63
GitHub introduces hybrid post-quantum SSH security to better protect Git data in transit
(alternativeto.net)
this post was submitted on 16 Sep 2025
63 points (95.7% liked)
Technology
75191 readers
2791 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related news or articles.
- Be excellent to each other!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
- Check for duplicates before posting, duplicates may be removed
- Accounts 7 days and younger will have their posts automatically removed.
Approved Bots
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
AFAIK quantum computing's only demonstrations of being able to break encryption using Shore's algorithm was in a toy problem where they already knew the answer and it was like 5 bits long and satisfied a particularly easy pattern. I'll be impressed when it can break 192-bit encryption with proper entropy.
The threat model is that all communication is recorded and will be decrypted once the technology becomes available. The question then becomes for how long you want your data to be secure. If its for example 40 years, you need to chose an algorithm today that is still secure in 40 years.
Would you like to know more?: https://en.wikipedia.org/wiki/Harvest_now,_decrypt_later
NIST says 2035 should be the target date for organizations to get to something quantum resistant. The talk I saw at DefCon this year laid out a very convincing argument that due to advancements in the implementation of Shorr's, as well as one other algorithm, that's not an aggressive enough target and we should really be shooting for 2030. Apparently IBM has never missed a target date, and they're looking at having enough logical Qubits by 2032 or so.
If you haven't already switched to more secure algorithms you'll be impressed and also penniless when it can break 192-bit encryption with proper entropy.
I believe quantum computers are only going to really threaten asymmetric encryption, like the one used in SSH keys. Things like RSA, DSA, and ECDSA, as well as Diffie-Hellman key exchanges are potentially weak to future quantum computers brute forcing those integers.
Symmetrical encryption should hold up much better against quantum. An algorithm like AES or ChaCha20 should be fine with a bit key length of 256 or higher.
Or just move to the post-quantum algorithms to be safe.
Meh. I think quantum computers are technological hocuspocus that is used as justification for companies like D-Wave to generate billions of dollars for a few financial executives. The science is real. The engineering is real. The technology is a toy and its uses are extraordinarily limited and out-competed by normal computers.
Can it optimally solve the travelling salesman problem? Sure. With many thousands of bits. Can a classical computer with a fancy algorithm get close enough for practical use cases? Yes. With today's technology and enough power to run an old lightbulb.
You're right. Only thing is that this is currently being worked on by multiple nation states as well, as these theories do have a military advantage. There will be money and resources pouring into this field for decades.
Even if it takes another 3 or 4 decades, the goal posts are planted, and I think Q-Day will eventually happen. Of course, im just assuming and can't know the future. For now, it is a toy as you have said.