Hacker News new | past | comments | ask | show | jobs | submit login

> But in any case, there’s already a push to switch to new cryptographic codes that already exist and that we think are quantum-resistant.

Hopefully this will happen soon. I don't know of any quantum-resistant ciphers though.

> I don't know of any quantum-resistant ciphers though.

Almost all widely used symmetric cryptography is more or less quantum resistant already.

Hash based signatures are the obvious quantum resistant signature, except where their size precludes them-- ( https://sphincs.org/ for a good example).

For key agreement and asymmetric encryption the story is more complicated. Classical error correcting code based cryptography has a lot of reasons to feel positive about it security, but the public keys are large enough to make them inapplicable to many applications. ( https://classic.mceliece.org/ for a good example )

For communications efficient key agreement or various zero-knowledge proofs other than signatures the field is much more complicated and the trade-offs less clear. There are a bunch of candidates in the NIST PQ contest, from several different distinct classes of hard problem. ( https://csrc.nist.gov/Projects/Post-Quantum-Cryptography )

> I don't know of any quantum-resistant ciphers though.

If you know them is however quite irrelevant.

But if you want to enlighten yourself: https://www.nist.gov/news-events/news/2019/01/nist-reveals-2...

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact