Some services are slowly developing post quantum resistant protocols for their services like Signal or Tutanota. When will this be a thing for the web?

  • Godort@lemm.ee
    link
    fedilink
    arrow-up
    3
    ·
    1 year ago

    It depends if the new encryption methods are compatible with the key exchange mechanism.

    • Spotlight7573@lemmy.world
      link
      fedilink
      arrow-up
      1
      ·
      1 year ago

      Considering this proposal is used for the key exchange, they definitely need to update both the client side and server side part to be able to make use of it. That’s the kind of thing that may take years but luckily it can fall back to older methods.

      It also needs to be thoroughly vetted so that’s why it’s a hybrid approach. If the quantum resistant algorithm turns out to have problems (like some others have), they’re still protected by the traditional part like they would have been, with no leaking of all the data.

      • CanadaPlus@lemmy.sdf.org
        link
        fedilink
        arrow-up
        1
        ·
        edit-2
        1 year ago

        So how does it work? I guess they exchange keys both ways and then hash them together?

        Honestly lattice encryption has been vetted for three decades now. We still can’t say for sure P is not NP, but I’m far more worried about someone getting a quantum computer early than a sudden breakthrough on breaking either kind of algorithm.

          • CanadaPlus@lemmy.sdf.org
            link
            fedilink
            arrow-up
            1
            ·
            edit-2
            1 year ago

            Huh. I guess whatever algorithm comes next is resistant to half of the secret being compromised, then.

            Edit: It looks like they concatenate things from the two algorithms a few times in the process, so maybe they figure it would be difficult to isolate a vulnerability assuming either one is strong.

    • CanadaPlus@lemmy.sdf.org
      link
      fedilink
      arrow-up
      1
      ·
      edit-2
      1 year ago

      Key exchange works pretty much the same way as with prime/DLP-based algorithms. It’s just different math (and more data!) being used.

      Source: Math background, I know how the magic works. At least in theory.