New work on improving SQIsign using two dimensional isogenies. A post-quantum signature scheme with compact public keys, signatures and the fastest verification of isogeny-based protocols so far.

eprint.iacr.org/2024/760

I saw an another update by Dustin Moody today. No big news:
- Final FIPS 203,204,205 still 'this summer.'
- Round 4 will also end in the fall (code-based KEM selection.)
- Signature on-ramp Round 2 selection will be ~15 of the 40 submissions, in a 'month or two' (not on slides.)

Since the release of Chrome 124 on April 17, we've been tracking post-quantum encrypted requests as a share of Cloudflare global HTTPS request traffic. Now you can too, in the new Post-Quantum Encryption Adoption graph in the Adoption & Usage section of CloudflareRadar.

Excited to share two new threshold encryption schemes.

More details here: hackmd.io/@guruvamsi-pol…

1. Silent Threshold Encryption (CRYPTO 2024 - ia.cr/2024/263): The first scheme to completely avoid interactive setup without using iO/WE.

Halfway through the return journey and I have something concrete to say about it: sam-jaques.appspot.com/static/files/5…

I didn't make it past step 4, but I tried to give some intuition on complex gaussians and Karst waves

(ICYMI others discovered a critical flaw; see the updated eprint)

Tracking down some TIMECOP alerts led to a 2021 gcc patch from ARM (gcc.gnu.org/git/?p=gcc.git…) turning (-x)>>31 into a bool, often breaking constant-time code. Can often work around with (-x)>>30, and asm is safer anyway, but for portable fallbacks we need security-aware compilers.

The rollout of Chrome 124 started yesterday, April 17, and it includes post-quantum key exchange enabled by default on desktop platforms.

With that rollout, post-quantum encrypted requests have grown to over 5% of Cloudflare global TLS 1.3 request traffic.

📈

I have been trying to make sense of the recent proposed quantum algorithm for Learning-With-Errors, and what it means in practice.

To do so I have created a document where I put my thoughts. Some may disagree with these thoughts, some may agree....

nigelsmart.github.io/LWE.html

Now up: How to manage a quantum computing emergency.

The industry is hard at work to transition our protocols to algorithms which would be safe if a cryptographically relevant quantum computer were developed. But what if we don't make it in time?

educatedguesswork.org/posts/pq-emerg…