from otters_raft@lemmy.ca to tech@programming.dev on 14 Oct 21:30
https://lemmy.ca/post/53386626
The encryption protecting communications against criminal and nation-state snooping is under threat. As private industry and governments get closer to building useful quantum computers, the algorithms protecting Bitcoin wallets, encrypted web visits, and other sensitive secrets will be useless. No one doubts the day will come, but as the now-common joke in cryptography circles observes, experts have been forecasting this cryptocalypse will arrive in the next 15 to 30 years for the past 30 years.
The uncertainty has created something of an existential dilemma: Should network architects spend the billions of dollars required to wean themselves off quantum-vulnerable algorithms now, or should they prioritize their limited security budgets fighting more immediate threats such as ransomware and espionage attacks? Given the expense and no clear deadline, it’s little wonder that less than half of all TLS connections made inside the Cloudflare network and only 18 percent of Fortune 500 networks support quantum-resistant TLS connections. It’s all but certain that many fewer organizations still are supporting quantum-ready encryption in less prominent protocols.
threaded - newest
Signal’s update is certainly a great thing, but they were not the first, eh?
For instance, here’s a Tuta blog post from March 2024:
https://tuta.com/blog/post-quantum-cryptography
Yeah wireguard has something also, as a post quantum security aid.
You have the private and public keypair, but then an addition preshared key.
I was mainly sharing it for those that are interested in the details of the changes. I agree they’re not the first, and groups have been making these changes for a few years now. Signal did another change a few years ago:
arstechnica.com/…/signal-preps-its-encryption-eng…