Quantum computers pose a grave threat to the cryptography we use today. Sure, they might not be built for another decade, but today’s secrets are nonetheless at risk: indeed, many adversaries have the capabilities to record encrypted traffic today and decrypt it later. In this talk, I give an overview of post-quantum cryptography (PQC), quantum-safe alternatives developed to alleviate this problem. I talk about the NIST PQC competition that will lead to new standards to replace RSA and ECC, I present our prototype integrations into real-life protocols and applications (such as TLS, SSH, and VPN), and our experiments on a variety of devices (from IoT, to cloud, to HSM). I discuss the Open Quantum Safe project for PQC development, and related open-source forks of OpenSSL, OpenSSH, and OpenVPN that can be used to experiment with PQC today. I'll present a demo of a post-quantum TLS 1.3 connection. Finally, I explain the practicality of PQC, and how to start experimenting with it to defend your applications and services against the looming quantum threat.
Christian Paquin ,
I’m cryptography and security engineer at Microsoft Research where I aim to bring new research innovations closer to reality. My work focuses lately on privacy-preserving identity, post-quantum cryptography, and content origin and authentication (especially surrounding the work of the C2PA in which I’m a member of the technical working group). Prior to joining Microsoft I was a crypto developer at Zero Knowledge Systems developing a TOR-precursor mixnet and the Chief Security Engineer at Credentica.