Filippo Valsorda1d ago

Two papers came out last week that suggest classical asymmetric cryptography might indeed be broken by quantum computers in just a few years.

That means we need to ship post-quantum crypto now, with the tools we have: ML-KEM and ML-DSA. I didn't think PQ auth was so urgent until recently.

https://words.filippo.io/crqc-timeline/

A Cryptography Engineer’s Perspective on Quantum Computing Timelines

The risk that cryptographically-relevant quantum computers materialize within the next few years is now high enough to be dispositive, unfortunately.

Show threadohir1d ago

@filippo
> In symmetric encryption, we don’t need to do anything, thankfully

Ok. So the IoT garden must rewind to the Kerberos or physical provisioning. I can't imagine lattices on small silicon yet.

Thank you, Filippo.

Show threadm_eiman1d ago
@ohir @filippo I’m involved in modernizing crypto for protocol that needs to work at 9600 baud. These key sizes are going to be a terrible problem… and that’s just the bandwidth side, them there”s RAM and CPU on small embedded devices.
Show threadFilippo Valsorda1d ago
@mikaeleiman @ohir yup, it's not great, but it is what it is. (RAM is kinda fine if you optimize for it, and CPU is actually faster than classical. But yes, size sucks.)
Show threadKoos Pol 🇺🇦1d ago
@filippo @mikaeleiman @ohir Small devices which are part of a bigger system, but which are unable to take care of themselves should be behind a gateway/proxy anyway.
Show threadohir20h ago

@KoosPol @filippo @mikaeleiman
> should be behind a gateway/proxy anyway

IoT devices are not expected to have any external protection. This is a consumer market. We can not expect home owner to provide secure environment before they change old dumb LED-bulb for a new one equipped with BLE, motion sensors and microphones. Whether they use "smart" features of this bulb or not.

Then we have many mandated by law devices that must be put in the car for safety and for national security reasons. A prime example are the direct TPMS sensors. E.g. a hackable TPMS in the tire will not deny our abilities to accurately monitor the good actors movements, but it may afflict our ability to track movements of the bad actors were they able to tamper with emitted by the tire IDs to mimic a secure-facility employee's car.

Show threadKoos Pol 🇺🇦
@ohir @filippo @mikaeleiman For the consumer market i.r.t iot devices crypto is hardly relevant. Either you're a sysadmin and you've got your safe guards in place (e.g. vlan separation) or you're legally blonde and already clicked every permission your phone asked you to. In both cases PQ is "greenwasning".
But, I do strongly agree with you this needs legislation. Because then we can tackle the whole field.
4:50amWeb