When reviewing WireGuard's support for an optional, additional PSK (Pre Shared Key) layer of security. Like most modern crypto, WireGuard's basic encryption is asymmetrical, meaning you encrypt the data with one key and decrypt it with another. PSKs, by contrast, are symmetric cryptography.

The fundamental problem with symmetric cryptography is practical, not mathematical: how do you get the key to your communication partner? the first place? The whole reason you want the trust because you're not trusting the medium between you and your partner, so you can not use that to share a key. MITM-Man In The Middle-intends to intercept the key, destroying your secrecy.

asymmetric cryptography-the child uses for everything from SSH keys to SSL / TLS for websites to you name it-so attractive. With asymmetric cryptography, you send your public key to your communication partner in the clear. Your partner encodes a message with your public key, which you can then read with your private key because that was never shared.

So in the US at least, you can do the same thing in the other way-get your partner's public key, and use it to encrypt a message to send it to you.

## The basic concept-negotiate a connection to ephemeral PSK using asymmetric cryptography has been serving the world extremely well for a couple of decades now. The tech world would have trouble functioning without it, in fact. Secure modern communication is only possible because we do not need to meet in person to furtively hand over a PSK like thieves in the night. But there's a nasty specter (no, not that Specter) looming on the horizon: quantum computers.

Like quantum physics itself, quantum computers are weird beasties genuinely understand. Conventional computers are basically digital and operate on essentially analogous principles. If there is a sufficient amount of charge on one side of a gate, it qualifies as a one; if there is not, it qualifies as a zero. Presto, we have bits!

Quantum computers do not operate with classical bits at all, instead they store and process data in the form of qubits. Instead of a relative macro-quality like "many electrons are on the other side of this gate," it is a state of a single quantum particle. For example, a quantum computer might store qubits in the spin of individual electrons, encoding a 0 as "spin down" and a 1 as "spin up." Things only gets here from where-where a classical bit can only store a single 0/1 value, a qubit can store a coherent superposition of values. Alice and Bob (the sender and the recipient of your qubit of data) said: "What do you mean by two things in a single qubit?" It also means that you can not actually know the value of your qubit without destroying your qubit. (So I hope you have a pen and pencil handy to write down when you do it).

Let's return for a moment to that idea of storing a "coherent superposition of values." Scientific American said this accessibly a few years ago, and Ars has been exploring the idea since 2008. Remember Schrödinger's Cat, the poor beastie trapped in a box with no airholes, is still alive ? This turns out to be a pretty fair representation of a qubit. When you actually measure a qubit, you can only get a 0 or a 1 out-the cat is either alive, or dead. However, you can manipulate the likelihood of cat's survival directly. You can store a cat with a 75 percent likelihood of survival in the box; when you open it up, you still only get a 0 or a 1 (dead cat, or live cat). But the * likelihood * of that 0 or 1 is very real, and it's actually stored in that qubit. (Trying to make practical use of probabilistic information storage, frankly, beyond me.)

In general, CPUs are, but they're fantastically better at certain operations. In particular, quantum computers are really, really good and classical computers are really, really bad at factoring very large integers. Many of the most widely used asymmetric crypto algorithms rely on this asymmetric crypto algorithm. Shor's Algorithm to attack modern RSA, Diffie-Hellman, and elliptic-curve schemes directly and in real time. (This means the eventual doom of Bitcoin, as well as current SSL / TLS schemes.) IBM made news a year ago with a 50-qubit version of their Q quantum computers, so this will not happen tomorrow, or the day after * wants * to happen.

Quantum computers are also better at attacking symmetric cryptography, but not enough to matter. You can cut the time to attack a symmetric algorithm by using a quantum computer. There are also some asymmetric crypto algorithms that do not rely on factoring huge integers. As far as we know today, they are not particularly vulnerable to attack by quantum computer, either. It is definitely time to start thinking about new ways of achieving secrecy over long distances.

Source link