Some services are slowly developing post quantum resistant protocols for their services like Signal or Tutanota. When will this be a thing for the web?
Some services are slowly developing post quantum resistant protocols for their services like Signal or Tutanota. When will this be a thing for the web?
Hmmm real need… we need it now, lots of traffic is being harvested now for cracking later.
Oh I fully agree. However, the people that control the purse strings in business will not take IT security seriously until something bad enough happens that it either makes the news or affects them directly.
Using a symmetric pre-shared key based VPN can help mitigate this issue. While the actual HTTPS data will still use non-PQR cryptography, Wireguard’s XChaCha20 and OpenVPN’s AES-256-CBC are considered safe against quantum computers since they don’t use asymmetric cryptography.
Of course, you still need to trust the VPN provider.
Awesome! Thats good info, thanks!
“Lots”
Citation needed
[This comment has been deleted by an automated system]
Who has an interest in cracking your https traffic to say, lemmy? If it’s a nationstate, they already have access to root private key certs and that attack angle will not be mitigated with “quantum” encryption. If it’s Capitalism, i.e. google-ads or whatever, then it’s a marginal utility issue. If they harvested some of your https traffic from 20 years ago, it’s pretty worthless as far as metadata for ad-targeting etc goes. I don’t really see what “quantum encryption” would gain you.
True it’s definitely tinfoil hat territory
I’m a nobody, and I don’t expect there’s anyone who wants to access my encrypted traffic, but someone out there is important enough to the right people that would love to get access to that kind of stuff.