0

I'm currently using GnuPG (RSA 4096), Encryption-based DLP, SSL, SSL-VPN, Password Manager
and other apps considered insecure by the IBM research team, who favor Lattice encryption over the standard asymmetric method.

What are the options of the community to future-proof our redundant and big data stored
digital assets and communication?

UPDATE: The goal of this question page is to provide practical answers if and when the community will be able to provide them.
As of today I'm not aware of any real-world applications that provide quantum-resilient data protection.

IBM Announcement on ZDNet

a_at_cyber_dot_training
  • 113
  • 3
  • 1
    you'll be fine. – hft Jan 26 '19 at 05:57
  • 2
    The question is kind of broad. There is no general answer for all kinds of cryptography (long-term vs. short-term like in TLS, encryption vs. signatures, desktop vs embedded, ...). And for many use cases there is no good and proven algorithm yet. Possible duplicate of [What kinds of encryption are \_not\_ breakable via Quantum Computers?](https://security.stackexchange.com/questions/48022), [Is there readily available encryption algorithms for current computers, that is safe from quantum computers](https://security.stackexchange.com/questions/121946). – Steffen Ullrich Jan 26 '19 at 08:24
  • Your question boils down to: "how can we provide certainty in an undefined future with undefined risks when what we are certain about is in question?" I'm not sure that's answerable without a lot of speculation and opinion. – schroeder Jan 26 '19 at 14:36
  • Note that there is a NIST standardization / competition going on [here](https://csrc.nist.gov/projects/post-quantum-cryptography) to select schemes for Post Quantum Cryptography or PQC. There are various libraries that already offer such schemes. I suspect that major standards like TLS and OpenPGP will be upgraded to support PQC *after* this process has finished, with the implementations being developed in parallel (if the devs are smart) or slightly behind (if the devs think that protocols are good without testing them). – Maarten Bodewes Feb 12 '19 at 01:10

0 Answers0