Lukasz Olejnik on Cyber, Privacy and Tech Policy Critique

Share this post

TechLetters #173 Weakened post-quantum LWE crypto. AI risk assessment goes out of the window.

techletters.substack.com

TechLetters #173 Weakened post-quantum LWE crypto. AI risk assessment goes out of the window.

Apr 15, 2024
1
Share this post

TechLetters #173 Weakened post-quantum LWE crypto. AI risk assessment goes out of the window.

techletters.substack.com
Share

Security

Breaking post-quantum cryptography? "We provide a polynomial time quantum algorithm for solving LWE (learning with errors) with certain polynomial modulus noise ratio." If it holds, this means that the enthusiasm for some of the post-quantum cryptography candidates was too premature. Note: the proof is very long, and very complex, even for quantum standards. Also, it does not actually break the NIST-standardised algorithms but it is the first quantum on LWEs and would put a dent to guarantees.

EU goes post-quantum. The European Commission has issued an official recommendation that EU Member States prepare to move to post-quantum cryptography (it will be monitored). Let's hope the transition won't be towards weak ciphers.

Subscribe for free to receive new posts and support my work.

Germany announced the establishment of a fourth branch of armed forces. Inclusion of Cyber Warfare and Information Warfare forces, as a separate branch of the Bundeswehr. The military will be preparing to be war-ready.

AI risk assessment troubles. With its rapid development, risk assessment process of LLM/AI is becoming unsustainable and uncontrollable. “Another growing concern about public tests is that models’ training data can include the precise questions used in evaluations.”

Cyber espionage operation targeting Android users in India and Pakistan detected. Apps pretending to have "useful" functions, like messengers. Small in scope (not many users). May increase when third-party app marketplaces with easy-to-install apps emerge thanks to Digital Markets Act?

Privacy

American Privacy Rights. Proposal of U.S. Federal data protection regulation. "American Privacy Rights". It would be different to GDPR but cover (also) more specific things like data brokers or targeted advertising. It would allow schemes like 'See Ads or Pay Fee' (like Meta introduced). It introduces Privacy Impact Assessment (see e.g. here here or here), and Algorithmic Impact Assessment. It's also a cybersecurity regulation: "covered entity and service provider shall establish, implement, and maintain reasonable data security practices"

Technology Policy

Other

Russian-Chinese collaboration carried out the experiment of transferring quantum-secured data. Quantum key distribution data exchange over a distance of over 3,800 km using space satellite. "sifted key of 2.5Mb, final key length of 310kb"

In case you feel it's worth it to forward this content further:

Subscribed

If you’d like to share:

Share

1
Share this post

TechLetters #173 Weakened post-quantum LWE crypto. AI risk assessment goes out of the window.

techletters.substack.com
Share

Discussion about this post

No posts

Ready for more?

© 2024 Lukasz Olejnik
Privacy ∙ Terms ∙ Collection notice
Start WritingGet the app
Substack is the home for great culture
Share