I'm surprised Docker is the recommended way to run the application – it seems like a lot of hidden magic relative the ~800 actual lines of Go, and given that the resulting keypair is saved outside the container.
I am seeing more Post Quantum safety measures suddenly, than ever before. I know this was a topic from at least a decade, but it looks like a sudden interest across industry.
Did something change? It looks like there was some breakthrough in quantum computers scaling and everyone if given some time before making it public.
Chrome 124 (april 24) introduced hybrid post-quantum TLS, and Chrome 131 (nov 24) switched to a hybrid using ML-KEM, which was standardized in 2024, just after Firefox 132 (oktober 2024), while openssh introduced a hybrid scheme in release 9.0 (April 2022) and made ML-KEM+25519 default in OpenSSH 10.0 (April 2025).
Hybrid PQ schemes being adopted in other places is people playing catch-up, not the avant garde.
I'd say digital signatures should be the foremost concern, those may need to provide non-repudiation for decades.
“So, here it is: if quantum computers start breaking cryptography a few years from now, don’t you dare come to this blog and tell me that I failed to warn you. This post is your warning. Please start switching to quantum-resistant encryption, and urge your company or organization or blockchain or standards body to do the same.“
As researchers around the world race to build quantum computers that could break current encryption ... NIST is ... developing algorithms to protect our data and systems.
NIST has already released three post-quantum cryptography standards that can be implemented now ...
These Federal Information Processing Standards (FIPS) ... are mandatory for federal systems and adopted by organizations around the world ...
I'm surprised Docker is the recommended way to run the application – it seems like a lot of hidden magic relative the ~800 actual lines of Go, and given that the resulting keypair is saved outside the container.
I am seeing more Post Quantum safety measures suddenly, than ever before. I know this was a topic from at least a decade, but it looks like a sudden interest across industry.
Did something change? It looks like there was some breakthrough in quantum computers scaling and everyone if given some time before making it public.
What could be the reason for this?
This blog post might answer some of your questions
https://words.filippo.io/crqc-timeline/
I'm seeing more of a gradual path.
Chrome 124 (april 24) introduced hybrid post-quantum TLS, and Chrome 131 (nov 24) switched to a hybrid using ML-KEM, which was standardized in 2024, just after Firefox 132 (oktober 2024), while openssh introduced a hybrid scheme in release 9.0 (April 2022) and made ML-KEM+25519 default in OpenSSH 10.0 (April 2025).
Hybrid PQ schemes being adopted in other places is people playing catch-up, not the avant garde.
I'd say digital signatures should be the foremost concern, those may need to provide non-repudiation for decades.
> What could be the reason for this?
Hype
“So, here it is: if quantum computers start breaking cryptography a few years from now, don’t you dare come to this blog and tell me that I failed to warn you. This post is your warning. Please start switching to quantum-resistant encryption, and urge your company or organization or blockchain or standards body to do the same.“
https://scottaaronson.blog/?p=9718
It is NIST's world, we merely live in it.
https://www.nist.gov/pqc / https://archive.vn/1ZDyVLong con for NSA to push post quantum algorithms to displace old non quantum one they couldn't find vulnerability in /s
Any sane implementation uses a hybrid scheme with both non-pq and pq combined.