The Quantum Debate on Privacy Wed Aug 30 2023 A debate about quantum technology's effects on privacy. Not much is known yet, the debate is mostly speculation. -------------------------------------------------------------------------------- The Quantum Debate on Privacy ============================= Published Aug 30, 2023 - 10 min read /------- Table of contents -------\ | Table of contents | | * The Quantum Debate on Privacy | | * The debate | | * What in the world was that | | * Soatok's addendum | \---------------------------------/ I attended a debate at Quantum Village. It focused on whether the privacy of individuals will be enhanced or destroyed by quantum technologies. Both sides had no direct substance for or against the argument. The position for increased privacy was ungrounded and dreamlike. The position for diminished privacy focused on how the actors researching quantum technology the most are systemically against privacy. And, by extension, the application of quantum technology would be privacy eroding. This talk summary is part of my DEF CON 31 series. The talks this year have sufficient depth to be shared independently and are separated for easier consumption. -------------------------------------------------------------------------------- At the Quantum Village, David Joseph [L1] and Troy Mills [L2] have an Oxford Union-style debate about whether individual citizen privacy will be enhanced with new quantum technologies. This took place at the LINQ at 4 PM on Friday, August 11th. /------------------------------------------------------------------------------\ | Bob Gourley @bobgourley@twitter.com | |------------------------------------------------------------------------------| | The first topic for our Second Annual #Quantum [L3] Village Debate: "The | | Quantum Village believes individual citizen privacy will be enhanced with | | the fielding of new quantum technologies." David Joseph will argue for the | | proposition Troy Mills will argue against. You will vote. | | [L4] 8/11/2023 | \------------------------------------------------------------------------------/ I invited Soatok — who was in fursuit — to join me for the quantum debates. I expected some bullsh*t and I was painfully right. /---------------------------[cendyne: tearing-eyes]----------------------------\ \------------------------------------------------------------------------------/ The debate ---------- This was Quantum Village's second year. I remember Soatok mentioning he stumped them last year on something. I wanted to see it happen again. We arrive and sit down in one of the few chairs and the debate starts between a CEO of a security company and a researcher for quantum technology. [I1: Sign for Quantum Village outside of the venue.] The debate centered around one question: What effects will quantum technology have on privacy? It started with David. He made as much sense as some of the crypto currency visionaries. Every sentence and declaration he enunciated was a fabricated dreamscape with no grounding in reality. It went like this: > Close your eyes for a moment and think of the future. > > Everything about you will become a quantum state. > > Identity theft will be an archaic concept. > > Your browser history will be a quantum state so ISPs can't see inside without > collapsing it. > > Money fraud will be a thing of the past Around that point I stopped taking serious notes from this guy. Troy comes up next and makes his argument. He argued that human nature consistently takes creative and neat things and uses it for war. He claims a lot of research is going towards specifically breaking RSA and Diffie-Hellman cryptography. Then he points to the People's Republic of China and how they are investing more than any other nation into quantum technology and that China demonstrates it is against the privacy of individuals. He backtracks from the future to replay Tesla's history. He describes how Tesla was the first successful electric vehicle company by being a "first mover," they have captivated the market. He chills the audience by suggesting that China will be the first mover in quantum and dominate the technology thereafter. The quantum researcher comes back to reply in the debate. Big names like Copenhagen and more word salad comes out of his mouth like your best friend's belch after too much hamburger and milkshakes in the drive-thru. The same crypto -currency startup vocabulary gets tossed in and it's all a bunch of meaningless drivel. Honestly, ChatGPT forms sentences with more meaning than his articulation. He refused to name China in his reply, but at least mentioned that engineering efforts are under way for the post quantum future, such as the NIST competitions and Google testing Kyber on Chrome. At the end he dismisses the entirety of the Troy's argument by saying weaponization of quantum is out of scope for the debate. /----------------------------[cendyne: sigh-chair]-----------------------------\ \------------------------------------------------------------------------------/ Troy