Filippo Valsorda1d ago

Last year, my position was that we still had time to design PQ authentication mechanisms.

Now, based on the pace of progress and on statements like Google's, I believe:

1. we need to finish rolling out PQ key exchange yesterday
2. we need to start rolling out PQ auth now
3. it's too late to ship any new non-PQ design or system

https://blog.google/innovation-and-ai/technology/safety-security/cryptography-migration-timeline/

Quantum frontiers may be closer than they appear

An overview of how Google is accelerating its timeline for post-quantum cryptography migration.

Google
Show threadFrederik Braun �1d ago
@filippo I like their aggressive timeline, but I'm not sure there's any specific argument or reason that explains why it should be expedited. Am I missing something?
Show threadRelish the Cracker
@freddy @filippo as far as I can tell that timeline is because that is the timeline that has been set by NSA / NIST. Google is probably just trying to protect its access to sell devices / services to the government.
Mar 26 at 4:20pmWeb