Post Quantum Cryptography is not doing so Well

Post Quantum Cryptography (PQC) is the name which describes new cryptographic algorithms which should be safe to use even if a real Quantum Computer will arrive. NIST competition to designate these algorithms has started in 2016, now is in its 4th round and is supposed to end by 2024.

This year NIST, for round 4, has selected 4 final candidates and 4 potential replacements in case any of the 4 front runners will drop out. But this year already two candidates have been invalidated due to the discovery of serious security weaknesses: in February, at the end of round 3, it was the case of Rainbow, and these days (see here), in round 4, is the case of SIKE, a potential replacement candidate.

The weaknesses discovered apply only to the algorithms which have been invalidated, but the fact that they have been discovered so late in the NIST selection process should make us wonder if the timeline will be maintained or more time will be needed to completely test and evaluate these new algorithms.