Post-Quantum VPN Encryption

[Brian_G]

Just been announced by my VPN, here's some detail and a link;

The quantum threat is looming. Quantum computers are beginning to challenge time-tested classical encryption standards.

Brute-force attacks that take conventional hardware millions of years to crack might be solved by quantum computers of the not-so-distant future in mere hours.

This possibility has huge implications for data protection. To get ahead of the threat...

More: https://windscribe.com/blog/post-quantum-vpn/


Good idea, or will existing protection systems likely offer it as needed so not needed much?

Either way I'm sure other VPN's will jump aboard soon

 

[SauRoNZA]

I think the reality as with anything is that if you have enough money to focus and target someone then you'll get a way through.

Quantum computing not being cheap will have the same ringing true and therefore if you aren't a target in the first place it's unlikely to affect you.

 

[Brian_G]

I'm more worried about adversarial ISP's and any political meddling.

Then again, probably not much to worry about in SA

 

[BBSA]

I'm more worried about adversarial ISP's and any political meddling.

Then again, probably not much to worry about in SA

Yes, Vodacom and MTN are ethical companies.

/s

 

[Smiggles]

Marketing hype mostly, irrespective of the legit upgrade.

e.g. claiming "WireGuard connections are post-quantum resistant". Where has that been proven? WireGuard's authentication still uses classical Curve25519 static keys. That's great for level 1. Also, AES symmetric encryption is not vulnerable to quantum computers in the same way as public-key cryptography. Grover's algorithm only halves effective AES key length (AES-256 becomes roughly AES-128 equivalent strength) - that just requires longer keys, not replacement. The real threat targets RSA and elliptic curve key exchange.

No white paper, no peer review, mostly marketing hype.
Express VPN was an early adopter, NordVPN has offered it, ProtonVPN are on it.

Are they also open source?

 

[Smiggles]

They can all be used with an Open Source client, yes and Proton have open sourced their own client.
Not sure what you're asking exactly.

Asking if their official clients are open source.