Sophie Schmieg

@[email protected]
4.7K Followers
280 Following
5.4K Posts

Leading cryptography (ISE Crypto) at Google.

Opinions my own.

Content usually badly explained mathematics

professioncryptography engineer
hobbyKerbal Space Program
hobbyLego
hobbyFactory Sim Games
Sophie Schmieg8h ago
1k1d ago
OH: "Ein typisches CSU-Gesetz ist wie ein ICE 564: Es beginnt in München und endet in Karlsruhe." #eh23leaks
Sophie Schmieg15h ago

I post links about the quantum thing. That is my life now, I guess.

Anyways, here is Cloudflare following suit and setting 2029 as target date, and Scott slowing losing his mind over people being dumb on the internet.

https://blog.cloudflare.com/post-quantum-roadmap/

https://scottaaronson.blog/?p=9668

Cloudflare targets 2029 for full post-quantum security

Recent advances in quantum hardware and software have accelerated the timeline on which quantum attack might happen. Cloudflare is responding by moving our target for full post-quantum security to 2029.

The Cloudflare Blog
Sophie Schmieg1d ago
Filippo Valsorda1d ago

Two papers came out last week that suggest classical asymmetric cryptography might indeed be broken by quantum computers in just a few years.

That means we need to ship post-quantum crypto now, with the tools we have: ML-KEM and ML-DSA. I didn't think PQ auth was so urgent until recently.

https://words.filippo.io/crqc-timeline/

A Cryptography Engineer’s Perspective on Quantum Computing Timelines

The risk that cryptographically-relevant quantum computers materialize within the next few years is now high enough to be dispositive, unfortunately.

Sophie Schmieg1d ago

And the posts, they keep on coming.
I hundred percent agree with @filippo here, the question is not whether we're certain that a quantum computer exists by 2029, it's whether we're certain that one doesn't exist. And things have progressed far enough that non-physicists, or even physicists working in different subfields, can no longer reliably tell what's going on.

https://words.filippo.io/crqc-timeline/

A Cryptography Engineer’s Perspective on Quantum Computing Timelines

The risk that cryptographically-relevant quantum computers materialize within the next few years is now high enough to be dispositive, unfortunately.

Sophie Schmieg3d ago
Show threadClemens3d ago
@elizayer @sophieschmieg The CEO of Tailscale made that same point a few weeks ago on their personal blog at https://apenwarr.ca/log/20260316. This is so true, and every initiative to accelerate delivery with LLMs should really focus on these things first instead.
Every layer of review makes you 10x slower

We’ve all heard of those network effect laws: the value of a network goes up with the square of the number of members. Or the cost of commun...

Sophie Schmieg3d ago
Elizabeth Ayer3d ago

I'm a big fan of this explanation/rant from Andrew Murphy.

Taken as a whole, there are many bottlenecks in a corporate software development process. The "load-bearing" calendar is a great example!

Speeding up code creation just increases pressure on the bottleneck, which decreases throughput.

https://andrewmurphy.io/blog/if-you-thought-the-speed-of-writing-code-was-your-problem-you-have-bigger-problems

If you thought the speed of writing code was your problem - you have bigger problems | Debugging Leadership

AI coding tools are optimising the wrong thing and nobody wants to hear it. Writing code was already fast. The bottleneck is everything else: unclear requirements, review queues, terrified deploy cultures, and an org chart that needs six meetings to decide what colour the button should be.

Debugging Leadership
Sophie Schmieg5d ago

A very nice explainer why "if you're so worried about quantum computers, why haven't they factored 21 yet?" isn't a very convincing argument. Look at the labels of the graph, and how extremely close the various lines are for factoring 21 and 2048 bit numbers. Polynomial scaling remains polynomial, unfortunately, and by the time you can factor 21 you're almost ready to break RSA.

https://bas.westerbaan.name/notes/2026/04/02/factoring.html

Factoring is not a good benchmark to track Q-day

Homepage of dr. Bas Westerbaan, principal research engineer at Cloudflare, working on making the Internet post-quantum secure

Sophie Schmieg6d ago
Alex KretzschmarMar 31

Brutal.

When Microsoft acquired GitHub.

Show threadSophie SchmiegMar 31

And now also on Ars Technica:

@dangoodin

https://arstechnica.com/security/2026/03/new-quantum-computing-advances-heighten-threat-to-elliptic-curve-cryptosystems/

Quantum computers need vastly fewer resources than thought to break vital encryption

No, the sky isn't falling, but Q Day is coming, and it won't be as expensive as thought.

Ars Technica
Sophie SchmiegMar 31

Signal chat out of context.

@paulehoffman