Cryptography is rarely the weakest link in a system. Adi Shamir famously said "Cryptography is typically bypassed, not penetrated." However, current developments in physics are set to change this.Quantum computers with several million stable qubits can break all currently deployed public-key cryptography using an algorithm due to Peter Shor. Systems basing their security on RSA, Diffie-Hellman, or elliptic-curve cryptography will no longer be secure.

Worse, data sent today and recorded by an attacker can be decrypted by the attacker once they get a large quantum computer.

Post-quantum cryptography is cryptography under the assumption that the attacker has a large quantum computer. Cryptosystems are studied for security under this attack model. The good news is that some systems remain secure. The bad news is that those are not (yet) commonly available.

This talk will explain the threat that quantum computers pose to security and show some systems that can stand up to such attacks. The talk will also cover an ongoing competition by the US National Institute of Standards and Technology (NIST) to standardize
post-quantum systems.