> Hybrid PQ+ECDH is a hedged bet against an algorithm break before Q-Day, but is utterly fucking useless over Pure PQ once Q-Day occurs.
there is also the likelihood that Q-Day never arrives, either because something we don't know prevents the construction of sufficiently large quantum computers (eg. quantum gravity) or because the entire field was a scam. in that scenario abandoning ECC would have been pretty stupid.
> there is also the likelihood that Q-Day never arrives, either because something we don't know prevents the construction of sufficiently large quantum computers (eg. quantum gravity)
That is possible, but given the recent 2029 timelines from large Internet providers, I think it's prudent to prepare for Q-Day even if it never arrives.
> or because the entire field was a scam.
The field is like... a magnet for scams, sure. But it, itself, isn't one.
And, like, the Quantum Village at DEFCON has really failed to establish credibility in my eyes.
> there is also the likelihood that Q-Day never arrives, either because something we don't know prevents the construction of sufficiently large quantum computers (eg. quantum gravity)
That is possible, but given the recent 2029 timelines from large Internet providers, I think it's prudent to prepare for Q-Day even if it never arrives.
> or because the entire field was a scam.
The field is like... a magnet for scams, sure. But it, itself, isn't one.
And, like, the Quantum Village at DEFCON has really failed to establish credibility in my eyes.
https://soatok.blog/2022/08/18/burning-trust-at-the-quantum-...
https://soatok.blog/2023/08/20/defcon-quantum-village-2-elec...
> in that scenario abandoning ECC would have been pretty stupid.
Not really, no. See https://blog.trailofbits.com/2024/07/01/quantum-is-unimporta... for a counter-point.