A commercial smartphone or Linux computer can be used to crack RSA-2048 encryption, according to a prominent research scientist. Dr Ed Gerck is preparing a research paper with the details but couldn’t hold off from bragging about his incredible quantum computing achievement (if true) on his LinkedIn profile. Let us be clear: the claims seem spurious, but it should be recognized that the world isn’t ready for an off-the-shelf system that can crack RSA-2048, as major firms, organizations, and governments haven’t yet transitioned to encryption tech that is secured for the post-quantum era.
In his social media post, Gerck states that a humble device like a smartphone can crack the strongest RSA encryption keys in use today due to a mathematical technique that “has been hidden for about 2,500 years – since Pythagoras.” He went on to make clear that no cryogenics or special materials were used in the RSA-2048 key-cracking feat.
BankInfoSecurity reached out to Gerck in search of some more detailed information about his claimed RSA-2048 breakthrough and in the hope of some evidence that what is claimed is possible and practical. Gerck shared an abstract of his upcoming paper. This appears to show that instead of using Shor’s algorithm to crack the keys, a system based on quantum mechanics was used, and it can run on a smartphone or PC.
In some ways, it is good that the claimed breakthrough doesn’t claim to use Shor’s algorithm. Alan Woodward, a professor of computer science at the University of Surrey, told BankInfoSecurity that no quantum computer in existence has enough gates to implement Shor’s algorithm and break RSA-2048. So at least this part of Gerck’s explanation checks out. However, the abstract of Gerck’s paper looks like it is “all theory proving various conjectures – and those proofs are definitely in question,” according to Woodward.
The BankInfoSecurity report on Gerck’s “QC Algorithms: Faster Calculation of Prime Numbers” paper quotes other skeptics, most of whom are waiting for more information and proofs before they organize a standing ovation for Gerck.
If you head over to Dr Gerck’s LinkedIn post you can see that the scientist has been busy answering community queries ahead of a full paper publication. He also isn’t afraid of stoking controversy by saying the likes of IBM and Google are “plain wrong” in their interpretations of superposition and entanglement in quantum computing.
Gerck is the developer of a “post-quantum, HIPAA compliant, end-to-end, patent-free, export-free, secure online solution” for cryptography, which he says can be used to replace RSA. This would be handy if his RSA-2048 cracking claims are correct. Naturally, that also raises the question of whether this ‘crack’ is merely a publicity stunt for his product.
We will watch with interest to see how this RSA-2048 cracking story develops. It looks almost like a new LK-99 moment, but could have even greater impacts on our lives if the headline claims survive scrutiny.