The quantum threat is looming. Quantum computers are beginning to challenge time-tested classical encryption standards.
Brute-force attacks that take conventional hardware millions of years to crack might be solved by quantum computers of the not-so-distant future in mere hours.
This possibility has huge implications for data protection. To get ahead of the threat, some VPN services (hint: Windscribe) are already offering Post-Quantum Encryption (PQE).
What Is Post-Quantum Encryption?
Classical encryption methods work by performing complex mathematical operations to scramble information into gibberish strings of numbers and letters to anybody without the decryption key. This process is efficient to run, but extremely hard to reverse with current hardware, which is why they have been reliable for decades.
Quantum computing changes the equation. Instead of processing bits one-by-one, quantum computers can evaluate multiple states simultaneously. This massive leap in speed makes Curve25519, WireGuard's key exchange mechanism, vulnerable to quantum-computing attacks.
Post-Quantum Encryption protects your VPN connection against potential quantum-computing attacks.
Windscribe is now Post-Quantum Resistant
Official WireGuard® documentation states that “the pre-shared key parameter can be used to add a layer of post-quantum secrecy” and that “the best bet for post-quantum security is to run a truly post-quantum handshake on top of WireGuard, and then insert that key into WireGuard's pre-shared key slot.”
From the day Windscribe offered WireGuard, we made use of the PresharedKey parameter (something most of our competitors did not do).
At the time, however, the PSK was still exchanged using classical encryption.
We are pleased to announce that Windscribe’s apps now support post-quantum WireGuard out of the box, starting with versions:
- Desktop: 2.17.9
- Android: 3.93.1835
- iOS: 3.9.4
The PresharedKey is shared using a post-quantum-resistant encryption algorithm (TLS 1.3 using the hybrid key exchange mechanism X25519MLKEM768), meaning WireGuard connections are post-quantum resistant.
The PresharedKey is rotated each time you log in to the app.
How to Enable Post-Quantum Encryption With Windscribe
To enable PQE, simply log out and log back in to the app and ensure your selected protocol is WireGuard.
Step 1: Log Out and Log Back In
This action only needs to be completed once, but must be done on each device you use with Windscribe.
Note: you MUST log out and log back in to enable Post-Quantum Encryption on WireGuard!
Step 2: Select WireGuard protocol
Step 3: Choose your preferred location
Connect to a Windscribe server location as you normally would, and voila, post-quantum encryption is now set up successfully!
Don’t Sleep on Post-Quantum VPNs
Advancement in quantum computing is rapidly challenging the security classical encryption offers. While classical encryption is still secure, you may still be vulnerable to SNDL (Store Now, Decrypt Later - also known as Harvest Now, Decrypt Later) attacks wherein a malicious entity stores encrypted traffic now to decrypt it once quantum computers are adequately developed.
Secure your digital future today with Windscribe VPN, your shield against the evolving threats of quantum computing. Stay ahead of the curve and protect your privacy with cutting-edge, post-quantum-resistant encryption. Don't wait for tomorrow's vulnerabilities: fortify your online security now!
"WireGuard" is a registered trademark of Jason A. Donenfeld. Open Source Software Attributions.
