cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Caute_cautim
Community Champion

Is hybrid encryption the answer to post-quantum security?

Hi All

 

The concept of hybrid encryption, a combination of public-key and symmetric encryption, is receiving increased attention in the wake of the rollout of post-quantum algorithms developed through the National Institute of Standards and Technology’s (NIST) post-quantum cryptography (PQC) competition. Tech giant Google has already begun using hybrid algorithms in Chrome and some servers. However, the approach has its critics, including the National Security Agency (NSA) and the UK's Government Communications Headquarters (GCHQ), who cite increased complexity, decreased efficiency, and inconsistent structures as potential drawbacks. In contrast, national cryptographic agencies in France and Germany endorse the use of hybrid encryption.

 

https://www.csoonline.com/article/1307682/is-hybrid-encryption-the-answer-to-post-quantum-security.h...

 

Regards

 

Caute_Cautim

2 Replies
Early_Adopter
Community Champion

If you’re okay dealing with the complication then “double bagging” can make a lot of sense, particularly if you’re not sure when the dam will break… encrypt with what you know and wrap in hybrid-crypto or vicci-verci.

Also if an intel agency is saying don’t do that, might be tricky then it might be a good idea to think about why that might be the case.

“Mr IBM, it’s about young master Lucifer. Yes, we felt he dint really need to use all those bits for key size…”

Now these entities are fairly split brained in that they both eavesdrop and protect, but it’s still good to consider motivation.

Also to quote Phil Zimmermann when asked if something was too complex.

“You know, I’m pretty sure they’ve got computers…” (I’m paraphrasing, he actually said “the government.”)

Whatever the solution you/we/I choose it’s clear that everyone will need good options in the near future.
Caute_cautim
Community Champion

@Early_AdopterBut make sure you have done your research, created a CBOM, and are prepared to do extensive testing and with the ability to adopt crypto agility.

 

Regards

 

Caute_Cautim