Quantum Safe Cryptography

Quantum-Safe and Quantum-Broken Crypto Algorithms

Most cryptographic hashes (like SHA2, SHA3, BLAKE2), MAC algorithms (like HMAC and CMAK),
key derivation functions (bcrypt, scrypt, Argon2) are basically quantum-safe (only slightly affected
by quantum computing).

→ Use 384-bits or more to be quantum-safe (256-bits should be enough for long time)

Symmetric ciphers (like AES-256, Twofish-256) are quantum safe.

→ Use 256-bits or more as key length (don’t use 128-bit AES)

Most popular public-key cryptosystems (like RSA, DSA, ECDSA, EdDSA, DHKE, ECDH, ElGamal)
are quantum-broken!

→ Most digital signature algorithms (like RSA, ECDSA, EdDSA are quantum-broken!
→ Quantum-safe signature algorithms and public-key cryptosystems are already developed
(e.g. lattice-based or hash-based signatures), but are not massively used, because of longer keys
and longer signatures than ECC)

What kind of cryptographic algorithms does QubesOS use? Is is quantum-safe?

1 Like

you can find this information, but cant find what qubes os use it as default?


Luks Version:            2
Cipher name:        aes
Cipher mode:        xts-plain64
Hash spec:          sha512
1 Like

Just trying to raise awareness surrounding quantum-safe computing. Here are some quantum-safe algorithms:


Lattice-Based Cryptography:

Here are some additional links and also what Google (the only company that appears to be working on this)
is doing:





Quantum attacks on Tor: