Mastodawn

Two papers came out last week that suggest classical asymmetric cryptography might indeed be broken by quantum computers in just a few years.

That means we need to ship post-quantum crypto now, with the tools we have: ML-KEM and ML-DSA. I didn't think PQ auth was so urgent until recently.

https://words.filippo.io/crqc-timeline/

A Cryptography Engineer’s Perspective on Quantum Computing Timelines

The risk that cryptographically-relevant quantum computers materialize within the next few years is now high enough to be dispositive, unfortunately.

Show thread

grrl_aex

@filippo

Considering the stakes, combined with the scope of resources some superpowers possess, plus the "disclose this and it might cost you your _life_" level of "nda" they enforce, I wouldn't count on "a few years". Might already be here?

I suspect anyone who might have the actual info as to what the state-of-the-art crypto-breaking capabilities are at the level of a military superpower, they certainly aren't in a position to talk openly about it.