Post Quantum Cryptography in OpenPGP - Common Knowledge Scout

# Post-Quantum Cryptography in OpenPGP > [! note]- > The content of this page is generated by audio/video transcription and text transformation from the content and links of this source. Source: [https://fosdem.org/2025/schedule/event/fosdem-2025-5992-post-quantum-cryptography-in-openpgp/](https://fosdem.org/2025/schedule/event/fosdem-2025-5992-post-quantum-cryptography-in-openpgp/) <video src="https://video.fosdem.org/2025/k4601/fosdem-2025-5992-post-quantum-cryptography-in-openpgp.av1.webm" controls></video> ## Summary & Highlights: This session at FOSDEM 2025 explores the integration of post-quantum cryptography into OpenPGP, aiming to future-proof email encryption against the potential threat posed by quantum computers. The speakers, Daniel Huigens and Aron Wussler, present the current state of standardization and implementation efforts, highlighting the importance of transitioning to post-quantum secure algorithms. **Introduction to Post-Quantum Cryptography** Quantum computers are expected to challenge classical cryptography by potentially decrypting secure communications. To counter this, post-quantum cryptography is being developed to protect data against future quantum threats. This session focuses on integrating these new cryptographic methods into OpenPGP, a widely used standard for email encryption. **Current Developments and Challenges** The session discusses the recent release of RFC 9580, which updates OpenPGP to include modern cryptographic methods. However, existing methods remain vulnerable to quantum attacks. The speakers emphasize the need for immediate action to standardize and implement post-quantum algorithms such as ML-KEM and SLH-DSA, which provide stronger security guarantees. **Implementation Efforts** Efforts are underway to implement these new cryptographic standards in open-source libraries like OpenPGP.js and GopenPGP. The session highlights the importance of collaboration among developers and organizations to ensure a smooth transition to post-quantum cryptography, ensuring email communications remain secure in the long term. **Conclusion and Future Outlook** The speakers conclude by stressing the urgency of adopting post-quantum cryptography to protect sensitive communications. While the transition may involve challenges, including increased computational requirements, the potential benefits of ensuring long-term data security are significant. ## Importance for an eco-social transformation The integration of post-quantum cryptography into OpenPGP is crucial for maintaining secure communications in a future where quantum computers could compromise current encryption standards. This development is vital for protecting personal privacy and sensitive information, which are essential components of a sustainable and ethical digital society. For eco-social designers, the focus should be on promoting open-source solutions and collaborating with communities to implement these new standards effectively. Challenges include the technical complexity of transitioning to new algorithms and the need for widespread adoption across different platforms. Social and political support will be necessary to prioritize data security in policy-making and funding decisions. ## Slides: | | | | --- | --- | | ![[FOSDEM 2025/assets/PostQuantum-Cryptography-in-OpenPGP/preview_001.jpg\|300]] | The session introduces the significance of post-quantum cryptography in OpenPGP, emphasizing the need to secure email encryption and signing against future quantum threats. As quantum computers develop, they pose a potential risk to current cryptographic methods, making it essential to adopt post-quantum solutions to protect communications. | ![[FOSDEM 2025/assets/PostQuantum-Cryptography-in-OpenPGP/preview_002.jpg\|300]] | OpenPGP has been modernized with the release of RFC 9580, which obsoletes the older RFC 4880. This update introduces new cryptographic methods but remains rooted in classical cryptography. The session highlights the need for further advancements to address the vulnerabilities posed by quantum computing. | ![[FOSDEM 2025/assets/PostQuantum-Cryptography-in-OpenPGP/preview_003.jpg\|300]] | This slide likely presents a visual or data representation from IBM Research, possibly illustrating the progress or challenges associated with quantum computing and its implications for cryptography. | ![[FOSDEM 2025/assets/PostQuantum-Cryptography-in-OpenPGP/preview_004.jpg\|300]] | The slide discusses the current state of quantum computers, highlighting their experimental nature and the challenges they face, such as noise and scalability issues. Despite these hurdles, the potential of quantum computing to solve complex problems beyond classical systems is acknowledged. | ![[FOSDEM 