And let me add another. https://blog.cloudflare.com/you-dont-need-quantum-hardware/
On Mon, Mar 23, 2026 at 5:42 PM Sophie Schmieg <sschmieg= [email protected]> wrote: > In case you also want an industry perspective, on top of the perspective > of NSA, GCHQ, BSI, every other European cybersecurity agency, and probably > many others I'm forgetting saying that QKD is not a deployable solution, > and does not appear to be a deployable solution any time soon, here is > Google's blog post on this topic: > > > https://bughunters.google.com/blog/googles-commitment-to-a-quantum-safe-future-why-pqc-is-googles-path-forward-and-not-qkd > > On Mon, Mar 23, 2026 at 9:21 AM John Mattsson <john.mattsson= > [email protected]> wrote: > >> Code-based and hash-based cryptography are from the 70-ties. QKD might >> have deployments, but it is not at all mature as a practical security >> technology, marketing is mostly snake-oil, current deployment are >> practically insecure, and both vendors and users of QKD have very little >> understanding of security. Many statements from QKD vendors and users are >> truly horrendous. Any company claiming that QKD is practical is a major >> red flag, indicating either a lack of understanding of security or a >> disregard for it. >> >> Anybody that have invested in QKD should see it as a sunk cost. >> >> >It also, unlike PQC algorithms, has a (physical) proof that if it >> succeeds then the information exchanged is indeed private. >> >> No, protection against MITMs is based purely on classical (non-quantum) >> cryptography. >> >> Cheers, >> John Preuß Mattson >> >> *From: *Yaakov Stein <[email protected]> >> *Date: *Monday, 23 March 2026 at 17:06 >> *To: *Salz, Rich <[email protected]>, Andrei Popov >> <[email protected]> >> *Cc: *[email protected] <[email protected]> >> *Subject: *[TLS] Re: LS on the work item related to QKD and TLS >> integration framework in SG13 >> >> >> >> >> >> *From:* Salz, Rich <[email protected]> >> *Sent:* Monday, March 23, 2026 2:31 PM >> *To:* Andrei Popov <[email protected]> >> *Cc:* [email protected] >> *Subject:* [TLS] Re: LS on the work item related to QKD and TLS >> integration framework in SG13 >> >> >> >> It can be as simple as >> >> The TLS working group feels that QKD is still too premature to be a >> secure solution to any problem. We note that other organizations also feel >> this way [refs to UKNCSC, NSA if needed]. We are unlikely to do any work in >> this area now. We suggest that you look at the QCRG, in our related >> organization the IRTF, which has active QKD discussions. >> >> >> >> WHAT???? >> >> >> >> QKD is a much more mature technology than PQC, dating back to 1984. >> >> (I used QKD in the 1990s). >> >> There are multiple vendors with significant sales – >> >> the market size exceeded $600M in 2025 with a CAGR of 30%. >> >> It also, unlike PQC algorithms, has a (physical) proof that if it >> succeeds then the information exchanged is indeed private. >> >> >> >> Sure, QKD can be expensive, may be limited in range, doesn’t presently do >> DSA, >> >> and (despite the proof) there are implementation and timing attacks, >> >> but saying that it is “premature” may be “simple”, but is certainly >> incorrect. >> >> >> >> Y(J)S >> >> >> >> >> This message is intended only for the designated recipient(s). It may >> contain confidential or proprietary information. If you are not the >> designated recipient, you may not review, copy or distribute this message. >> If you have mistakenly received this message, please notify the sender by a >> reply e-mail and delete this message. Thank you. >> _______________________________________________ >> TLS mailing list -- [email protected] >> To unsubscribe send an email to [email protected] >> > > > -- > > Sophie Schmieg | Information Security Engineer | ISE Crypto | > [email protected] > > _______________________________________________ > TLS mailing list -- [email protected] > To unsubscribe send an email to [email protected] >
_______________________________________________ TLS mailing list -- [email protected] To unsubscribe send an email to [email protected]
