home.social

#post-quantum-cryptography — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #post-quantum-cryptography, aggregated by home.social.

fetched live
  1. Are we any closer to the Quantum Apocalypse?

    Another day, another urgent pronouncement on the need to transition to post-quantum cryptography ASAP: this one from the White House, in the form of an Executive Order requiring certain “high value” systems to transition to post-quantum cryptography (PQC) by the end of 2030 (for key exchange) or 2031 (for signatures). This brings forward the date slightly compared to previous guidance, which disallows quantum-vulnerable crypto for US Federal systems by 2035. But is this urgency justified?

    First, an important note: as you can probably tell already, I’m going to pour some skepticism on this sense of urgency. I don’t think cryptographically-relevant quantum computers are coming soon. However, that doesn’t mean we shouldn’t be prepared! The risk that they might appear soon is non-negligible, and the impact of them appearing for many applications is catastrophic. Sensible timelines to mitigate known threats are justified, panic-induced rushing is not. On with the article…

    Filippo Valsorda wrote a good piece about why he believes this urgency is justified, and that we need to be moving faster towards a post-quantum world. He cites two papers that dramatically reduce the estimates for how many qubits are needed to break classical cryptography (in this case elliptic curves) using a quantum computer. He writes:

    “Overall, it looks like everything is moving: the hardware is getting better, the algorithms are getting cheaper, the requirements for error correction are getting lower.”

    But is the hardware getting better? This is where I have doubts. Initial timelines for quantum computing from Google and IBM were extremely optimistic. Just 5 years ago, Google suggested they would have a fault-tolerant quantum computer with 1,000,000 physical qubits by 2029. They are currently at 105. So just 4 orders of magnitude to go in the next 3 years. IBM were a bit more conservative, anticipating 100,000 qubits by 2033. They are currently at 156 qubits.

    Sam Jacques has been updating a useful chart every year, showing the current state of quantum computing progress. Below shows a comparison of the first chart he published in 2023 and the most recent one in 2026. What can clearly be seen is how better analysis has moved attacks down and to the left, but actual hardware progress has remained stubbornly in that little grey box, with a tiny nudge upwards on reducing the error rate.

    Comparison of quantum computing landscape 2023 vs 2026.
    Source: https://sam-jaques.appspot.com/quantum_landscape

    Now, you may say that there has been good progress on improving error correction. For example, at the end of 2024, Google announced “below threshold” quantum error correction. Surely a sign of good progress, even if the number of qubits was behind schedule. Once you’ve cracked error correction, the qubits will come thick and fast: an atomic explosion of qubits, if you will. (If you believe this then it doesn’t really matter how much more efficient the attacks become on paper: all that matters is how soon the hardware arrives). But I do wonder how that announcement was different from the announcement Google made almost 2 years earlier stating “For the first time ever, our Quantum AI researchers have experimentally demonstrated that it’s possible to reduce errors by increasing the number of qubits.” Call me skeptical, but if you were really making progress then would you need to put out re-runs of results you’ve already announced? Are there new chips coming that build on this breakthrough to give us the large numbers of usable qubits we’ve been promised?

    Maybe I’m about to be proved wrong by new announcements, or maybe all of the companies and governments involved in the entire world have suddenly decided to keep their progress hush-hush. But from my point of view as an outsider looking in, it all looks suspiciously like progress on quantum computing has stalled rather than the sky being about to fall on our heads.

    To reiterate: I still think it is sensible to be working right now on transitioning to post-quantum encryption (in a hybrid). But I am deeply skeptical of the idea that we need to rush things because quantum computers are arriving any second now. As I said in “Are we overthinking post-quantum cryptography?”, I think if you’re not beholden to the diktats of an insane autocrat, making minimal adjustments to ensure you can counter “store now, decrypt later” attacks is sensible. Wholesale replacement of all of your cryptography with post-quantum alternatives is IMO still in the realm of something to start thinking about, not a burning crisis that needs immediate attention.

    The key things to consider have nothing to do with PQC at all: Can I change algorithms easily and securely? Do I need to be using public key cryptography, or will symmetric cryptography do instead? (Hint: if it doesn’t cross a trust boundary, then the answer is almost always “yes”). Can I avoid digital signatures (the post-quantum ones are mostly crap)? Can I avoid cryptography entirely? (E.g., moving from “stateless” JWTs to good old-fashioned stateful tokens/cookies).

