#quantique #cryptographie #PQC

J'apprends le terme de Q-day, qui désigne le jour où un CRQC (Cryptographically Relevant Quantum Computer, prononcer "cric") cassera tout. Le Q-day, selon les meilleurs experts, est entre deux et cent ans dans le futur.

C'est même déjà dans Wikipédia anglophone https://en.wikipedia.org/wiki/Q-Day

The paper I co-authored (“A Critical Analysis of Deployed Use Cases for Quantum Key Distribution and Comparison with Post-Quantum Cryptography”) was accepted for publication by “EPJ Quantum Technology” today.

You can find the preprint here, Nick will eventually update it with the final changes.

In short: We looked into existing use-cases for #QuantumKeyDistribution and whether they make any sense and did so as a joint team between people with a QKD-background and cryptographers who started out very critical of QKD. (I’m firmly in the latter camp.)

My personal summary (though some of my co-authors won’t share it to this extend): #QKD is bullshit and not useful for practical purposes as it stands.

#crypto #cryptography #cryptology #postquantumcrypto #PQC

OpenSSH 10.0 just landed, now completely removing DSA signature support (you've been warned, repeatedly :-) and finite-field diffie-hellman key exchange. It also enables mlkem768x25519-sha256 as the default kex! (#pqc)

The new version string ("OpenSSH_10.0") is also likely to confuse a bunch of stupid scanners that assume anything starting with "OpenSSH_1" is a 1.x version.

https://www.openssh.com/txt/release-10.0

#OpenSSL 3.5.0 LTS release with some #PQC algorithms, server side #QUIC support and more

OpenSSL is advancing into the quantum era with the upcoming release of OpenSSL 3.5, integrating post-quantum cryptographic algorithms such as ML-KEM (FIPS 203), ML-DSA (FIPS 204), and SLH-DSA (FIPS 205). This development ensures enhanced security against emerging quantum computing threats. For an in-depth analysis, refer to the article by Prof Bill Buchanan OBE FRSE: https://medium.com/asecuritysite-when-bob-met-alice/no-excuses-openssl-enters-the-quantum-age-ad29af287273

This Venn diagram showing which PQ algorithms are permitted by which government regulatory body from Mike Ounsworth's presentation at the Real World Post-Quantum Cryptography Workshop last week.

(Mike gave a version of that talk earlier this year at the PKIC conf: https://pkic.org/events/2025/pqc-conference-austin-us/WED_BREAKOUT_1200_Mike-Ounsworth_Architecting-PKI-Hierarchies-for-Graceful-PQ-Migration.pdf)

Sicherheits-Architekt. Wenn du vormittags elliptische Kurven für die Post-Quanten-Kryptographie evaluieren darfst und nachmittags einem Projektmanager erklären musst, dass das Telefon kein sicherer Kanal ist.

Post-Quantum #DNSSEC Testbed with BIND and PowerDNS

https://pq-dnssec.dedyn.io/

Just in time for Real World PQC Workshop:

I took at a look at who currently supports #PQC. The answer will not surprise you at all.

https://www.netmeister.org/blog/pqc-use-2025-03.html

I was just ranting about #QKD in a chat with someone, when I compared quantum-resiliant cryptography with quantum key distribution like this, and noticed that I really like this summary:

If you want to go 500 meter down the street you can either take your bike or call a helicopter to your place, have it hover over your home, climb up a rope ladder, have it fly you those 500 meters and dis-rope.

"Time to be crypto* agile, not fragile." - good criticism of the IETF's slow move on post-quantum cryptography adoption. "Stop getting in the way of consensus."

https://datatracker.ietf.org/meeting/122/materials/slides-122-pquip-ietf-is-quantum-fragile-01.pdf

* "crypto" means cryptography; always has, always will

NIST selects HQC (Hamming Quasi-Cyclic -- https://pqc-hqc.org/) for standardization as the second #PQC key-encapsulation mechanism after ML-KEM.

But no rush, "the final version will be published in approximately two years".

https://groups.google.com/a/list.nist.gov/g/pqc-forum/c/w-6RREtb7-c/m/vRjBJE3dAAAJ

https://nvlpubs.nist.gov/nistpubs/ir/2025/NIST.IR.8545.pdf

#OpenSSL will get the now standardized post-quantum cryptography algorithms (ML-KEM, ML-DSA, SLH-DSA) in 3.5 (planned release date is 2025-04-08):

https://openssl-library.org/post/2025-02-04-release-announcement-3.5/

This will include X25519MLKEM768, and will be enabled and preferred by default:

https://mailarchive.ietf.org/arch/msg/tls/g9sagkuAu8KlWpmJ30YdXbga5Xg/

At #IETF122, we will be co-organizing a side meeting on Post-Quantum DNSSEC research

Check out the agenda here:
https://wiki.ietf.org/en/group/pq-dnssec

Remote participation is possible

Scientists create world's 1st chip that can protect data in the age of #QuantumComputing attacks

https://www.livescience.com/technology/computing/scientists-create-worlds-1st-chip-that-can-protect-data-in-the-age-of-quantum-computing-attacks