PQCrypto Usage & Deployment

Updated: May 24, 2017

Here's a list of software that incorporate PQCrypto (post-quantum cryptography), that is, cryptography resistant to attack from quantum computers.

Note on QKD: Quantum Key Distribution, an unrelated technology, is probably snake oil. It will not be discussed here.

Background information

Symmetric / secret-key cryptography

Grover's algorithm will reduce symmetric cipher security by a square root. So against a quantum computer running Grover's algorithm, AES-256 will provide a comfortable security level of 2^128. However, AES-128 will only provide a security level of 2^64, which will render it broken. (Keep in mind that attackers are storing ciphertext now for later analysis.) The following ciphers are recommended for long term security against quantum cryptanalysis:

Public-key cryptography

Signatures: SPHINCS-256

Help wanted!

See also

The following have not been recommended by the PQCRYPTO Project, but are worthy of further study and experimentation.

Key Exchange: Newhope


Timeline notes

See also this Wikipedia article for further reading.

Post-quantum crypto support coming soon!

"Powered by Post-Quantum Crypto"