As an offensive security company, Synacktiv needs to constantly follow the evolutions in security to stay on top of the game and perform high quality audits. Recently, we got interested in post-quantum cryptography, bound to become the next standard in data protection. While we were familiar with "traditional" cryptography, we had never studied the "post-quantum" side of the field, and were a bit intimidated at first. Through our learning, we realized two things: first, it is not as inaccessible as it seems and second, although there have been many advances in the academic field, the industry is far behind in this area as quantum computers are already threatening information security.

We will cover basic security principles in cryptography, why they are threatened by quantum computing, how post-quantum cryptography tackle these threats, and how to incorporate post-quantum security to your products.

The talk will unfold in five parts:
- What does "being secure" mean in the context of cryptography? A quick refresher on the basic principles and definitions.
- How do quantum computers affect the security of current cryptographic algorithms? An overview of how quantum computing undermines classical cryptography.
- What are these "post-quantum" cryptographic algorithms? Key features that make these algorithms resistant to quantum attacks.
- How to migrate to post-quantum algorithms? A look at the challenges of transitioning to post-quantum cryptography, including hybridization and trust concerns with new algorithms.
- What are the associated challenges with transitioning ? A case study of TLS at Cloudflare.