Daniel J. Bernstein
@djb@mastodon.cr.yp.to
Designing cryptography (deployed now: X25519, Ed25519, ChaCha20, sntrup, Classic McEliece) to proactively reduce risks. Coined phrase "post-quantum" in 2003.
mastodon.cr.yp.to
Daniel J. Bernstein
@djb@mastodon.cr.yp.to
Designing cryptography (deployed now: X25519, Ed25519, ChaCha20, sntrup, Classic McEliece) to proactively reduce risks. Coined phrase "post-quantum" in 2003.
mastodon.cr.yp.to
@djb@mastodon.cr.yp.to
·
3d ago
@huitema @pedromj @paulehoffman @rsalz You're confused. The normal way to deploy post-quantum KEMs is _already_ as a second layer _on top_ of ECC. See the long list of examples at the top of https://blog.cr.yp.to/20251004-weakened.html What NSA has been trying to do is pay for IETF endorsement of a weaker alternative that removes ECC.
View full thread on mastodon.cr.yp.to
0
1
0
Conversation (1)
Showing 0 of 1 cached locally.
Syncing comments from the remote thread. 1 more reply is still loading.
Loading comments...