it wants to have the first one.”

    Prof Seth Lloyd of MIT, MIT Review 2008

  • The software security industry today is at about the same stage as the auto industry was in 1930" ... "it looks fast, goes nice but in an accident you die.” ... "The major shortfall is absence of assurance (or safety) mechanisms in software. If my car crashed as often as my computer does, I would be dead by now."

    Brian Snow, Former Technical Director of the US National Security Agency (NSA), "We need assurance!", 1999-2008

  • “It's not good enough to have a system where everyone (using the system) must be trusted, it must also be made robust against insiders!”

    Robert Morris, former Chief Scientist of the US National Security Agency (NSA), National Computer Security Center, "Crypto '95 invited talks by R. Morris and A. Shamir", 1995

Resources Expert Opinions Quantum computing

Quantum computing

This section quotes leading cryptographic and quantum computing experts on the timing, capabilities and impact of quantum computers on global security systems. These quotes are often longer and more detailed than the quotes that cycle on the right hand side of each page.

Title Filter     Display # 
# Article Title
1 quote: Johannes Buchmann, Jintai Ding, Building quantum computers since 1996
2 quote: Seth Lloyd, Building quantum computers since 1996
3 quote: ARDA, New concepts for QC appear almost weakly
4 quote: ARDA, Quantum computers is a rapidly evolving field
5 quote: ECRYPT, Breakthrough in quantum computation would spell doom
6 quote: Prof. Johannes Buchmann, Good chance large quantum computers in 20 years... This would be a nightmare for IT security if...
7 quote: Brian Snow, Public key crypto would essentially be flat-lined by quantum computing
8 quote: ECRYPT, 30 to 50 year security should take quantum computers into consideration
9 quote: ECRYPT, Recommendations made today should be assigned a rather small confidence level
10 quote: Seth Lloyd, Even a relatively small quantum computer could break all known codes
11 quote: Seth Lloyd, Given their power to intercept and disrupt
12 quote: Gilles Brasssard, Takes no more time to break RSA than to run it
13 quote: Brian Snow, Quantum computers flat-line RSA, D&H, and ...
14 quote: ARDA, Code breaking quantum computers may be a decade or two away
15 quote: SecurIST, We need to be prepared for large quantum computers
This website uses cookies to manage authentication, navigation, and to provide you with a better and more personal service. By continuing to use this website, you are consenting to this use. Find out more here.
Synaptic Laboratories Limited: Technologies For A Safe and Secure High Performance Computing and Communications Ecosystem.


Related Items