Peertube version: https://tube.blahaj.zone/w/putah3KxfymBBHtx8uXqBE

So much fear mongering and incorrect statements... and I'm only 3 minutes in. I can't...

Nearly all encryption mechanism currently in use on the modern internet is quantum resistant. Breaking RSA-2048 would require millions of stable, error-corrected qubits. I believe the biggest systems right now are at 500 bits at most.

The NIST Post-Quantum Cryptography project has finalized new quantum-resistant algorithms like CRYSTALS-Kyber and Dilithium. These will replace RSA and ECC long before practical quantum attacks exist. Migration has already started.

Symmetric cryptography is mostly safe. Algorithms like AES, SHA-2, SHA-3, and similar remain secure against quantum attacks. Grover's algorithm can halve their effective key strength. Example: AES-256 becomes as secure as AES-128 against a quantum attacker. To crack on AES-128 hash with current efficiency you need ~88TW of power... Even if we make it 10 or 100x more efficient over time... It's too expensive. We don't have the resources to power anything big enough to crack aes-128... The biggest nuclear reactor (Taishan) only puts out a mere 1,660MWe...

It's not happening in our lifetimes. and probably not at all until we start harvesting stars.

Edit: Several typos.

Edit 2: For the AES-256 example that get's reduced to AES-128. It would take implementing efficiencies that reduce power usage by 1000x (there's a few methods that might get worked out in our lifetimes... lets just take them as functional right now). Then you'd need 55 of the biggest nuclear reactors we have on the planet... Then you wait a year for the computer to finish the compute. That decrypts one key.

Weaker keys might be a problem. Sure. But by the time we're there... it won't matter. For things like Singal, Matrix, or anything else that's actively developed... Someone might store the conversation on some massive datacenter out there... And might decrypt it 200 years from now. That's your "risk"... Long after everyone reading this message is dead.

Edit 3: Because I hadn't looked at it in a few months... I decided to check in on Let's Encrypt's (LE) "answer" to it. Since that's what most people here are probably interested in and using. First... remember that Let's Encrypt rotates keys every 90 days. So for your domain, there's 4 keys a year to crack at a minimum. Except that acme services like to register near the halfway point... So more realistically 8 keys a year to decrypt a years worth of data. But it turns out that browsers already have the PQC projects done... And many certificate registrars already support it as well. OpenSSL also supports it from 3.5.0+...

Roadmap Request: Post Quantum Cryptography

NIST has made progress in Post Quantum Cryptography since discussed here: Cloudflare has a TLS hybrid implementation!: https://pq.cloudflareresearch.com A recent Cloudflare blog post: A look at the latest post-quantum…

Let's Encrypt Community Support (community.letsencrypt.org)

PQC support

Consider information about post-quantum cryptography at Cloudflare - deployed key agreements and software support.

Cloudflare Docs (developers.cloudflare.com)

Apparently LE is even moving to MUCH shorter certs... https://letsencrypt.org/2025/02/20/first-short-lived-cert-issued 6 days... So a new key every half-week (remember acme clients want to renew about halfway through the cycle)... or ~100 keys a year to break. Even TODAY, you're not going to need to worry about "weak" encryption for decades. It will take time for the quantum resources to come available... it will take time to go through the backlog of keys that they are interested in decrypting EVEN IF they're storing 100% of data somewhere. You WILL be long dead before they can even have the opportunity to care about you and your data... The "200 years from now" above reference... is assuming that humans can literally harvest suns for power and break really really big problems in the quantum field. It's really going to be on the order of millennia if not longer before your message to your mom from last year gets decrypted. LE doesn't have PQC on the roadmap quite yet... Probably because they understand there's still some time before it even matters and they want to wait a bit until the cryptography around the new mechanisms is more hashed out.

Edit4: At this point I feel that this post needs a TL;DR...

If you're scared.... rotate keys regularly, the more you rotate, the more keys will have to be broken to get the whole picture... Acme services (Let's Encrypt) already do this. You'll be fine with current day technology long after (probably millennia) your dead. No secret you're hiding will matter 1000 years from now.

Edit5: Fuck... I need to stop thinking about this... but I just want to point out one more thing... It's actually likely that in the next 100 (let alone 1000s of years) that a few bits will rot in your data on their cluster that they're storing. So even IF they manage to store it... and manage to get a cluster big enough that either takes so little power that they can finally power it... or get a power source that can rival literal suns. A few bits flipped here and there will happen... Your messages and data will start to scramble over time just by the very nature of... well... nature... Every sunflare. Every gravitational anomaly. Every transmission from space or gamma particle... has a chance to OOPS a 0 into a 1 or vice versa. Think of every case you've heard of Amazon or Facebook accidentally breaking BGP for their whole service and they're down for hours... Over the course of 100 years... your data will likely just die, or get lost, be forgotten, get broken, etc... The longer it takes for them to figure this out (and science is NOT on their side on this matter) the less likely they even have a chance to recover anything, let alone decrypt it in a timely matter to resolve anything in our lifetimes.

Yea this is a trend with Lemmy and other left leaning spaces. Seems to be a push to convince the left to reject technology in so many new areas. It's crazy to watch the left go from early adopters and being on the bleeding edge of things then shift to modern Luddites

Yea this is a trend with Lemmy and other left leaning spaces. Seems to be a push to convince the left to reject technology in so many new areas. It's crazy to watch the left go from early adopters and being on the bleeding edge of things then shift to modern Luddites

So much fear mongering and incorrect statements... and I'm only 3 minutes in. I can't...

Nearly all encryption mechanism currently in use on the modern internet is quantum resistant. Breaking RSA-2048 would require millions of stable, error-corrected qubits. I believe the biggest systems right now are at 500 bits at most.

The NIST Post-Quantum Cryptography project has finalized new quantum-resistant algorithms like CRYSTALS-Kyber and Dilithium. These will replace RSA and ECC long before practical quantum attacks exist. Migration has already started.

Symmetric cryptography is mostly safe. Algorithms like AES, SHA-2, SHA-3, and similar remain secure against quantum attacks. Grover's algorithm can halve their effective key strength. Example: AES-256 becomes as secure as AES-128 against a quantum attacker. To crack on AES-128 hash with current efficiency you need ~88TW of power... Even if we make it 10 or 100x more efficient over time... It's too expensive. We don't have the resources to power anything big enough to crack aes-128... The biggest nuclear reactor (Taishan) only puts out a mere 1,660MWe...

It's not happening in our lifetimes. and probably not at all until we start harvesting stars.

Edit: Several typos.

Edit 2: For the AES-256 example that get's reduced to AES-128. It would take implementing efficiencies that reduce power usage by 1000x (there's a few methods that might get worked out in our lifetimes... lets just take them as functional right now). Then you'd need 55 of the biggest nuclear reactors we have on the planet... Then you wait a year for the computer to finish the compute. That decrypts one key.

Weaker keys might be a problem. Sure. But by the time we're there... it won't matter. For things like Singal, Matrix, or anything else that's actively developed... Someone might store the conversation on some massive datacenter out there... And might decrypt it 200 years from now. That's your "risk"... Long after everyone reading this message is dead.

Edit 3: Because I hadn't looked at it in a few months... I decided to check in on Let's Encrypt's (LE) "answer" to it. Since that's what most people here are probably interested in and using. First... remember that Let's Encrypt rotates keys every 90 days. So for your domain, there's 4 keys a year to crack at a minimum. Except that acme services like to register near the halfway point... So more realistically 8 keys a year to decrypt a years worth of data. But it turns out that browsers already have the PQC projects done... And many certificate registrars already support it as well. OpenSSL also supports it from 3.5.0+...

Roadmap Request: Post Quantum Cryptography

NIST has made progress in Post Quantum Cryptography since discussed here: Cloudflare has a TLS hybrid implementation!: https://pq.cloudflareresearch.com A recent Cloudflare blog post: A look at the latest post-quantum…

Let's Encrypt Community Support (community.letsencrypt.org)

PQC support

Consider information about post-quantum cryptography at Cloudflare - deployed key agreements and software support.

Cloudflare Docs (developers.cloudflare.com)

Apparently LE is even moving to MUCH shorter certs... https://letsencrypt.org/2025/02/20/first-short-lived-cert-issued 6 days... So a new key every half-week (remember acme clients want to renew about halfway through the cycle)... or ~100 keys a year to break. Even TODAY, you're not going to need to worry about "weak" encryption for decades. It will take time for the quantum resources to come available... it will take time to go through the backlog of keys that they are interested in decrypting EVEN IF they're storing 100% of data somewhere. You WILL be long dead before they can even have the opportunity to care about you and your data... The "200 years from now" above reference... is assuming that humans can literally harvest suns for power and break really really big problems in the quantum field. It's really going to be on the order of millennia if not longer before your message to your mom from last year gets decrypted. LE doesn't have PQC on the roadmap quite yet... Probably because they understand there's still some time before it even matters and they want to wait a bit until the cryptography around the new mechanisms is more hashed out.

Edit4: At this point I feel that this post needs a TL;DR...

If you're scared.... rotate keys regularly, the more you rotate, the more keys will have to be broken to get the whole picture... Acme services (Let's Encrypt) already do this. You'll be fine with current day technology long after (probably millennia) your dead. No secret you're hiding will matter 1000 years from now.

Edit5: Fuck... I need to stop thinking about this... but I just want to point out one more thing... It's actually likely that in the next 100 (let alone 1000s of years) that a few bits will rot in your data on their cluster that they're storing. So even IF they manage to store it... and manage to get a cluster big enough that either takes so little power that they can finally power it... or get a power source that can rival literal suns. A few bits flipped here and there will happen... Your messages and data will start to scramble over time just by the very nature of... well... nature... Every sunflare. Every gravitational anomaly. Every transmission from space or gamma particle... has a chance to OOPS a 0 into a 1 or vice versa. Think of every case you've heard of Amazon or Facebook accidentally breaking BGP for their whole service and they're down for hours... Over the course of 100 years... your data will likely just die, or get lost, be forgotten, get broken, etc... The longer it takes for them to figure this out (and science is NOT on their side on this matter) the less likely they even have a chance to recover anything, let alone decrypt it in a timely matter to resolve anything in our lifetimes.