danielcuthbert
commented
3 days ago No, this should say use them if you want to be post-quantum secure. I'm not sure, at this stage, how we could amend the text to make that clearer. Should we specifically mention ML-KEM/ML-DSA or maybe even reference NSCS's piece https://www.ncsc.gov.uk/whitepaper/next-steps-preparing-for-post-quantum-cryptography?
tghosth
6.9.1 [ADDED] Verify that Quantum-Safe Algorithms, or quantum-resistant algorithms, such as lattice-based, hash-based, code-based, or multivariate cryptographic schemes, as replacements for vulnerable classical algorithms like RSA and ECC, are used. ✓ ✓ 798 6.9.2 [ADDED] Verify that cryptographic systems are designed to allow for seamless upgrades to post-quantum cryptography, enabling the transition once PQC standards are fully established. ✓ ✓ 798 6.9.3 [ADDED] Regularly monitor advancements in the field of post-quantum cryptography and align with emerging industry standards to remain prepared for quantum threats.