returns and asserts that using quantum technology against people is in line with the debate about how it affects privacy. I do agree with that, at least. He relates quantum technology to a brick, it can be used to build something neat, or be used for violence. > Don't ignore reality. Privacy is shaped by how we use it. As a last minute reply, David then continues with: > No more search history being pried upon. > > No more identity theft or fraud, because quantum state is uncloneable. The mediator then opens up for audience questions. Soatok is up first. > "Yes to the person in the... wolf costume" /[soatok: angel]---------------------------------------------------------------\ | How do you make unstealable money that can also be spent? | \------------------------------------------------------------------------------/ > David: Fine question. "Don't know, the engineers have to figure it out." > Troy: Reality and humans operate at a different scale than quantum. Think not > just the grand future but also the hard questions like the nature of warfare > online. /[cendyne: raised-brow-webcam]-------------------------------------------------\ | Mmm kay. Not addressing the question or the David's response. | \------------------------------------------------------------------------------/ Unsurprisingly, at least to me, Soatok's question was the most succinct of the debate. The rest usually grandstanded or spouted a bunch of word salad to fit in. /--------------------------[cendyne: tossing-popcorn]--------------------------\ \------------------------------------------------------------------------------/ A fair question was: > "Do you think that quantum will evolve without government influence" David relates to how crypto-currency has evolved in the free market. Troy parrots himself in that government influence in quantum is already happening and there's no way to change that. While I wrote other questions and responses down, they are not interesting enough to include or publish. What in the world was that -------------------------- This so called debate was very manufactured. I don't know if both sides were doing this for the first time or if they prepared their position on the spot. David Joseph has a competent talk from the prior year. The contrast from what I experienced there (a sh*t show) and this talk about a pay-walled paper Transitioning organizations to post-quantum cryptography [L5] made me doubt it was the same person. /------------------------------------------------------------------------------\ | Quantum Village | |------------------------------------------------------------------------------| | Youtube Video [L6] | | Start Now or Else! - David Joseph | Quantum Village @ DEF CON 30 [L7] 8/20/ | | 2023 | \------------------------------------------------------------------------------/ David Joseph appeared to discard his position as a researcher to wear the cape of a crypto-currency junkie — even through the questions. When asked by Soatok about one of his promises of the future, he responded with "the engineers have to figure it out." Aren't you a researcher? Aren't you qualified to have a grounded opinion on this? Or is the research in this field on using quantum technology just as ungrounded and without fruit? I cannot find much about Troy Mills except for being the CEO of Multispective Solutions. Soatok's addendum ----------------- > Even with a Herculean effort by NIST to standardize robust post-quantum > cryptography (KEMs and signatures), and a commitment by tech industry leaders > (Mozilla, Google, etc.) to deploy it as soon as possible, there is a Last Mile > problem that will ultimately make quantum computers a net-negative for privacy > on the web. > > There are still websites today that do not support TLS. Of the websites that > do, there are still many more that do not support TLS 1.3. (Only 62.1% do, > according to Essential SSL Stats for an Industry Overview [L8].) > > One reason for this delayed TLS 1.3 deployment is likely OpenSSL's versioning > and FIPS story: You need OpenSSL 1.1.1 or newer for TLS 1.3, but there was > never a FIPS version of OpenSSL 1.1.1; only 1.0.2 and 3.0.x were FIPS > validated. This means that operating systems (which need FIPS validation to > meet Common Criteria requirements) were less likely to ship 1.1, and there was > a few years of lag between 1.1.1 and 3.0.0. > > I anticipate that, even with the ongoing work on post-quantum cryptography > today, it will be several years before mainstream deployments are complete > (i.e. to get where TLS 1.3 is today), and at least a decade before it's > ubiquitous. > > The only saving grace here is, ironically, how glacially the advancements in > quantum computing are. We haven't broken a factoring record in 11 years. So it > 's likely that post-quantum will win in the end. But if quantum won today, it > would be an unmitigated privacy disaster long before we saw any benefits. Soatok also published DEFCON Quantum Village 2: Electric Boogaloo - Dhole Moments [L9], where he has several constructive