2025/assets/PostQuantum-Cryptography-in-OpenPGP/preview_005.jpg\|300]] | Continuing the discussion on quantum computers, this slide likely delves deeper into their current capabilities and limitations. The emphasis is on understanding the threat they pose to cryptography and the urgency of developing countermeasures. | ![[FOSDEM 2025/assets/PostQuantum-Cryptography-in-OpenPGP/preview_006.jpg\|300]] | The slide questions the rationale behind developing software for quantum computers when they are still in their infancy. Despite their current limitations, the potential impact of quantum computing on cryptography necessitates proactive measures to ensure data security. | ![[FOSDEM 2025/assets/PostQuantum-Cryptography-in-OpenPGP/preview_007.jpg\|300]] | Post-quantum cryptography (PQC) includes cryptographic methods that remain secure against quantum attacks. While some asymmetric algorithms are resistant, they are larger and slower than classical ones. NIST has standardized several PQC algorithms, including ML-KEM and ML-DSA, to address these challenges. | ![[FOSDEM 2025/assets/PostQuantum-Cryptography-in-OpenPGP/preview_008.jpg\|300]] | The OpenPGP PQC project began in 2022, focusing on integrating post-quantum cryptography into the OpenPGP protocol. The project aims to implement hybrid and standalone cryptographic methods without disrupting existing deployments, ensuring a smooth transition to quantum-resistant email encryption. | ![[FOSDEM 2025/assets/PostQuantum-Cryptography-in-OpenPGP/preview_009.jpg\|300]] | Implementation efforts for post-quantum cryptography in OpenPGP are underway, with projects led by MTG AG and Proton. These initiatives involve integrating PQC into open-source libraries, highlighting the collaborative efforts to enhance email security against future quantum threats. | ![[FOSDEM 2025/assets/PostQuantum-Cryptography-in-OpenPGP/preview_010.jpg\|300]] | The slide emphasizes the advantages of symmetric cryptography, which is faster and remains post-quantum secure. In cases where asymmetric cryptography is unnecessary, such as drafts and archival, symmetric methods offer a more efficient and secure alternative. | ![[FOSDEM 2025/assets/PostQuantum-Cryptography-in-OpenPGP/preview_011.jpg\|300]] | The concept of persistent symmetric keys involves storing symmetric key material in OpenPGP keys, offering faster encryption when using private keys. This approach enhances efficiency while maintaining security, particularly for personal data storage. | ![[FOSDEM 2025/assets/PostQuantum-Cryptography-in-OpenPGP/preview_012.jpg\|300]] | The OpenPGP Working Group has adopted a draft for integrating post-quantum cryptography. This marks a significant step towards standardizing and implementing quantum-resistant methods to secure email communications. | ![[FOSDEM 2025/assets/PostQuantum-Cryptography-in-OpenPGP/preview_013.jpg\|300]] | Experimental implementations of post-quantum cryptography are underway in OpenPGP.js and GopenPGP. RNP has also shown interest in adopting these methods, indicating a growing momentum towards widespread implementation of quantum-resistant cryptographic standards. | ![[FOSDEM 2025/assets/PostQuantum-Cryptography-in-OpenPGP/preview_014.jpg\|300]] | The conclusion highlights the impending arrival of quantum computers and the necessity of post-quantum cryptography. While these methods may be larger and slower, they ensure long-term data security. In contrast, symmetric cryptography offers faster and smaller solutions where applicable. | ![[FOSDEM 2025/assets/PostQuantum-Cryptography-in-OpenPGP/preview_015.jpg\|300]] | The final slide invites questions, encouraging engagement and discussion on the topics covered. This open dialogue is essential for addressing concerns and advancing the implementation of post-quantum cryptography. ## Links [Post-Quantum Cryptography in OpenPGP draft specification](https://fosdem.org/2025/events/attachments/fosdem-2025-5992-post-quantum-cryptography-in-openpgp/slides/238257/PQC_in_Op_AcmguXM.pdf) [Persistent Symmetric Keys in OpenPGP draft specification](https://fosdem.org/2025/events/attachments/fosdem-2025-5992-post-quantum-cryptography-in-openpgp/slides/238257/PQC_in_Op_AcmguXM.pdf) [Blog post on Post-Quantum Cryptography in OpenPGP and Proton Mail](https://fosdem.org/2025/events/attachments/fosdem-2025-5992-post-quantum-cryptography-in-openpgp/slides/238257/PQC_in_Op_AcmguXM.pdf) [Video recording (AV1/WebM)](https://video.fosdem.org/2025/k4601/fosdem-2025-5992-post-quantum-cryptography-in-openpgp.av1.webm) [Video recording (MP4)](https://video.fosdem.org/2025/k4601/fosdem-2025-5992-post-quantum-cryptography-in-openpgp.av1.mp4) [Video recording subtitle file (VTT)](https://fosdem.org/2025/events/attachments/fosdem-2025-5992-post-quantum-cryptography-in-openpgp/slides/238257/PQC_in_Op_AcmguXM.pdf)