Migrate to quantum resistant algorithms
Quantum computing breaking common cryptography algorithms is a future problem that will affect all data that is stolen/collected now and that contains sensitive information we may NEVER want to share

-
Vincent RAMPAL commented
Post quantum cryptography will affect Proton both for data at rest and data in transit.
I see your plan for GPG encryption quantum safe but could you please clarify for TLS/QUIC and certificates ?Proton use encryption at different level:
* when Proton exchange mails with other mail servers (encryption in transit)
* when Proton verify the identity of other mail servers (certificate / signature)
* when Proton store mails using GPG (encryption at rest)
* when user connects to Proton servers (encryption in transit)
* when user verifies the identity of Proton servers (certificate / signature)
All of them needs to support post-quantum cryptography.Post quantum crypto is supported in GPG since version 2.5.1.
Source: https://lists.gnupg.org/pipermail/gnupg-announce/2024q3/000485.htmlNIST offer several standard of post quantum crypto.
Source: https://csrc.nist.gov/projects/post-quantum-cryptography/post-quantum-cryptography-standardizationOpen Quantum Safe is also provide several solutions.
Project: https://openquantumsafe.org/
Presentations: https://www.douglas.stebila.ca/research/presentations/Cloudflare is quite active on this topic and you can use it as a reference to see if you are above or bellow competition.
https://www.cloudflare.com/pqc/
https://blog.cloudflare.com/pq-2024/
https://pq.cloudflareresearch.com/ -
pedro chromazzi commented
About https://proton.me/blog/post-quantum-encryption, I don't know much about communication system encryption, but my question is: is the data still safe even if the connection with your server flows? I think that is like a chain; if even one of the rings falls, all the chain is broken. So I think that not only does the server have to adopt pq data encryption, but it also has to require a pq resilient https connection; otherwise, the first encryption is vain.
-
AdminProton (Admin, Proton) commented
Thanks for the feedback, you can read about our plans here: https://proton.me/blog/post-quantum-encryption
-
Joey Reid commented
Very Critical! That would be a huge disaster not only by regular/home users but businesses too! especially for confidential things that business and home business users need! to protect future damages from fradsters and bad actors that may use what ever data stored for what ever their case may be! Damages that may be huge that may come across over the years!
We all Need that extra protection before its to late for (*businesses*) and Regular Home users / Home businesses < 3 votes from yall !!! >
-
D. commented
I think it's already been implemented years ago. Correct me if I'm wrong though but I think the CEO confirmed that in this : https://www.youtube.com/watch?v=Dp7ght2fMR4&t=4394s
-
secnetsys commented
Transfering data we may NEVER want to share by email looks like a funny option, IMHO.