Two papers came out last week that suggest classical asymmetric cryptography might indeed be broken by quantum computers in just a few years.
That means we need to ship post-quantum crypto now, with ...
@nprofile1q... I am inclined to agree with @nprofile1q... and to assume the NSA is pulling a DES stunt again [1]. Call me paranoid, but it seems like safer bet.
In your blog you mention that "hybrid key exchange is reasonably easy" but hybrid authentication is not. I am way out-of-the-loop on this, could you point me to an explanation on why hybrid authentication is hard(er)?
[1]: https://blog.cr.yp.to/20251004-weakened.html
In your blog you mention that "hybrid key exchange is reasonably easy" but hybrid authentication is not. I am way out-of-the-loop on this, could you point me to an explanation on why hybrid authentication is hard(er)?
[1]: https://blog.cr.yp.to/20251004-weakened.html
1
