Dear, all,
Late to reply to some emails. I was just travelling ;)
> I am now thinking in terms of 'Post Quantum Hardened" and "Post
Quantum
> Qualified". Hardening a system so it doesn't completely break
under QCC
> is a practical near term goal. Getting to a fully qualified
system is
> going to be a root-and-canal job.
There is a notion of being 'quantum annoyant' to a quantum computer:
perhaps that might be an starting point for other schemes that do no
have a post-quantum counterpart as of right now. For others, a hybrid
approach should definitly be taken such that classical cryptography
still protects data.
I am using PQC to protect the data and Threshold-ECC to protect the data
with separation of roles.
Unfortunately, Threshold-ECC does not have a propely assesed quantum
secure version. There is some thoughts over here if interested:
https://csrc.nist.gov/CSRC/media/Events/Second-PQC-Standardization-Conference/documents/accepted-papers/cozzo-luov-paper.pdf
Thanks,
--
Sofía Celi
@claucece
Cryptographic research and implementation at many places, specially Brave.
Chair of hprc at IRTF and anti-fraud at W3C.
Reach me out at: cheren...@riseup.net
Website: https://sofiaceli.com/
3D0B D6E9 4D51 FBC2 CEF7 F004 C835 5EB9 42BF A1D6
_______________________________________________
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls
