Skip to content

How can we improve Proton?

← General Ideas

Quantumcomputer Encryption [SECURITY THREAT]

"SAVE NOW, DECRYPT LATER" is a big threat to all of our data and it's affecting us already.

Considering Proton is at the frontier of online security and the relatively new announcements of NISTs Quantum Encryption methods, I would suggest you look into applicability of those methods to your services.

I hope this makes it up the ladder, because this SECURITY BREACH AFFECTS EVERY PROTON USER AND EVERY SINGLE INFORMATION: Starting with all email traffic, to drive documents, calendar and even all browser history through ProtonVPN. To go even further, proton users and VPN exit nodes could be specially monitored, considering their interest in privacy and high percentage of journalists and similar people with sensitive information.

Your users would surely all be really glad to hear they're save against "Save now, Decrypt later" attacks, new users would roll over too, and it would set a great example for other industries; and since you're not only at the frontier of online security & privacy but also engineering folk, which translates new research into applicable everyday usage, IF NOT YOU, THAN WHO?

26 votes

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close

We’ll send you updates on this idea

u shared this idea  ·   ·  Report…  ·  Admin →
How important is this to you?

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close
Submitting...
An error occurred while saving the comment
  • Aslex Nalver commented  ·   ·  Report

    The concern around “save now, decrypt later” attacks is valid, especially as quantum computing advances and organizations like National Institute of Standards and Technology (NIST) finalize post-quantum cryptography standards designed to resist future quantum threats. Security-focused providers such as Proton AG are already aware of these developments and, like many leaders in the cybersecurity space, continuously evaluate emerging cryptographic standards for integration into their infrastructure to protect email, cloud storage, VPN traffic, and other sensitive services. While large-scale quantum computers capable of breaking current encryption are not yet operational, forward-thinking companies are actively researching hybrid and post-quantum encryption models to ensure long-term data confidentiality. Just as industry leaders in other sectors publicly demonstrate responsibility and forward planning—such as this example of sustainability commitment in engineering https://vsengineering.co/sustainability-leader-in-our-industry/ security-driven
    companies must transparently communicate their roadmap toward quantum-resistant encryption to maintain user trust and set benchmarks for the wider industry.

  • theoneand33 commented  ·   ·  Report

    I would use Proton mail instead of Tuta mail if they added this

  • pedro chromazzi commented  ·   ·  Report

    I just want to invite the proton service to use the X25519Kyber768 Post-Quantum Key Exchange during the https communication with the protonMail server. At least, it would be great if this or another NIST advanced PQ encryption was used for every communication with the proton servers. Seems that the power of the actual quantum computers (august 2024) is growing faster than the expectations and that the AES-256-GCM cipher has the counted days. So it could be a critical aspect.

General Ideas: New features

Categories