A Cryptography Engineer's Perspective on Quantum Computing Timelines
by thadt on 4/6/2026, 3:31:20 PM
https://words.filippo.io/crqc-timeline/
Comments
by: tux3
This is a good take, there's really not much to argue about.<p>>[...] the availability of HPKE hybrid recipients, which blocked on the CFRG, which took almost two years to select a stable label string for X-Wing (January 2024) with ML-KEM (August 2024), despite making precisely no changes to the designs. The IETF should have an internal post-mortem on this, but I doubt we’ll see one<p>My kingdom for a standards body that discusses and resolves process issues.
4/6/2026, 5:02:58 PM
by: munrocket
Yes, this is why I invested in QRL crypto. With lates updates and no T1 exchange it looks like a good opportunity to grow.
4/6/2026, 5:39:39 PM
by: Sparkyte
There is always a price to encryption. The cost goes up the more you have to cater to different and older encryptions while supporting the latest.
4/6/2026, 5:38:53 PM
by: OhMeadhbh
In rebuttal, Peter Gutmann seems to think the progress towards quantum computing devices which can break commonly used public key crypto systems is not moving especially quickly: <a href="https://eprint.iacr.org/2025/1237" rel="nofollow">https://eprint.iacr.org/2025/1237</a>
4/6/2026, 5:29:51 PM
by: pdhborges
What do you recomend as reading material for someone that was in college a while ago (before AE modes got popular) to get up to speed with the new PQ developments?
4/6/2026, 4:45:18 PM
by: vonneumannstan
This seems like something uniquely suited to the startup ecosystem. I.e. offering PQ Encryption Migration as a Service. PQ algorithms exist and now theres a large lift required to get them into the tech with substantial possible value.
4/6/2026, 4:59:58 PM
by: OsrsNeedsf2P
Why do we "need to ship"? 1,000 qubit quantum computers are still decades away at this point
4/6/2026, 5:30:53 PM