[Cryptography] Two physics experiment questions
Peter Gutmann
pgut001 at cs.auckland.ac.nz
Sat May 23 06:11:10 EDT 2026
I was updating the slides for my talk ("Why quantum cryptanalysis is
bollocks") and there are two things I've got in there which are kind of open
questions, so I was wondering what the studio audience thought:
Firstly, the NSA has been pushing for pure PQCs (not hybrids), and several of
the five-eyes partners have followed suit with either the same or hybrids.
The two biggest targets of the NSA, namely Russia and China, don't seem to
care (Russia doesn't appear to be doing anything of note and China has been a
few months away from announcing something about PQC algorithms for about five
years now, and even then it's not government policy yet but something from the
NGCC if it ever appears). Neither of them seem to have any pressing concern
about physics-experiment-based attacks. Why, if they're the two most obvious
targets?
Secondly, Shor's algorithm is over thirty years old, dating from before when
some of the people currently working on PQC stuff were born. What triggered
the panic over the last few years?
Peter.
More information about the cryptography
mailing list