%% You should probably cite draft-hoffman-c2pq-07 instead of this revision. @techreport{hoffman-c2pq-00, number = {draft-hoffman-c2pq-00}, type = {Internet-Draft}, institution = {Internet Engineering Task Force}, publisher = {Internet Engineering Task Force}, note = {Work in Progress}, url = {https://datatracker.ietf.org/doc/draft-hoffman-c2pq/00/}, author = {Paul E. Hoffman}, title = {{The Transition from Classical to Post-Quantum Cryptography}}, pagetotal = 12, year = , month = , day = , abstract = {Quantum computing is the study of computers that use quantum features in calculations. For over 20 years, it has been known that if large- scale quantum computers could be built, they could have a devastating effect on classical cryptographic algorithms such as RSA and elliptic curve signatures and key exchange, as well as on encryption algorithms. There has already been a great deal of study on how to create algorithms that will resist large-scale quantum computers, but so far, the properties of those algorithms make them onerous to adopt before they are needed. Small-scale quantum computers are being built today, but it is still far from clear when large-scale quantum computers that can be used to break classical algorithms with key sizes commonly used today will be available. It is important to be able to predict when large-scale quantum computers usable for cryptanalysis will be possible so that organization can change to post-quantum cryptographic algorithms well before they are needed. This document describes quantum computing, how it can be used to attack classical cryptographic algorithms, and possibly how to predict when large-scale quantum computers will become feasible.}, }