“The problem in a nutshell. Surveillance agency NSA and its [UK counterpart] GCHQ are trying to have standards-development organizations endorse weakening [pre-quantum] ECC+PQ down to just PQ.”
Part of this is that NSA and GCHQ have been endlessly repeating arguments that this weakening is a good thing… I’m instead looking at how easy it is for NSA to simply spend money to corrupt the standardization process… The massive U.S. military budget now publicly requires cryptographic “components” to have NSA approval… In June 2024, NSA’s William Layton wrote that “we do not anticipate supporting hybrid in national security systems”…
[Later a Cisco employee wrote of selling non-hybrid cryptography to a significant customer, “that’s what they’re willing to buy. Hence, Cisco will implement it”.]
What do you do with your control over the U.S. military budget? That’s another opportunity to “shape the worldwide commercial cryptography marketplace”. You can tell people that you won’t authorize purchasing double encryption. You can even follow through on having the military publicly purchase single encryption. Meanwhile you quietly spend a negligible amount of money on an independent encryption layer to protect the data that you care about, so you’re actually using double encryption.
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn’t great, if contents of the website are behind a paywall maybe copy them into the post
- Don’t promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
much thanks to @gary_host_laptop for the logo design :)
- 0 users online
- 113 users / day
- 519 users / week
- 1.44K users / month
- 4.49K users / 6 months
- 1 subscriber
- 4.3K Posts
- 109K Comments
- Modlog
Well I haven’t see the arguement for why Quantum resistent encryption would somehow be weaker to traditional cryptographic techniques. I understand that early “quantum encryption” alogrithms were flawed, and it’ll probably be a long time before we get the DES of Quantum Encryption. But all that means is that we don’t have vetted “strong” quantum encryption techniques yet, and should stick with traditional encryption since quantum encryption isn’t worth it yet. If Quantum encryption becomes worthwhile, we shouldn’t have “traditional encryption”, because it will be obsolete.
If the first cylinder lock was easily bypassed compared to my old reliable wafer lock, then why should I use the cylinder lock at all? Now that cylinder locks are better then wafer locks why should I use a tumbler lock at all? There is no added security by using a wafer lock.
Quantum computers represent a complete paradigmatic. Modern quantum computers beat classical ones on some problems, while still not being able to factor some 2 digit numbers.
A single algorithm would be probable arrive some day, but why risk it right now? The Signal protocol adopted Post-Quantum some years ago. They going for a hybrid, not well tested over several years against classical computers, algorithm, would have been a security disaster.