What is Post-Quantum?

As early as 2021, a technique known as Variational Quantum Factoring (VQF) may enable quantum computers to begin decrypting everything on the internet: RSA, SHA-256, AES-256. Anything built on TLS (Transport Layer Security), including HTTPS, Tor, and OpenVPN, is vulnerable. At that time, quantum computers will begin decrypting classical encryption.

In preparation for this, AmbitVPN is leveraging the work of the Quantum Cryptography Standardization project at the National Institute of Standards and Technology in the US. This project gathered 23 signature schemes and 59 encryption/KEM schemes. 26 of these have advanced to the second-round encryption/key-establishment along with 9 signature schemes.

To maintain an ethical use of the phrase “Post Quantum” before final candidates are selected, AmbitVPN categorizes the use of these candidates as Post-Quantum up until 1,000 logical qubits. However, potential problems start to appear as soon as there is a 65 qubit universal gate quantum computer. The ROBOT attack demonstrated that it is theoretically possible to “transform a quantum key exchange to a supersingular Isogeny.” This means that certain narrow classes of Post-Quantum problems are vulnerable to a sufficiently advanced universal gate quantum computer.

AmbitVPN monitors and keeps current on every modern post-quantum cryptography algorithm. Our recommendations may change as new information emerges about the performance and security of the aforementioned algorithms, or with the actual emerging capability changes of Universal Gate Computers (Quantum Computers).