> PQ algos are currently not strong > enough to stand on their own against classical attacks. Cloudflare’s > experience with SIKE is evidence of this; the fact that they used a > hybrid protocol is what protected them and their customers. I think it > is irresponsible at this time to push for PQ alone, compared to hybrids > that give the full protection currently afforded by ECC.
Lattices and Lattice-based cryptography have been studied for several decades now. I have full confidence in the NIST winners. Most of the weak algorithms were discarded by the PQC competition early on, one (SIKE) lasted longer — but still fell off. It merely proves that NIST PQC process worked as expected. Note that if those Cloudflare’s customers really had data that required protection beyond CRQC time (which I’m sure they didn’t, but) — they’d be hosed now no matter what.
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ TLS mailing list -- [email protected] To unsubscribe send an email to [email protected]