    #cryptography #postQuantumCryptography #standards
  2. The transition to Post-Quantum Cryptography in the #Tor network’s #TLS layer is making progress! 😎 We are now at 44.57% of relays supporting the X25519MLKEM768 hybrid handshake. This number is up from 34.65% in March.

    I’ve uploaded a list of relays and their scan results from yesterday on ahf.me/tor-tls-pqc/2026-06-18/ and wrote an email to the tor-relays@ mailing-list summarising the results in lists.torproject.org/mailman3/

    #cryptography #postquantumcryptography #pqc

  3. The transition to Post-Quantum Cryptography in the #Tor network’s #TLS layer is making progress! 😎 We are now at 44.57% of relays supporting the X25519MLKEM768 hybrid handshake. This number is up from 34.65% in March.

    I’ve uploaded a list of relays and their scan results from yesterday on ahf.me/tor-tls-pqc/2026-06-18/ and wrote an email to the tor-relays@ mailing-list summarising the results in lists.torproject.org/mailman3/

    #cryptography #postquantumcryptography #pqc

  4. Security Leaders Scramble to Accelerate Post-Quantum Cryptography Transition

    The pressing question isn't when quantum computers will crack today's encryption, but whether organizations will be prepared to make the switch to post-quantum cryptography before it's too late. With only 8% of SSH servers currently making the transition, experts warn that the time to act is now.

    osintsights.com/security-leade

    #PostquantumCryptography #CryptographyTransition #QuantumComputing #EmergingThreats #Encryption

  5. Weekend Reading from TechAptitude!

    Get to know new Cryptography Standards (FIPS 20-3, FIPS 204, FIPS 205, FIPS 206) developed by NIST to withstand quantum attacks and prevent the so-called “Q-Day”. Q-Day is an estimate of the point in time when quantum computers will be able to reliably break existing RSA-2048 cryptography. techaptitude.substack.com/p/qu #PQC #NIST #Cryptography #Q_Day #PostQuantumCryptography #Quantum #Encryption #CryptographyAlgorithms #TechAptitude

  6. Weekend Reading from TechAptitude!

    Get to know new Cryptography Standards (FIPS 20-3, FIPS 204, FIPS 205, FIPS 206) developed by NIST to withstand quantum attacks and prevent the so-called “Q-Day”. Q-Day is an estimate of the point in time when quantum computers will be able to reliably break existing RSA-2048 cryptography. techaptitude.substack.com/p/qu

  7. Hybrid Crypto Gains Traction in Quantum-Safe Security Push

    By combining post-quantum cryptography and quantum key distribution, hybrid crypto approaches provide a robust security solution that protects systems even if one layer is compromised. This layered defense offsets the weaknesses of each, ensuring a stronger safeguard against emerging quantum threats.

    osintsights.com/hybrid-crypto-

    #PostquantumCryptography #QuantumKeyDistribution #HybridCrypto #QuantumsafeSecurity #Cryptography

  8. RE: partychickens.net/@mason/11651

    'some governments will require the tools that they use to support post-quantum cryptography in the near future. This means that a lot of companies want post-quantum cryptography, and people will begin to expect it from serious projects'

    #cryptography #publicPolicy #quantumComputing #postQuantumCryptography

  9. RE: partychickens.net/@mason/11651

    'some governments will require the tools that they use to support post-quantum cryptography in the near future. This means that a lot of companies want post-quantum cryptography, and people will begin to expect it from serious projects'

    #cryptography #publicPolicy #quantumComputing #postQuantumCryptography

  10. Hast anyone Seen #postquantumcryptography life in Action?
    What so you think of IT?
    This company offers secure Quantum Key Distribution by sending Photons over Fiber. *impossible of eavesdropping*.... They say

    Here is the Link to the comapny:
    Quantum Security, Now and Forever. | zerothird
    zerothird.com/

    #security

  11. Hast anyone Seen #postquantumcryptography life in Action?
    What so you think of IT?
    This company offers secure Quantum Key Distribution by sending Photons over Fiber. *impossible of eavesdropping*.... They say

    Here is the Link to the comapny:
    Quantum Security, Now and Forever. | zerothird
    zerothird.com/

    #security

  12. Vendor PQC marketing sells urgency before discovery. NIST, NCSC, and CISA say the opposite: start with cryptographic inventory, not an algorithm platform. hackernoon.com/post-quantum-cr #postquantumcryptography

  13. Europe Mandates 2030 Deadline for Post-Quantum Cryptography Rollout

    The French National Cybersecurity Agency is urging a proactive approach to post-quantum cryptography, warning that the transition to quantum-resistant algorithms is a long-term effort that must be initiated now. France has set a 2030 deadline for ministries to deploy post-quantum encryption for sensitive systems.

    osintsights.com/europe-mandate

    #PostquantumCryptography #Europe #France #NationalSecurity #EmergingThreats

  14. Any good #encryption people on here that can tell me what I should be looking to do with Yubikey and PGP for post quantum readiness?

