Hi All
An admission from Google, but they are on the PQC journey: Are you?
We do not encrypt our data with a quantum-secure algorithm right now, an attacker who is able to store current communication will be able to decrypt it in as soon as a decade. This store-now-decrypt-later attack is the main motivator behind the current adoption of post-quantum cryptography (PQC), but other future quantum computing threats also require a well-thought out plan for migrating our current, classical cryptographic algorithms to PQC.
This is the first of a series of blog posts in the Bug Hunters blog, dedicated to the topic of PQC, where we in Google's Cryptography team share our latest thoughts and reasons about the PQC migration, starting with the threat model we are working with.
https://bughunters.google.com/blog/5108747984306176/google-s-threat-model-for-post-quantum-cryptogra...
Regards
Caute_Cautim