remember my post about the digital raid with cellebrite and how biometrics arent secure? yeah, the government espionage rabbit hole goes way deeper.
i recently started reflecting on the quantum computer race. we keep hearing that china is gonna invade taiwan and that this will freeze the chip market. but the biggest danger isnt the commercial delay of a quantum pc. its what governments are already doing behind the scenes with the military version of this tech.
its called sndl (store now, decrypt later). and guys, this is wild. (ꐦ°᷄д°᷅)
the vacuum cleaner of submarine cables
intelligence agencies (like nsa, gchq, chinese intel) are already tapping the backbone of the internet on submarine cables. their logic is: "if we cant break this encryption today, we store the file on the server and break it in 10 or 15 years when the quantum pc is ready".
obviously they dont store the entire internet. they discard the heavy trash (ur netflix streaming, youtube, steam downloads) and filter only the gold using keywords and specific targets.
| espionage tier | what they obsessively keep |
|---|---|
| tier s (olympus) | military communications, r&d secrets (vaccines, chips) and heads of state. |
| tier a (geopolitics) | diplomatic cables, critical infrastructure (scada) and financial systems (swift). |
| tier b (underworld) | tor network nodes, corporate vpns and whale crypto movements. |
| tier c (vacuum) | handshakes from commercial vpn connections. |
the end of the handshake and the fall of rsa
remember that green lock on ur browser? it uses math (like rsa) to do a handshake with the server and agree on a secret key.
quantum computing (using some witchcraft called shors algorithm) breaks that math instantly. when they open the handshake they recorded today, they discover ur secret key. and then, the tunnel collapses.
they wont just have ur ip (which in 10 years wouldnt mean anything). theyll have the payload (raw content) in plain text:
- ur passwords and session tokens.
- ur companys confidential source code.
- ur real identity leaked in documents or purchases.
- the absolute end of ur anonymity on vpn or tor.
salvation: aes-256 and client-side encryption
calm down, not everything is lost. remember when i said in my aws s3 post that the real salvation was client-side encryption and not server encryption? the rule applies here too.
quantum math breaks the handshake (asymmetric), but it sucks against symmetric "vaults", like aes. against aes, the quantum pc is forced to use grovers algorithm, which just "cuts" the key strength in half.
- aes-128: drops to 64-bit strength (already enters the danger zone).
- aes-256: drops to 128-bit strength. this is still so absurdly huge that not even a quantum pc can brute force it. would take millennia.
if u encrypt ur data locally on ur pc using aes-256 (like i do using rclone crypt with backblaze b2, or my own wiper in c), agencies can steal ur files and throw them on a quantum pc in 30 years, they wont be able to open it.
the danger only exists if u transmit that aes key over the internet using an old handshake protocol. our only hope now is that post-quantum cryptography (pqc) gets implemented on all routers, banks and servers in the world before the first military quantum pc gets turned on.
as i always say, defending open platforms and acting with caution are the pillars for a secure digital environment. (⌐■_■)