Post-quantum security: should you care?
2020-09-04, 12:30–13:10, Main stream

You might have read that quantum computers will break all cryptography and that you should seriously worry about it—and fix your worries by buying the product of company XYZ. But seriously, is this just FUD, real science, or both? What's exactly a quantum computer? When IBM and Google claim to have one, what does it exactly mean, and why does it seem so useless? What exactly is quantum supremacy and have we achieved it already? How and what would a quantum computer break cryptography, and what kind of cryptography?

What's the difference between post-quantum and quantum-safe cryptography? Do you need a quantum computer to run it or is it just a tweak of OpenSSL? How to make your applications post-quantum™ today? What's the real point, from a risk, business, and marketing perspective? While this abstract is about asking questions, the talk will be about giving honest answers.

Jean-Philippe (JP) Aumasson (, co-founder Taurus. JP is well known for his work in cryptography including the reference book Serious Cryptography, the widely used algorithms BLAKE2 and SipHash, and talks at leading industry conferences. JP has been giving cryptography trainings since 2013 in multiple public and private settings.