Yes, everyone should upgrade to PQ encryption now. (Re: gpg4win expired code signing cert; please renew.)

have at anonymous.sex have at anonymous.sex
Thu Oct 16 21:42:56 CEST 2025 

On Thu, 16 Oct 2025 07:36:12 -0400, "Robert J. Hansen" 
<rjh at sixdemonbag.org> wrote [internal quote is Jay Acuna]:

>Do not confuse "its keyspace and blocksize are insufficient for today's 
>needs" with "DES is not worthy of serious study".
>
>>You are making an assumption about whom quantum cryptanlysis will 
>>eventually be available to.
>
>NSA isn't expecting it'll be available to their enemies until 2055. Add 
>fifteen years to that and you're projecting out to 2070.
>
>I'm not worried.

“...to *their* enemies...”  What if NSA is an adversary in your threat 
model?  It is now a worse threat even than it was before, due to the 
2025 dictatorial self-coup in the United States.  We’ve known since 
cypherpunks that cryptography is the greatest shield of free speech— 
while on 2025-09-25, the new U.S. régime decreed that much domestic 
political opposition and dissident speech is “domestic terrorism”.

https://www.whitehouse.gov/presidential-actions/2025/09/countering-domestic-terrorism-and-organized-political-violence/

In troubled times, why not have the long-term peace of mind of a free 
upgrade of your FOSS encryption software, including GnuPG 2.5.x?

As for blindly trusting NSA advice generally, sorry but I’m not:  Anyone 
who trusts NSA recommendations that *decrease* security is, in a 
charitable presumption, uninformed about events from the Church 
Committee, to NSA’s DES keyspace weakening to the point it was 
insufficient *in the 1970s*[0], to Snowden—among other things; and...

>[...] and that leads me to grave doubts about whether to take you 
>seriously.
(<https://lists.gnupg.org/pipermail/gnupg-users/2025-October/067894.html>, 
Robert J. Hansen wrote to someone else in another context.)

[0] http://www.toad.com/des-stanford-meeting.html

Always,

have at anonymous.sex

-- 
A makeshift way to distribute my current PQ-PGP key:
https://lists.gnupg.org/pipermail/gnupg-users/attachments/20250107/4732a382/attachment.key
01A6D81EEAD7EEEC393DEC1401F4894C154E1B8EE32E9059CA5566792A836823
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 297 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20251016/61a1a9f0/attachment.sig>

More information about the Gnupg-users mailing list