Quantum computers pose a grave threat to the cryptography we use today. Sure, they might not be built for another decade, but today’s secrets are nonetheless at risk: indeed, many adversaries have the capabilities to record encrypted traffic today and decrypt it later. In this talk, I give an overview of post-quantum cryptography (PQC), quantum-safe alternatives developed to alleviate this problem. I talk about the NIST PQC competition that will lead to new standards to replace RSA and ECC, I present our prototype integrations into real-life protocols and applications (such as TLS, SSH, and VPN), and our experiments on a variety of devices (from IoT, to cloud, to HSM). I discuss the Open Quantum Safe project for PQC development, and related open-source forks of OpenSSL, OpenSSH, and OpenVPN that can be used to experiment with PQC today. I'll present a demo of a post-quantum TLS 1.3 connection. Finally, I explain the practicality of PQC, and how to start experimenting with it to defend your applications and services against the looming quantum threat.
Christian Paquin Principal Research Software Engineer, Microsoft Research
Christian is a security specialist in the Microsoft Research Cryptography team with a mission to bridge the gap between academic research and real-world systems. With 25 years of experience, Christian has been involved in many industry-wide initiatives such as the development of privacy enhancing identity technologies (such as anonymous credentials), the ongoing post-quantum cryptographic migration, and the Coalition for Content Provenance and Authenticity (C2PA) to fight online disinformation. Christian shares some of his work results on his blog: https://christianpaquin.github.io