In a first, a ransomware family is confirmed to be quantum-safe
Summary
A ransomware group called Kyber is the first known to use "post-quantum cryptography" to protect its encryption keys. This method is designed to resist attacks from future quantum computers, though experts believe Kyber mainly uses it as a marketing tactic to scare victims into paying ransoms.Key Facts
- Kyber ransomware uses ML-KEM (Module Lattice-based Key Encapsulation Mechanism), which is designed to be secure against quantum computers.
- The ML-KEM method is part of a post-quantum cryptography standard developed by the National Institute of Standards and Technology (NIST).
- Kyber encrypts files quickly with AES-256 and protects the AES key using ML-KEM.
- Quantum computers powerful enough to break current encryption methods like RSA and elliptic curve are still at least three years away.
- A variant of Kyber targeting VMware systems actually uses strong RSA encryption, not ML-KEM.
- Experts say Kyber’s use of ML-KEM is mostly a psychological trick to pressure victims by implying very strong security.
- Implementing ML-KEM is relatively simple for developers, as libraries exist to support it.
- This is the first confirmed case of ransomware using post-quantum cryptography.
Read the Full Article
This is a fact-based summary from The Actual News. Click below to read the complete story directly from the original source.