Linux Foundation Forms Post-Quantum Cryptography Alliance

Jakub Lewkowicz reports via SD Times: The Linux Foundation has recently launched the Post-Quantum Cryptography Alliance (PQCA), a collaborative effort aimed at advancing and facilitating the adoption of post-quantum cryptography in response to the emerging threats of quantum computing. This alliance assembles diverse stakeholders, including industry leaders, researchers, and developers, focusing on creating high-assurance software implementations of standardized algorithms. The initiative is also dedicated to supporting the development and standardization of new post-quantum cryptographic methods, aligning with U.S. National Security Agency's guidelines to ensure cryptographic security against quantum computing threats.

The PQCA endeavors to serve as a pivotal resource for organizations and open-source projects in search of production-ready libraries and packages, fostering cryptographic agility in anticipation of future quantum computing capabilities. Founding members include AWS, Cisco, Google, IBM, IntellectEU, Keyfactor, Kudelski IoT, NVIDIA, QuSecure, SandboxAQ, and the University of Waterloo. [...] [T]he PQCA plans to launch the PQ Code Package Project aimed at creating high-assurance, production-ready software implementations of upcoming post-quantum cryptography standards, beginning with the ML-KEM algorithm. By inviting organizations and individuals to participate, the PQCA is poised to play a critical role in the transition to and standardization of post-quantum cryptography, ensuring enhanced security measures in the face of advancing quantum computing technology. You can learn more about the PQCA on its website or GitHub.

Quite right

[Mononymous]

No one really knows how right now, but it is within the realm of possibility that RSA and other current cryptosystems will be rendered obsolete by quantum computing devellopments in the next few decades.
It's important to prepare other sorts of algorithms just in case.

Re:

[Anonymous Coward]

>It's important to prepare other sorts of algorithms just in case.
Sure but it isn't as if work isn't already happening on this subject, for example NIST, Google, and Cloudflare have been working on it for years. OpenSSH supports a lattice-based key exchange (Streamlined NTRU Prime)
Maybe the alliance can hit the algorithms hard and make sure they don't have weakness before mass adoption...

Re:

[gweihir]

Not really. QCs, if they ever work, cannot win an arms-race against conventional computing in this space. I am pretty mich convinced the whole "post quantum" is a concerted effort to place backdoors. Well, ath this time the proposals are so laughably weak that we may not get any post quantum crypto anyways.

Re:

[optic acid]

Absolute poppycock.

> concerted effort to place backdoors

What? Have you thought this through just for a second? How does this even make ANY sense? Why would everyone and their grandmother then be pushing for, and deploying, PQC in *hybrid* modes with classic algorithms specifically designed such that backdoors in PQC are only useful if you can ALREADY break classic stuff? And, if they could already break classic stuff who in their right mind would push for PQC at all if they actually care about breaking c

Re:

[gweihir]

You really have no clue what you are talking about. Fascinating.

Re: Quite right

[Plugh]

For the record I agree with you. Looking at the history of NSA and NIST and the escalating awareness of encryption and non experts thinking useful QCs are imminent (they are AT LEAST 2 decades away) is the perfect fear environment for sneaking in weaknesses.

Re:

[optic acid]

Why would you think I have no clue? Like what *actually* justification do you have to think that?

All you seem to be doing here is wallowing in your own cynicism, knee-jerk tin-foil hat BS and being an ass to people who contradict you. What you haven't done is provide a shred of evidence or data to support conspiracy claims nor ad hominins.

Let give you an example of what actually data supporting an argument looks like.

Claim: Neither NIST nor the NSA nor any other US Gov org was involved in defining the schem

Re:

[coofercat]

Indeed - and NIST are already on the case, having approved a handful of PQ-safe algorithms.

The thing to note here is that most workflows use a non-PQ public key algorithm to negotiate AES256 keys. The AES bit is actually PQ-safe, so "all" that needs to change is the public key bit that negotiates the keys. I believe SSH has a PQ-safe option, or at least its in the works. Browsers need to start supporting something, and then actually a lot of the world is covered (80/20 rule, and all that).

Seating Charts.

[geekmux]

The initiative is also dedicated to supporting the development and standardization of new post-quantum cryptographic methods, aligning with U.S. National Security Agency's guidelines to ensure cryptographic security against quantum computing threats.

Translation: Pay no attention to certain conference attendees being escorted in through the back door, because “threats”.

Enough Silliness.

[WorBlux]

Can the Linux foundation bring back the community seats, and provide independent Linux developer positions? This endless steam of alliances and foundations where all the foundation member sit in a big circle jerk congratulating themselves on keeping up with the next computing trend is starting to get silly. Really there are spending more on blockchain then on their core product.

Let's hope they do better than NIST

[thegreatemu]

They are not the first by far to be thinking about post-quantum cryptography. Crypto is hard, maybe even more so than quantum. A few years ago NIST endorsed several "post-quantum" algorithms, at least one of which was shortly cracked on a regular computer [acm.org]

Re:

[bws111]

SIKE was not endorsed by NIST. It was a candidate for standardization. It failed.