this post was submitted on 19 Aug 2023
21 points (92.0% liked)

Technology

59414 readers
3769 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
top 9 comments
sorted by: hot top controversial new old
[–] picnic@kbin.social 9 points 1 year ago* (last edited 1 year ago)

As google hasnt given me any reason to trust them in the last decade I wont trust these news without independent 3rd party audit. A little fitting that its them who have one of the most advanced research done in quantum computing, after all..

[–] autotldr@lemmings.world 6 points 1 year ago

This is the best summary I could come up with:


Like many existing security schemes today, though, FIDO faces an ominous if distant threat from quantum computing, which one day will cause the currently rock-solid cryptography the standard uses to completely crumble.

Over the past decade, mathematicians and engineers have scrambled to head off this cryptopocalypse with the advent of PQC—short for post-quantum cryptography—a class of encryption that uses algorithms resistant to quantum-computing attacks.

This week, researchers from Google announced the release of the first implementation of quantum-resistant encryption for use in the type of security keys that are the basic building blocks of FIDO2.

“While quantum attacks are still in the distant future, deploying cryptography at Internet scale is a massive undertaking which is why doing it as early as possible is vital,” Elie Bursztein and Fabian Kaczmarczyck, cybersecurity and AI research director, and software engineer, respectively, at Google wrote.

Moving forward, we are hoping  to see this implementation (or a variant of it), being standardized as part of the FIDO2 key specification and supported by major web browsers so that users' credentials can be protected against quantum attacks.

The security of RSA and other traditional forms of asymmetric encryption is based on mathematical problems that are easy to verify the answer to but hard to calculate.


The original article contains 734 words, the summary contains 208 words. Saved 72%. I'm a bot and I'm open source!

[–] skymtf@pricefield.org 1 points 1 year ago (1 children)

Is FIDO Foss at all? I don't trust anything that isn't FOSS with my data?

[–] Spotlight7573@lemmy.world 1 points 1 year ago

They have the code for their open-source implementation of security keys here:

https://github.com/google/OpenSK

Their actual announcement post is here:

https://security.googleblog.com/2023/08/toward-quantum-resilient-security-keys.html