Plans for Post-Quantum Cryptography in GnuPG
Robert J. Hansen
rjh at sixdemonbag.org
Mon Apr 13 04:37:16 CEST 2026
> I would like to know if there are any plans for GnuPG to support
> post-quantum cryptography schemes, specifically ML-KEM (Kyber) and
> ML-DSA (Dilithium) as these will be crucial in cryptography that is
> resistant to quantum computer attacks (a fast-growing threat).
Kyber is already present in the latest 2.5 series, which is (despite its
developmental version number) a GA release intended for all users.
There is no support at present for PQC in signing/certifying algorithms,
as the demand there seems slightly less. (And before anyone screams "how
can it be less?!", this is less in terms of user demand, and your voice
is in the minority.)
IMO, the necessary algorithms for PQC signing/certifying are not yet
ready for primetime. Dilithium is obviously the biggest component of a
signing/certifying system, but there are others, and things are still
evolving on the cryptography front. I'm sure that once things stabilize
LibrePGP will start supporting it quickly enough.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature.asc
Type: application/pgp-signature
Size: 236 bytes
Desc: OpenPGP digital signature
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20260412/e63c4173/attachment.sig>
More information about the Gnupg-users
mailing list