QC resistant algorithms?
Robert J. Hansen
rjh at sixdemonbag.org
Wed Dec 16 23:21:21 CET 2015
> Long story short, there exist algorithms that are hypothesised tho be
> QC-resistant, though as far as I know nothing is proven in that
The one-time pad is proven QC resistant.
With respect to hypothesis, remember that *none* of the ciphers in
OpenPGP are proven to be resistant against even classical computers, and
we won't until there's a solid proof that P != NP. QC-resistant
algorithms are in much the same state: a formal proof that an algorithm
was QC-resistant would be breathtaking and shocking, and possibly on the
level of a P != NP proof.
> Those that do exist, there's still a substantial possibility
> that they'll be broken.
Some. Others look quite solid -- e.g., Lamport signatures.
More information about the Gnupg-users