Comment by bawolff
3 days ago
In a world where spying on civilian communication of adversaries (and preventing spying on your own civilians) is becoming more critical for national security interests, i suspect that national governments would be lighting more of a fire if they believe their opponents had one.
They absolutely are. NSA is obsessed with post-quantum projects atm
tbh they could just be pushing for people to adopt newer, less-tested, weaker algorithms. switch from something battle-hardened to the QuantResist2000 algorithm which they've figured out how to break with lattice reduction and a couple of GPUs like those minecraft guys did.
Hybrid approaches are at least as strong as their strongest algorithm. You don't need to trust me on this, it's extremely simple to derive this principle yourself from basic knowledge of cryptography.
But is this because they are already needed or because they want to preserve encryption for past and present data post-quantum?
The latter
NSA is pushing for PQ algos.