Comment by Tyyps
5 hours ago
Just a little selections of recent attacks on a few post quantum assumptions:
Isogenie/SIDH: https://eprint.iacr.org/2022/975
Lattices: https://eprint.iacr.org/2023/1460
Classical McEliece: https://eprint.iacr.org/2024/1193
Saying that you can trust blindly PQ assumptions is a very dangerous take.
He's obviously not saying that you can "trust blindly" any PQ algorithm out there, just that there are some that have appeared robust over many years of analysis.
He is assessing that the risk of seeing a quantum computer break dlog cryptography is stronger than the risk of having post quantum assumptions broken, in particular for lattices.
One can always debate but we have seen more post quantum assumptions break during the last 15 years than we have seen concrete progress in practical quantum factorisation (I'm not talking about the theory).