← Back to Topics

Post-Quantum Cryptography

The cluster discusses post-quantum cryptography, including its development, NIST standardization efforts, quantum-resistant algorithms like lattice-based schemes, and the urgency of transitioning from current encryption vulnerable to quantum computers.

➡️ Stable 0.7x Security
2,082
Comments
19
Years Active
5
Top Authors
#7931
Topic ID

Activity Over Time

2008
1
2009
11
2010
10
2011
12
2012
38
2013
54
2014
32
2015
56
2016
125
2017
141
2018
146
2019
134
2020
69
2021
168
2022
220
2023
208
2024
347
2025
305
2026
7

Top Contributors

tptacek (86) hannob (37) chasil (20) api (17) bawolff (17)

Keywords

US SCMP ECDSA QC ieee.org eprint.iacr RSA DES googleblog.com FHE quantum cryptography encryption quantum computing resistant quantum computers rsa algorithms post schemes

Sample Comments

_Microft Jul 11, 2022 View on HN

Post-quantum cryptography is a thing:https://en.wikipedia.org/wiki/Post-quantum_cryptography

hannob Mar 23, 2021 View on HN

Yes and kinda yes.There's a standardization process going on for post quantum cryptography at the US NIST. Results expected before the almighty RSA-breaking quantum computer arrives.There's still a concern about store-and-encrypt-later (i.e. someone can store encrypted communication today and decrypt it once a QC is available), and how relevant that is depends on some unknowns (how many years to you expect your comms to be secret? how many years till a usable QC is available?).

xg15 Mar 25, 2024 View on HN

"Post-Quantum" crypto is already being rolled out in expectation of that though.

sctb Jul 9, 2016 View on HN

Recent discussion about post-quantum cryptography at Google: https://news.ycombinator.com/item?id=12050220

onethought Dec 12, 2020 View on HN

We could use quantum resistant cryptography if this is an actual concern.

api Jul 25, 2020 View on HN

It's entirely possible that QC will arrive but will be more of a special purpose accelerator for certain algorithms (think of the way custom ASICs can accelerate specific operations) rather than a general purpose thing. Some form of general purpose QC may happen eventually but that might take quite a bit longer, and it may take longer still for it to be commonplace.In the meantime there will be a strong need for classically computable cryptographic algorithms that are strong against atta

sterlind Nov 8, 2020 View on HN

I think it depends. Imagine a future where quantum computers may be in reach by intelligence agencies, but a quantum-resistant public key encryption algorithm has been proposed but not rigorously defended. You wouldn't want to trust either algorithm alone, so you can use both: encrypt the data with the quantum algorithm first, then by the classical one. Decrypting would require breaking both, there's no shortcuts.

beisner Mar 28, 2023 View on HN

There are quantum-resistant encryption schemes.See: https://en.wikipedia.org/wiki/Post-quantum_cryptography

jwilk Nov 10, 2017 View on HN

Non-mobile link:https://en.wikipedia.org/wiki/Post-quantum_cryptography

activatedgeek Mar 25, 2017 View on HN

Ok it looks like this article has some good starting points. https://en.wikipedia.org/wiki/Post-quantum_cryptography