Because the common good sense says that the assurance of the ‘“old” good crypto’ is over, which is the whole point of this exercise.
When your data has a long life - only PQ part matters, otherwise it’s just whether it will be compromised even sooner. When your data is short-lived - you don’t need the PQ part, and may not care if it’s present, weak, or whatever. — Regards, Uri Secure Resilient Systems and Technologies MIT Lincoln Laboratory > On Feb 25, 2026, at 11:50, DA PIEVE Fabiana > <[email protected]> wrote: > > > This Message Is From an External Sender > This message came from outside the Laboratory. > In my personal capacity, I have to say that in all this discussion it is not > clear to me yet the main issue - the reason why we would go for a path that > is not based on a common good sense, by removing the assurance of security > given by “old” good crypto. This adds up to the fact that the cost of keeping > it is actually cheap, and to the fact that an outstanding work has been done > already to deploy hybrid ML-KEM in TLS. Hybrid ML-KEM is such a cheap way to > reduce risks. So, overall, I still cannot crystallize in my head what is the > advantage in security and costs in throwing away ECC and how to reconcile > this with what is pushed in my own part of the world. Not sure what would be > the advantage in fragmenting things now. I would like to invite all EU > researchers or anyway all those with whom I am contact to write to me to help > me increasing my understanding of the exceptional need for all this, and > eventually share their technical concerns, to see if they overlap with mine, > in case you would have time and you would be willing to do so. I thank > everybody here for the discussion. > > Fabiana Da Pieve > Program Manager > > <image001.gif> > > European Commission > DG Communications Networks, Content and Technology > Unit C4 – Emerging & Disruptive Technologies > > _______________________________________________ > TLS mailing list -- [email protected] > To unsubscribe send an email to [email protected]
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ TLS mailing list -- [email protected] To unsubscribe send an email to [email protected]
