Significant advances in quantum computing capabilities would spell theend of the public key infrastructure as we know it. Shor's algorithm,a quantum algorithm for efficiently solving the discrete logarithmproblem, means that computational problems whose hardness is thefoundation of public key crypto are easy to compute on a quantumcomputer.
All is not lost for asymmetric cryptography. Quantum key distribution(QKD) allow the establishment of a shared secret key under the soleassumption of an authenticated channel. Post-quantum cryptographylooks instead to replace the hardness assumptions on which public-keycryptosystems are built.
This talk will review computational assumptions relied upon bytraditional cryptography and why they fail the coming of the quantumcomputer. We will review proposed alternatives that are part of NIST'spost-quantum cryptography standardization's efforts.