[HN Gopher] Google's threat model for post-quantum cryptography
       ___________________________________________________________________
        
       Google's threat model for post-quantum cryptography
        
       Author : yuedongze
       Score  : 45 points
       Date   : 2024-03-11 19:56 UTC (3 hours ago)
        
 (HTM) web link (bughunters.google.com)
 (TXT) w3m dump (bughunters.google.com)
        
       | rihegher wrote:
       | In short all encrypted data transiting through internet will get
       | uncrypted once quantum computing is there. As if we didn't
       | already had enough threats to worry about...
        
       | tptacek wrote:
       | _Stateless tokens come with independent security concerns, and
       | moving towards stateful tokens is prudent just to ensure more
       | robust systems. [...] Our main recommendation is to use stateful
       | tokens where possible, given their additional security benefits._
       | 
       | This is smart. PQC schemes often add too much overhead for
       | interoperable cookie sizes. Instead of trying to cram a PQC
       | signature into a cookie, just stop using the stateless cookie
       | designs that require asymmetric signatures.
       | 
       | I'm not sure I buy the Global Risk Institute chart. I get that
       | they need to motivate adoption, but practical cryptanalytic work
       | with quantum computers seems unpromising right now.
        
       | dvh wrote:
       | This may be a naive question but why not go back to Vernam?
       | Storage is cheap.
        
       ___________________________________________________________________
       (page generated 2024-03-11 23:00 UTC)