Daniel J. Bernstein says NSA and UK GCHQ are pushing standards bodies to drop hybrid ECC+PQ schemes in favor of single post‑quantum algorithms. He points to NSA procurement guidance against hybrid, a Cisco sale reflecting that stance, and an IETF TLS decision he’s formally contesting as lacking true consensus.
— If intelligence agencies can tilt global cryptography standards, the internet may lose proven backups precisely when new algorithms are most uncertain, raising systemic security and governance concerns.
EditorDavid
2025.10.12
100% relevant
NSA’s William Layton: 'we do not anticipate supporting hybrid in national security systems,' and the IETF TLS working group’s adoption of a non‑hybrid PQ draft over recorded objections.
← Back to All Ideas