recommendations for Quantum Village. His stumping question sparked an interesting conversation afterwards in the Quantum Village discord. See quote by QuantumNerd#0000 in his article. -------------------------------------------------------------------------------- Transport Layer Security (TLS): A protocol, sometimes confused as SSL (its predecessor), which enables plain text protocols like HTTP to operate over a secure channel. The channel establishes a symmetric key with asymmetric cryptography and allows for authentication of server to client. When the client authenticates to the server over TLS, it is called mutual-TLS, or mTLS. Key Encapsulation Mechanism (KEM): Key Encapsulation Mechanisms [L10] are a generalized category of establishing symmetric key material between two parties. The symmetric material may be sent by one party to the other, or be derived from a shared calculation with a tool like HKDF. KEMs are not necessarily Diffie-Hellman key exchanges, which have known optimizations such as ephemeral keys to allow for few network round trips. There are several KEM post-quantum cryptography candidates. National Institute of Standards and Technology (NIST): NIST [L11] is a standards focused agency of the U.S. department of commerce. They explore and challenge several areas of science and technology. One of those areas is cryptography. NIST has a negative record in its history where it recommended Dual_EC_DRBG [L12], which the NSA bribed adoption in the industry. The construction was found to have a backdoor if certain secret information were known. Since then, they have been acceptable stewards of cryptography recommendations. Today, they direct a post-quantum cryptography competition [L13] in anticipation of trusted cryptography like RSA and ECDSA and ECDH to become weak in the face of sufficiently capable quantum computers. HMAC-based key derivation function (HKDF): Hashed Message Authentication Code (HMAC)-based key derivation function or HKDF is a concrete KDF implementation which uses HMACs to derive new key material. HKDF specifically employes two stages: extract and expand. The extract stage produces a temporary key derivation key which is uniformly random for the expand stage. The expand stage produces the requested length and binds the output to the domain provided in the context or info paremeter. Federal Information Processing Standards (FIPS): Federal Information Processing Standards [L14] are standards and guidelines developed by NIST to set the requirements that are suitable for U.S. government operations. These standards are often conservative or even seen as outdated. Being FIPS certified does not mean that the product is well constructed or secure, only that the cryptography involved is selected entirely from the offerings blessed by FIPS. Transport Layer Security (TLS): A protocol, sometimes confused as SSL (its predecessor), which enables plain text protocols like HTTP to operate over a secure channel. The channel establishes a symmetric key with asymmetric cryptography and allows for authentication of server to client. When the client authenticates to the server over TLS, it is called mutual-TLS, or mTLS. Key Derivation Function (KDF): A Key Derivation Function or KDF takes a secret and can produce longer secrets from it for use in other applications. Since its output must be uniformly random, you will find a KDF relies upon PRFs to produce the desired output. To make longer outputs than the PRF supports, often a PRF gets a counter as part of its input which is incremented as needed until enough output data is available. Pseudo Random Function (PRF): A Pseudo Random Function or PRF is a keyed function that produces uniformly random data. It takes an input and reliably produces the same output with a fixed length. It sounds a lot like a hash function, and often is made with a hash function with additional mechanics around it. Hash based Message Authentication Code (HMAC): An HMAC is a MAC which uses hashes or message digests to authenticate a message. It is resistant to length extension attacks, which the underlying hash function may be susceptible to. You will find that common instatiations of HMAC are also PRFs. [L1]: https://www.linkedin.com/in/david-joseph-781693105/ [L2]: https://www.linkedin.com/in/troy-mills-98619018a/ [L3]: https://twitter.com/hashtag/Quantum [L4]: https://twitter.com/bobgourley/status/1690130074421592066 [L5]: https://www.nature.com/articles/s41586-022-04623-2 [L6]: https://youtu.be/cbXbo-x_8iQ [L7]: https://www.youtube.com/watch?v=cbXbo-x_8iQ [L8]: https://www.ssldragon.com/blog/ssl-stats/ [L9]: https://soatok.blog/2023/08/20/defcon-quantum-village-2-electric-boogaloo / [L10]: https://en.wikipedia.org/wiki/Key_encapsulation_mechanism [L11]: https://www.nist.gov/ [L12]: https://en.wikipedia.org/wiki/Dual_EC_DRBG [L13]: https://en.wikipedia.org/wiki/NIST_Post-Quantum_Cryptography_ Standardization [L14]: https://www.nist.gov/standardsgov/compliance-faqs-federal-information- processing-standards-fips [I1]: https://c.cdyn.dev/3VKVZwzb