I actually tinkered with https://github.com/open-quantum-safe and it’s actually quite simple to become “post-quantum” whatever. The main idea being that one “just” have to switch their cryptographic algorithm, what one uses to encrypt/decrypt a message, from whatever they are using to a quantum-resistant (validated by NIST or whomever you trust to evaluate them) and… voila! The only test I did was setting up Apache httpd and querying that server with Chromium and curl, all with oqs, while disabling cryptographic algorithms that were not post-quantum and I was able (I think ;) to be “safe” relative to this kind of attacks.
Obviously this is assuming a lot, e.g that there are not other flaw in the design of the application, but my point being that becoming quantum-resistant is conceptually at least quite simple.
Anyway, I find it great to demystify this kind of progress and to realize how our stack can indeed, if we do believe it’s worth it now, become resistant to more threats.
Neat.
Warning disclaimer : I’m not a cryptographer.
I actually tinkered with https://github.com/open-quantum-safe and it’s actually quite simple to become “post-quantum” whatever. The main idea being that one “just” have to switch their cryptographic algorithm, what one uses to encrypt/decrypt a message, from whatever they are using to a quantum-resistant (validated by NIST or whomever you trust to evaluate them) and… voila! The only test I did was setting up Apache httpd and querying that server with Chromium and curl, all with oqs, while disabling cryptographic algorithms that were not post-quantum and I was able (I think ;) to be “safe” relative to this kind of attacks.
Obviously this is assuming a lot, e.g that there are not other flaw in the design of the application, but my point being that becoming quantum-resistant is conceptually at least quite simple.
Anyway, I find it great to demystify this kind of progress and to realize how our stack can indeed, if we do believe it’s worth it now, become resistant to more threats.