Daniel J. Bernstein
@djb@mastodon.cr.yp.to
Designing cryptography (deployed now: X25519, Ed25519, ChaCha20, sntrup, Classic McEliece) to proactively reduce risks. Coined phrase "post-quantum" in 2003.
mastodon.cr.yp.to
Daniel J. Bernstein
@djb@mastodon.cr.yp.to
Designing cryptography (deployed now: X25519, Ed25519, ChaCha20, sntrup, Classic McEliece) to proactively reduce risks. Coined phrase "post-quantum" in 2003.
mastodon.cr.yp.to
@djb@mastodon.cr.yp.to
·
4d ago
@huitema@social.secret-wg.org @paulehoffman@infosec.exchange @rsalz@ioc.exchange I've been tracking the arguments and counterarguments (see https://blog.cr.yp.to/20260221-structure.html for a chart) and I don't see where you're getting this "promoting" idea from. Both sides of the debate want to roll out PQ to try to stop quantum attacks. The difference is that one side says you're allowed to replace ECC with _just_ PQ, whereas the other side is requiring ECC+PQ (at negligible extra cost) to reduce the damage caused by more failures of PQ security.
View full thread on mastodon.cr.yp.to
0
1
0
Conversation (1)
Showing 0 of 1 cached locally.
Syncing comments from the remote thread. 1 more reply is still loading.
Loading comments...