Has RSA-2048 been cracked With a Quantum Computer?

Researcher Ed Gerck has announced that he has broken RSA 2048, which puts the world’s security measures at risk with his proclamation. He even claims that the originator of the RSA standard, who is the ‘R’ in RSA, “Ron Rivest”, is a dear friend. It is also claimed that there is more than one googol worth of states (1 googol = 1 x 10100) that he can compute. Gerck, a researcher who is the founder of what appears to be his research establishment, Planalto Research, has made the headline claims, which, if taken at face value, threaten the most secure version of the RSA security protocol.

To make matters more interesting, it is claimed the calculations were done on a commercial cellphone with no recourse to a specialist device, which would pretty much throw the current nascent area of quantum computing under the metaphorical bus if proven to be correct.

Gerck also calls for a quantum computing resistant algorithm because all existing public key cryptographic schemes are at risk and calls upon the US NIST to deprecate RSA today, citing SNDL. The paper “QC breaks 10^1000 decimal digits cryptography in a cellphone” has not been formally published but scientists and researchers will be requesting the paper. We have reached out to Ed Gerck and asked for a copy of the publication and further comment.

“Store Now, Decrypt Later” (SNDL), also known as “Harvest Now, Decrypt Later” or “Retrospective Decryption”, is a surveillance strategy that relies on the acquisition and long-term storage of currently unreadable encrypted data. The idea is to wait for possible breakthroughs in decryption technology that would render the encrypted data readable in the future.

RSA 2048 Cryptographic Standard

RSA-2048 has 617 decimal digits (2,048 bits). It is the largest of the RSA numbers and carried the largest cash prize for its factorization, $200,000. RSA-2048 is considered by many to be currently impossible to factor. It may not be factorizable for many years unless considerable advances are made in integer factorization or computational power. Of course, Peter Shor’s algorithm might pose a threat to such schemes, but the relatively small numbers that can be factorized with a quantum computer do appear to be an immediate threat to the RSA 2048 standard.

“QC breaks 10^1000 decimal digits cryptography in a cellphone”: Abstract.

According to Ed Gerck PhD…

One needs a quantum-resistant algorithm because all existing public-key encryption can be broken. There are two types of quantum computing (QC) techniques: with complex numbers, and without. The former include: Shor’s algorithm, adiabatic QC, quantum annealing principles, and others. Capital cost is about $10M. The latter is the simultaneous, multifactor logic, with ‘all states at once’ technique of QC, proposed by Planalto Research and us.

We factored more than 101000 decimal digits, and the capital cost was less than $1,000. This work shows that RSA-2048, once challenging, and the main public-key encryption, is broken by our QC in a cellphone, in seconds. The motivation for this work was exploring objective periodicity (by using physical laws), a collective property, as providing prime numbers in the set N — a “wormhole” linking physics with mathematics. No cryogenics or special materials were used, with only commercial hardware. We report that a post-quantum, HIPAA compliant, end-to-end, patent-free, export-free, secure online solution, is being created, with ZSentry as used from 2004 to 2014, to replace RSA. This will be pursued publicly as an IETF RFC, and as a NIST submission.

Validating the Claims of cracking RSA-2048

As yet, there is no peer review for the paper that Ed Gerck has published, and we might be waiting a while before the security community can look into it to decide the validity of the claims. We are skeptical, it has to be said. While there might be some aspect that has been overlooked, with so many researchers studying the space, it does seem unlikely that something so seemingly obvious would be forgotten. Nevertheless, we should take claims at face value and validate or disprove them – after all, this is how science works, or at least should work!

We expect that researchers in the field will quickly refute the claims after they have the chance to digest the work. Complexity researcher Scott Aaronson – we’re looking at you! Scott and his graduate student have, in the past, found unknown classical algorithms that have shown speed-up. You might say the Jury is still out on this one. Extraordinary claims require extraordinary proof.

Who is Ed Gerck?

Dr. Gerck earned his Ph.D. in Physics, which laid the foundation for his analytical approach to digital security. Early in his career, he focused on the development of cryptographic methods and trust frameworks. His work has often intersected with foundational aspects of internet security, including the development of protocols that remain in use today.

Furthering his research, Gerck led his doctoral studies in quantum optics and postdoctoral research at the Max-Planck-Institut für Quantenoptik in Munich from 1979 to 1983. There, he developed new models for atomic photodissociation lasers and discovered new laser lines, influencing the University of Wuppertal to develop new molecules for iodine laser action. His work demonstrated the limitations of the iodine laser for high-power laser fusion.

One of Dr. Gerck’s key areas of interest is the concept of digital trust. He has developed models that address the complexities of establishing trust over digital mediums, which is critical in the era of internet communication and e-commerce. His work in this area has influenced how trust is managed and implemented in digital transactions.

Gerck’s involvement in the field began in earnest in the 1990s, and he was instrumental in the early development of digital certificates and the concept of trust in a network context. He is recognized for his work on the Multi-Trustee PKI model, which was a shift from the traditional single-trustee system, allowing for a more nuanced and distributed approach to trust.

In 2000, he moved to the United States to work for Safevote, garnering approvals for secure and private voting methods in Sweden and by MIT-Caltech. His patented work has been influential in the field of voting, and he has been recognized by the state of California for innovative shadow voting.

He was also a key contributor to the Email Security Protocols during the early days of the Internet, where he advocated for the use of encryption and secure keys to ensure privacy and security in digital communications. His influence extended to the development of protocols such as Secure Multipurpose Internet Mail Extensions (S/MIME), which is widely used for securing emails by encrypting them and allowing for digital signatures.

In addition to his technical work, Gerck has been involved in various committees and organizations focused on digital security, and he has published numerous papers on trust, security, and the nature of digital certificates. His academic and practical insights have guided the development of frameworks and policies surrounding digital trust and the establishment of secure, reliable communication networks.

Ed Gerck has published around 220 academic papers.