2020.02.03 14:18:16 (1224321204170960896) from Daniel J. Bernstein, replying to "Shozab Qasim (@SQ_PCMP55)" (1221429227259662336):
Quantum cryptography, despite its "provable security" claims and massive funding, has a much worse security track record than post-quantum cryptography. See, e.g., the neverending series of breaks on http://www.vad1.com/publications/. For a broader perspective see https://blog.cr.yp.to/20160516-quantum.html.
2020.01.26 01:15:40 (1221225153910255617) from "Jonathan P. Dowling (@jpdowling)":
Reporter: "There's even a book on post-quantum cryptography." Me: (There's even a book on postmodern Satanism.)
2020.01.26 12:44:33 (1221398515277918211) from "Rod Van Meter 🌻 (@rdviii)", replying to "Jonathan P. Dowling (@jpdowling)" (1221225153910255617):
I've heard you dumping on PQC quite a bit, but I'm not sure I follow your objection. Is it that you believe that all possible public-key systems will bw vulnerable to quantum computers? Or do you more fundamentally believe that P=NP?
2020.01.26 14:46:35 (1221429227259662336) from "Shozab Qasim (@SQ_PCMP55)", replying to "Rod Van Meter 🌻 (@rdviii)" (1221398515277918211):
I believe his objection is that no one’s proven that post quantum crypto schemes are resistant to attacks by quantum computers whereas quantum crypto is provably secure.