我整理了一份开源后量子工具和库的清单。
我们最近需要审查我们的加密技术栈,以确保长期合规。我们不是银行或政府承包商,但我们确实处理需要在10年以上内保持安全的敏感数据。
我深入研究了后量子密码学,并最终写了一份相当详尽的指南。该指南涵盖了诸如Kyber、Dilithium、liboqs、PQClean以及与OpenSSL的混合密钥交换等内容。
我尽量保持实用性,包含了工作代码示例、权衡分析,以及标准的发展方向,包括最终确定的NIST选择。同时还添加了一些关于实际应用案例的说明。
如果这里有谁正在进行类似的工作或已经在生产环境中部署后量子密码学,欢迎分享你们使用的库或策略。
查看原文
We recently had to review our cryptographic stack for long-term compliance. We’re not a bank or a government contractor, but we do handle sensitive data that needs to stay secure for 10+ years.<p>I fell into a rabbit hole of post-quantum cryptography and ended up writing a fairly deep guide. It covers stuff like Kyber, Dilithium, liboqs, PQClean, and hybrid key exchange with OpenSSL.<p>I tried to keep it practical includes working code examples, trade-offs, and where the standards are headed including the finalized NIST picks. Also added some notes on real-world use cases.<p>If anyone here is working on something similar or already rolling out PQC in production, would love to hear what libraries or strategies you're using.