I just watched a wonderful video about post-quantum encryption by Veritasium.

youtube link: https://youtu.be/-UrdExQW0cs

invidious link: https://invidious.nerdvpn.de/watch?v=-UrdExQW0cs

#encryption #security #postquantum

#EH20 Rosenpass – Ein #VPN zum Schutz vor #Quantencomputern
#ccc

https://piped.sp-codes.de/watch?v=ZxXDNFUN2Z4

https://media.ccc.de/v/eh20-4-rosenpa

Post Quantum Crypto für WireGuard VPN

Rosenpass ist ein neues #FOSS Projekt, in dem wir ein Add-on für #WireGuard entwickeln, das #PostQuantum Sicherheit ermöglicht.

Moderne asymmetrische Kryptografie basiert auf mathematischen Problemen, die von heutigen Computern nicht effizient gelöst werden können. Quantencomputer könnten diese Probleme mit Hilfe von Shors Algorithmus lösen, damit werden viele der modernen Kryptosysteme unbrauchbar. Zum Glück hat es aber noch niemand geschafft, einen Quantencomputer zu bauen, der ausreichend mächtig ist, um in der Praxis kryptografische Verfahren brechen zu können.

Dennoch ist es wichtig kryptografische Verfahren zu entwickeln, die auch von Quantencomputer nicht angegriffen werden können, um vorbereitet zu sein, sobald Quantencomputer einsatzfähig sind. Insbesondere Angriffen, bei denen verschlüsselte Daten heute gespeichert werden, um sie, ....

This was a common thread at yesterday's #RealWorldPQC conference as well: hashing is dominating the costs of post-quantum algorithms! (c/f using classical elliptic-curve crypto, where the cost is usually dominated by point addition and scalar multiplication).

https://iacr.org/submit/files/slides/2023/rwc/rwc2023/68/slides.pdf

#RealWorldCrypto #PostQuantum #Dilithium

https://www.securityweek.com/ai-helps-crack-a-nist-recommended-post-quantum-encryption-algorithm/

This is one of the most dishonest and misleading articles I've seen in a while, and I generally have very low expectations of tech journalists.

CRYSTALS KYBER isn't broken. This article is about side-channel attacks, which 1) are not a break against the cipher itself, and 2) are to be expected, and will be addressed over time.

The author also spends half the article regurgitating points from snake oil vendors... [1/n]

#crypto #cryptography #PostQuantum

Currently reading up on the SPHINCS+ spec to try to keep a little on top of developments in the post quantum cryptography field, and to distract myself from the boring as sin meetings I've had to deal with at work lately. Really liking some of the methods used to address a few of the early issues with SPHINCS, especially tree-less WOTS+ public key compression.

Maybe next I'll take some time to go laugh at some doomsayer who preaches that encryption will die when quantum computing is just a little further along.

https://sphincs.org/data/sphincs+-r3.1-specification.pdf

#Cryptography #Encryption #PQC #NIST #PostQuantum

Has anyone made first personal steps in migrating towards #postquantum #cryptography? I know it is a bit waste of time at this point to try to pick one of the options / libraries for use before they are better integrated, but still interesting.

I am afraid that if current encryption schemes are broken by #quantumcomputing it will more like being hit by a deadly meteroit then an earthquake. ☄️ This will not leave any technological component untouched.

"Quantum computing looms in our future like a technological earthquake, because quantum decryption threatens to compromise a foundational element of data encryption schemes."

#pqc #postquantum #cryptograhpy #cryptoagility

https://www.mondaq.com/unitedstates/fin-tech/1267752/quantum-computing-the-looming-threat-of-quantum-decryption

@mullvadnet Another request for you to bring back #postquantum #wireguard, please. #privacy

Biden Signs Post-Quantum Cybersecurity Guidelines Into Law. The new law holds the US Office of Budget and Management to a road map for transitioning federal systems to NIST-approved PQC.
https://www.darkreading.com/risk/biden-signs-post-quantum-cybersecurity-guidelines-into-law #cybersecurity #PostQuantum #Law #QuantumComputing #cryptography

I wonder if any #passwordmanager like #lastpass or #bitwarden are planning yet for #postquantum #quantumcomputing threats?
And as a nontechnical consumer, I’m wondering: will #2fa #2factorauthentication protect one from a #quantum attack?

Returning to pre-pandemic participation at the #IETF115 hackathon: #IETFHackathon co-chair @eckelcu writes about the 39 projects with 450 registered participants covering a broad range of tech including #DNS #IOT #SRv6 & #postquantum https://www.ietf.org/blog/ietf115-hackathon/

Hybridization with Kyber 768 of our CoverCrypt (https://github.com/Cosmian/cover_crypt) application-level encryption scheme is fast: ~500 microseconds encrypting or decrypting. Post-quantum big data is practical!

The only post-quantum public key scheme with attributes-based access policies, 100% designed in France, and 100% open source, so you know exactly what protects your (big) data.

#postquantum #cryptography #cybersecurity #cyberattacks #dataleaks #quantumcomputing #dataencryption

i needed to wake up my 🧠 post 🦃 coma. @DelendumV to the rescue! their zkp knowledge base is well-organized and quality https://kb.delendum.xyz. my 🧠 thanks you! #ZeroKnowledge #privacy #scalability #interoperability #composability #PostQuantum

i needed to wake up my 🧠 post 🦃 coma. @DelendumV@twitter.com to the rescue! their zkp knowledge base is well-organized and quality https://kb.delendum.xyz. my 🧠 thanks you! #ZeroKnowledge #privacy #scalability #interoperability #composability #PostQuantum

@cpl #KeepassXC is not #PostQuantum resistant. Nothing is that is available for this purpose.

The point i have about it is, we are certainly moving in that direction. When you put a database, encrypted or not on another server anywhere, you no longer have control over it. You will never know what becomes of it, you have no assurance it can be deleted and no assurance it was not compromised in transit.

Given this, best practice tells you the obvious, don't do it.

"Quantum computers are a boon and a bane."

#postquantum #quantumcomputing #cryptography #pqc

https://blog.cloudflare.com/sizing-up-post-quantum-signatures/

Been reading up on the round 4 submission of BIKE for the NIST PQC candidates. I like their approach, though I'm not yet entirely sold on weak keys having negligible impact on the DFR. Going to read up on Valentin Vasseur's Phd thesis on it and see if he makes a strong enough case for it as BIKE seems to conclude.

- https://bikesuite.org/files/v5.0/BIKE_Spec.2022.10.10.1.pdf
- https://tel.archives-ouvertes.fr/tel-03254461/document
#Cryptography #NIST #PQC #PostQuantum

White House begins transition to #PostQuantum #cryptography for federal agencies, conducts inventory of cryptographic systems: https://industrialcyber.co/news/white-house-begins-transition-to-post-quantum-cryptography-for-federal-agencies-conducts-inventory-of-cryptographic-systems/ | #QuantumComputing #infosec

White House Begins to Push Federal Post-Quantum Cryptography Migration - Nextgov

https://www.nextgov.com/cybersecurity/2022/11/white-house-begins-push-federal-post-quantum-cryptography-migration/379936/ #postquantum #cryptograpy

Google is already using #postquantum #cryptography candidate algorithms for some internal comms. https://cloud.google.com/blog/products/identity-security/why-google-now-uses-post-quantum-cryptography-for-internal-comms