|
|
|
|
|
|
by mswphd
13 days ago
|
|
|
these have always been an issue, and were the motivation for starting the NIST standardization in ~2016. My point is more that recent developments in quantum computing have caused many cryptographers to go from "we should do this so people are secure if progress happens in the decades from now" to "this may be a near-term issue, and we should prioritize transition for user safety issues". You can read some about this in a cloudflare article from 2 months ago, which mentions some recent developments that have people concerned about possible "Q-day" being in ~2029-2030". This is much earlier than what was the consensus 5 years ago. https://blog.cloudflare.com/post-quantum-roadmap/ Part of this is because of a 3rd reason to transition early, which is the "long tail" of deployments which will switch over (potentially very) slowly. Think embedded/iot devices that are either difficult to patch, or have vendors who are not as security-focused. |
|
|
More money for quantum research increases the possibility of breakthroughs, while simultaneously more money for PQC research means more practical, reliable post-quantum cryptosystems that can actually be implemented.
End result is fairly quickly you go from "this is a problem for the fairly distant future and ECDHE is fine" to "we should implement PQ key exchange basically right now"