Encrypt Using Post-Quantum & Classical Schemes for ‘Cryptographic Agility’
(DarkReading.com) The author Yehuda Lindell is an acknowledged skeptic about quantum computing. Nevertheless, he recommends that the cryptography research community should be focused on post-quantum secure cryptography. The good news is that this effort has been going on for years and is ongoing. The role of this research community is to make sure that we have the cryptography we need in the decades to come, and they are taking the issue seriously. (As a side note, symmetric encryption and message authentication codes are not broken by quantum computers, to the best of our knowledge.) Second, the cryptography research community should start thinking about standardization so that businesses are ready if the quantum threat does prove real. Once again, the good news is that NIST has already begun the process.
In terms of business, Lindell suggests firms shouldn’t buy post-quantum encryption and the like before standardization is complete. What if you need to encrypt something that has to remain secret for 20 years? In my opinion, you should still hold off. However, if you are very concerned, you can encrypt using a method that combines post-quantum and classical schemes. Such a method requires an attacker to break both schemes in order to learn anything.