June 9, 2021
Daniel Bernstein - University of Illinois at Chicago; Ruhr University Bochum
Cryptographic software is a security disaster, even when there are no public breaks of the cryptographic primitives that the software is supposed to be providing. This problem isn’t specific to post-quantum cryptography, as the SymCrypt and Minerva vulnerabilities show; but post-quantum cryptography makes the problem worse.