Login

Recent searches

No recent searches

Search options

Not available on writing.exchange.
writing.exchange is one of the many independent Mastodon servers you can use to participate in the fediverse.
A small, intentional community for poets, authors, and every kind of writer.

Administered by:

Server stats:

334
active users

writing.exchange: AboutProfiles directoryPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.3.7

#pqc

2 posts2 participants0 posts today
Continued thread
Public
Alexander Hansen Færøy

This is undoubtedly the most promising Post-Quantum TLS deployment situation I have seen for #Tor since we started discussing it more actively in the team. Very exciting!

I hope that OpenSSL 3.5, when released, will make it into #Debian Trixie. That would make deployment of this so much more snappy and easy for the Tor network to upgrade, but that may be dreaming. The timelines here look quite difficult for that to happen, but let's hope.

#cryptography#pqc#pqcrypto
Continued thread
Public
Alexander Hansen Færøy

Lo and behold, #OpenSSL 3.5 (their upcoming LTS release) will come out here at the beginning of April, and it does indeed support some of these hybrid PQC schemes. Their recent beta2 announcement can be read here: openssl-library.org/post/2025- and their roadmap is at openssl-library.org/roadmap/in

Very excited by this work. Big kudos to the OpenSSL Team here! 🥳🎉 Already planning on giving this a spin with the C implementation of #Tor later this week to see how it goes!

OpenSSL Library · OpenSSL 3.5 Beta Release AnnouncementThe OpenSSL Project is pleased to announce that OpenSSL 3.5 Beta1 pre-release is released and adding significant new functionality to the OpenSSL Library.
#foss#cryptography#pqc
Public
John Leonard

The NCSC’s advisory deadline of 2035 for organisations to introduce quantum-safe algorithms is too late, according to some industry insiders.

The NCSC’s advisory deadline of 2035 for organisations to introduce quantum-safe algorithms is too late, according to some industry insiders.

computing.co.uk/news/2025/secu

www.computing.co.ukNCSC’s quantum safety deadlines too optimistic say industry insiders‘I’d halve all those numbers’
#ncsc#quantum#pqc
Continued thread
Public
𝕂𝚞𝚋𝚒𝚔ℙ𝚒𝚡𝚎𝚕

🧵 …ja und nein und vor allem ist es Marketing durch Angstmacherei. Quantenkomputer sind noch nicht wirklich einsetzbar obwohl es viele als solches gerne vermarkten.

»Quantenschlüssel aus der Sicht des CISO:
Quantentechnologien – ein Sicherheitsrisiko oder das Mittel der Wahl gegen Cyberangriffe? Warum, für wen und wo es wichtig ist, die Integration von Quantentechnologien zu starten.«

⚛️ csoonline.com/article/3846875/

CSO OnlineQuantenschlüssel aus der Sicht des CISOQuantentechnologien: ein Sicherheitsrisiko oder das Mittel der Wahl gegen Cyberangriffe? Warum, für wen und wo es wichtig ist, die Integration von Quantentechnologien zu starten.
#quantencomputer#pqcrypto#pqc
Public
𝕂𝚞𝚋𝚒𝚔ℙ𝚒𝚡𝚎𝚕

»The Quantum Apocalypse Is Coming. Be Very Afraid:
What happens when quantum computers can finally crack encryption and break into the world’s best-kept secrets? It’s called Q-Day—the worst holiday maybe ever.«

Since this is very much for us, I cannot deny it, but I see it as a marketing propaganda. To scare is also a marketing strategy.

👾 wired.com/story/q-day-apocalyp

WIRED · The Quantum Apocalypse Is Coming. Be Very AfraidBy Amit Katwala
#quantumcomputing#postquantum#it
Continued thread
Public
Jan Schaumann

Out of the top 100K domains, roughly 28K negotiate a quantum safe key exchange.

Almost all of those support both x25519_kyber768 and X25519MLKEM758; only 129 sites support SecP256r1MLKEM768. There are _no_ sites that support pure #PQC via e.g., mlkem768.

The overwhelming majority of sites that support PQC do so by way of Cloudflare. That percentage matches Cloudflare's overall coverage of the top 1M domains.

Pie chart showing share of top 1M domains by hosting provider: 31.6% Cloudflare, 13.1% Amazon AWS, 2.6% Google, 2.3% unknown, 2.2% Hetzner, 2.0% OVHcloud, 2.0% Akamai, 1.4% DigitalOcean
Public
𝕂𝚞𝚋𝚒𝚔ℙ𝚒𝚡𝚎𝚕

🧵 …neben dem vorhin erwähnten Marketing bezüglich des Post-Quantom Kryptografie ist darauf hin auch wieder die Angsmacherei davon. Das die mal angewendet wird ist klar aber wie ist die Frage.

»Ihre Passwörter sind bald wertlos: Quantencomputer knacken alles!
Quantencomputer revolutionieren die Rechenleistung. Sie lösen hochkomplexe Aufgaben in Sekundenschnelle. Doch die Technologie birgt auch Gefahren.«

⚛️ telepolis.de/features/Ihre-Pas

heise online · Ihre Passwörter sind bald wertlos: Quantencomputer knacken alles!By Christoph Jehle
#pqcrypto#quantencomputer#pqc
Public
Andrew Scott

I have written a new white-paper for Far Phase, where I analysed the most popular Australian banking websites (18 in all) and found that **none** of them protected people from quantum threats. This is despite bank interactions being 99% via websites and apps, and banks holding some of the most sensitive, long-lived data. Yet, nearly 40% of global secure web traffic is protected from quantum threats, and even the Google search engine offers this protection. Australians would not expect that a search engine offers better post-quantum protection for their sensitive data than Australia's biggest banks. With technology enablers making this easier to implement in the next couple of months, Australian banks should urgently update their websites to protect their users.
farphase.com/white-paper-on-au
#quantum #pqc #australia #banking #cybersecurity #farphase #whitepaper

White-paper: Australian Banking Websites Are Not Ready for Post Quantum Cryptography
Public *
John Leonard

UK cybersecurity agency National Cyber Security Centre is recommending that organisations start replacing existing asymmetric public key cryptosystems with post-quantum cryptography (PQC) alternatives to defend themselves against quantum computers

computing.co.uk/news/2025/secu

www.computing.co.ukQuantum computing is coming for your cryptography, warns NCSCNo need to panic just yet, but plans to move to quantum-safe alternatives should be in place by 2028 at the latest
#technews#quantum#quantumcomputing
Public
Jan Schaumann

#OpenSSL will get the now standardized post-quantum cryptography algorithms (ML-KEM, ML-DSA, SLH-DSA) in 3.5 (planned release date is 2025-04-08):

openssl-library.org/post/2025-

This will include X25519MLKEM768, and will be enabled and preferred by default:

mailarchive.ietf.org/arch/msg/

OpenSSL Library · OpenSSL 3.5: Upcoming Release AnnouncementThe freeze date for OpenSSL 3.5 Alpha is rapidly approaching. If you have a feature on the planning page, please ensure that your associated PRs are posted, reviewed, and ready to be merged before the include/exclude decision date (Tuesday, February 11, 2025) and merged before the repository freeze date (Tuesday, February 25, 2025). Otherwise, the feature will be postponed until the next release. Important dates Feature branches include/exclude decision date: February 11, 2025 Feature branches merge: February 18, 2025 Repository freeze date: February 25, 2025 Alpha release date: March 11, 2025 Beta release date: March 25, 2025 Release date: April 8, 2025 Current highlights of the feature list planned for 3.
#pqc
Public
Jan Schaumann

Looks like Google has enabled X25519MLKEM768 for Gmail STARTTLS:
```
$ openssl s_client -groups X25519MLKEM768 -starttls smtp -connect gmail-smtp-in.l.google.com.:25
Connecting to 2607:f8b0:4004:c07::1b
CONNECTED(00000005)
[…]
New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384
[…]
250 SMTPUTF8
```

Neat!

#pqc
ExploreLive feeds
About