A security vendor called Wiz has published a state-of-PQC report this week with a line in it that should make anyone who has actually migrated anything ever in IT spit their coffee out with disgust. Can these guys get any more tone-deaf and arrogant? Session negotiation key exchange for both TLS and SSH is a … Continue reading Wiz Declares Post-Quantum Solved! Go Home Everyone →

The original Post Quantum 2016 competition yielded the core we all know already: ML-KEM (Kyber) for key encapsulation, plus ML-DSA (Dilithium), SLH-DSA (SPHINCS+), and FN-DSA (Falcon) for signatures. But ML-DSA and FN-DSA are lattice-based, which means a known concentration risk. If someone finds a serious break in structured lattices, you lose your KEM and most … Continue reading NIST Announces Third Round Post Quantum Signatures →

Newsflash! AES-128 holds up against quantum computers. Filippo Valsorda took a walk through the math last week. Ok, but we already knew that NIST treats AES-128 as the Category 1 benchmark by definition, and BSI recommends AES-128. Outside CNSA 2.0, no compliance regime requires moving off AES-128, and CNSA 2.0’s AES-256 mandate is for uniform … Continue reading AES-256 is the Bell Bottom Pants of Post-Quantum →

Raise your bloodied hand missing fingers if you lived through SHA-1 deprecation. What about 3DES? For those who don’t remember, Xiaoyun Wang, Yiqun Lisa Yin & Hongbo Yu published the collision attack in 2005. Google’s ad-revenue funded deep bench of engineers produced a working collision in 2017. The twelve miserable years between them were filled … Continue reading Migrate to 44 Now or Get Quantum Cracked →