Researcher Claims to Crack RSA-2048 With Quantum Computer

As Ed Gerck Readies Research Paper, Security Experts Say They Want to See Proof

A scientist claims to have developed an inexpensive system for using quantum computing to crack RSA, which is the world's most commonly used public key algorithm.

See Also: Live Webinar | Generative AI: Myths, Realities and Practical Use Cases

The response from multiple cryptographers and security experts is: Sounds great if true, but can you prove it? "I would be very surprised if RSA-2048 had been broken," Alan Woodward, a professor of computer science at England's University of Surrey, told me.

The scientist making the claim is Ed Gerck. According to his profile on LinkedIn, where he also posted his announcement of the RSA crack, he's a quantum computing developer at a firm he founded called Planalto Research in Mountain View, California, among other jobs.

"Quantum computing has become a reality. We broke the RSA-2048 key," Gerck said.

Many cryptographers believe that the most viable approach to this problem will involve using a quantum algorithm developed by Peter Shor in 1994 to find the prime factors of an integer, once a sufficiently powerful quantum computer is built to run the algorithm against the likes of RSA-2048.

"Breaking RSA is usually attempted by using Shor's algorithm in a quantum computer but there are no quantum computers in existence that can produce enough gates to implement Shor's algorithm that would break 2048 keys," Woodward said.

Gerck said all his "QC computations were done in a commercial cellphone, or a commercial Linux desktop," at a capital cost of less than $1,000. "No cryogenics or special materials were used."

Reached for comment, Gerck shared a preprint of his research paper, titled "QC Algorithms: Faster Calculation of Prime Numbers" and co-authored with Ann Gerck. An abstract for the paper is available online. In it, the researchers write that instead of using Shor's algorithm to crack the keys, they employed a system based on quantum mechanics that can be run using off-the-shelf hardware.

I asked Gerck if this was theoretical, or if they had cracked RSA-2048 in a real-world setting, if they planned to demonstrate this to any quantum computing experts who might vouch for their findings, and when their peer-reviewed findings would be published.

He responded, "We broke a public RSA-2048. We cannot risk impersonation."

Woodward, after reviewing the Gercks' research paper, said it appears to be "all theory proving various conjectures - and those proofs are definitely in question."

He added, "I'll believe they have done this when people can send them RSA modulus to factor and they send back two primes. Until I see that, I'm just confused and not convinced they've done what they claim in the headlines."

Anton Guzhevskiy, the chief operating officer at Australian cybersecurity firm ThreatDefence, also challenged Gerck to prove his claims. "I've shared an RSA-2048 public key and a corresponding private key encrypted by this public key. If you can decrypt the private key, you can sign some piece of text with it, which will prove that you are in possession of the private key," he said in a response to Gerck's post on LinkedIn. "Can you do it?"

"There is a publication delay, and I do not control that," Gerck responded.

Full Story