Post-quantum defaults
Robert J. Hansen
rjh at sixdemonbag.org
Wed Apr 8 17:05:12 CEST 2026
> I think this article recently posted at Cryptography should get more
> attention:
I don't think Ray is a crackpot, let me start with that. His concern is
real. If I were in his shoes I'd think the same.
But I'm not.
A little-known fact about the National Security Agency is it's also
responsible for establishing the US Government's computer security
policies. When it comes to securing classified information at the Top
Secret level, NSA has established that government agencies must migrate
to PQC effective immediately, and they're not especially picky about
which PQC. The official guidance is worth reading:
https://media.defense.gov/2025/May/30/2003728741/-1/-1/0/CSA_CNSA_2.0_ALGORITHMS.PDF
My take is that if RSA-2048 is about to be decertified by the USG for
securing Top Secret data, in favor of Crystals-Kyber and/or
Crystals-Dilithium, we should take that as a strong hint NSA genuinely
believes RSA-2048 may soon be threatened by foreign nation-states.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature.asc
Type: application/pgp-signature
Size: 236 bytes
Desc: OpenPGP digital signature
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20260408/935cfddb/attachment.sig>
More information about the Gnupg-users
mailing list