    #postquantumcryptography

  15. Well, it’s good that someone is drawing a line in the Crypto sand.

    Google accelerates its readiness timeline to prepare for “Q-day” with post-quantum cryptography (PQC) migration to 2029. Reminder: Q-day = the date when quantum computing becomes operational and is powerful enough to break the digital signatures that secure the Internet, crypto (blockchain + Ethereum), and just about every other Information system in use today.

    The Bitcoin crypto network relies on ECDSA elliptic curve signatures. techaptitude.substack.com/p/ec With an exposed crypto signature public key, a quantum computer could derive the private key. And then, the crypto assets would be freely available to a hacker.

    Android 17 will integrate ML-DSA, an algorithm standardized by the NIST to secure digital signatures. security.googleblog.com/2026/0

    blog.google/innovation-and-ai/ #Crypto #PQC #PostQuantumCryptography #Cryptography #Google #Quantum #QuantumComputing #Q-Day #BlockChain #ECDSA #NIST #ML-DSA #Security #CryptoSecurity #Internet #TechAptitude

  16. #Google is setting a 2029 timeline for migrating to #postquantumcryptography (#PQC) to secure against future #quantumcomputer threats. This includes prioritising #PQCmigration for authentication services and integrating PQC digital signature protection in Android 17. blog.google/innovation-and-ai/ #tech #media #news

  17. PQC migration is a program, not a patch. I just updated my quantum readiness starting list - curated for security people who need actionable info.

    Takes you from threat understanding → prioritization → running a real migration program with owners, milestones, dependencies, and vendor timelines.

    postquantum.com/quantum-readin

    #PQC #PostQuantumCryptography #InfoSec #CryptoAgility #QuantumSecurity

  18. @mhoye it’s always good to err on the side of stronger rather than weaker crypto where feasible as you’re not only defending comms / data against today’s capabilities but also against future capabilities that can be applied against any captured & stored comms / data by an adversary. it’s already common for nation-state intelligence orgs to position themselves in core comms backbones to collect & store as much as they can that goes across the wire, whether encrypted or not

    the usual caveats about threat models still apply, but threat models can change over time & your #ThreatModel in 5-10 years may include people / orgs / countries that you’re not currently worried about – the adage is “the time for good #OpSec^ is before you know you need good OpSec” 🙃

    Aus gov advice (from #ASD⚹) for agencies is to have quantum-resistant #crypto in place by 2030 & they’re updating the Aus Gov Information Security Manual (#ISM) to reflect developments in post-quantum cryptographic algorithms – see the chapter Guidelines for cryptography at cyber.gov.au/business-governme

    they also have a good overview for smaller orgs – Planning for post-quantum #cryptography at cyber.gov.au/business-governme

    #PostQuantumCryptography
     
     
     
    ^ “operational security” – good security & privacy practices designed to keep you more secure

    ⚹ the Australian Signals Directorate

  19. Yesterday, I ran a scan of the available #TLS cipher suites in the #Tor production network:

    32.32% of our relays currently support the x25519/ML-KEM-768 hybrid #PQC key exchange group.

    Relay operators, let's get this number up! 🤩

    Big thanks to the #OpenSSL team for providing the PQC support here and making it available to all of us! 🎉😎

    More information in lists.torproject.org/mailman3/ and the individual relay results are available from ahf.me/tor-tls-pqc/2026-02-26/

    #crypto #postquantumcryptography

  20. If you are still designing and implementing cryptographic protocols that are insecure against attackers with quantum computers, what is wrong with you?

    Especially for companies there really is no excuse anymore and anyone who still uses pre-quantum crypto by the start of the next year should be fined. I’m sick and tired of the claims that it’s difficult, if you are not even working on it. (Which is evident from the lack of jobs in the field!)

    Maybe I should just start looking at projects, at least of companies and start filing CVEs…
    🤔

    #ITsec #postquantumcryptography #PQC