• @Chobbes
    link
    English
    11 year ago

    Post quantum cryptography is under development and is slowly being introduced in order to evaluate it / prevent store-and-decrypt-later attacks… But this is generally in more niche applications. SSH recently adopted post-quantum cryptography for key exchange, but it uses a hybrid approach with traditional cryptography in case the post-quantum stuff proves to be not as strong as we think… Signal is experimenting with post-quantum stuff as well. As far as I know, though, post-quantum cryptograhy hasn’t seen wide deployment, and I don’t think any of it is used with HTTPS yet (certainly not commonly, anyway). Depending on what you care about this could be a problem. If you just care that nobody else can authenticate as you, then yeah, once everything is moved over to post-quantum stuff you can just change all your passwords and hopefully you’ll be good… If you care that the data is private then this is a big problem, and in theory somebody could scrape all of the messages you’ve sent and the contents of everything that you’ve done on the web (probably government agencies and not normal people, but maybe this information later gets leaked to the public too). This could also be a problem for authentication, for instance if you’ve ever logged into your bank account you’ve probably seen your routing numbers which somebody could take and use to transfer money, in theory.

    It’s also worth noting that, as far as I know, we don’t actually know for certain that the post-quantum cryptography we’ve developed is secure. I think all we know is that it isn’t vulnerable to Shor’s algorithm, but there could be other exploits we don’t know about. This is of course also true for all of the cryptography we use today too. We don’t actually know how hard factoring into prime numbers is, for instance, but these algorithms have been in use for a long time and have been under a lot of scrutiny so we have more confidence in them.