Q-Day Countdown: No More Privacy? – WS 08 2026
27 May 2026 14:30h - 15:30h
Q-Day Countdown: No More Privacy? – WS 08 2026
Summary
The discussion focused on digital security in a post-quantum world, especially the risk that quantum computers could break current encryption and undermine privacy, authenticity, and trust online [16-30][85-90]. An opening audience poll showed that loss of privacy was the dominant concern, followed by worries about identity verification, signatures, contracts, and the slow adoption of post-quantum solutions [32-40]. Speakers framed the issue as urgent because quantum computing threatens the public key infrastructure used across everyday digital systems, even if the exact arrival of a sufficiently powerful machine remains uncertain [45][85-89].
Wout de Natris illustrated the danger by comparing quantum disruption to a world in which all locks suddenly stop working, arguing that devices, connections, email, bank accounts, and IoT systems would all require a large-scale transition [45]. He stressed that past experience with deploying security standards has been uneven, with some countries showing very low adoption rates, and said the shift resembles Y2K in that everyone must move in time even without a single fixed deadline [46-58]. He also presented a proposed working group to help organizations understand what deployment would mean in practice and how to justify investment, while calling for participants and funding [59-72].
João Moreno Falcão and Benoît Ampeau added that post-quantum security is both a cryptographic and operational challenge [83-90][97-101]. Ampeau explained that for DNS operators, the issue is preserving interoperability, integrity, and trust at internet scale, noting that DNSSEC remains essential for authenticity and that email authentication and newer privacy mechanisms also depend on trustworthy DNS [102-119]. Falcão said the main tasks ahead are developing cryptographic inventories, prioritizing the most sensitive assets, improving crypto agility, and coordinating deployment across millions of systems [186-198].
Audience interventions emphasized that non-technical businesses and individuals often do not know whom to trust, what “transition” actually means, or how much it will cost [127-129][296-311]. Panelists responded that communication should be non-alarmist but solution-oriented, and that mainstream trusted media, training bodies, providers, and procurement guidance all have roles to play [132-140][221-228][313-320]. Participants also warned that migration could deepen digital divides if countries and sectors move at different speeds, and argued that the process must include ethical, legal, societal, and human-rights considerations rather than being treated as purely technical [203-207][242-266].
By the end, there was broad agreement that Q-Day is not just a technical issue for specialists but a structural, coordinated transition requiring governments, service providers, standards bodies, and other stakeholders to act together [283-291][344-349]. The closing messages highlighted privacy loss as the clearest perceived threat and called for immediate action, greater clarity for organizations, capacity building, and support for secure-by-design deployment [334-349][358-363]. Overall, the session concluded that post-quantum preparedness must begin now through coordinated planning, awareness, and practical migration support [336-349][364-367].
Keypoints
– The discussion centered on the urgency of preparing for a post-quantum world because sufficiently powerful quantum computers could break current public-key cryptography, threatening privacy, authenticity, integrity, banking, communications, and digital trust more broadly. Speakers compared this to all physical locks suddenly failing and stressed that “Q-Day” may arrive unpredictably, while audience input and polling showed privacy loss as the top concern. [16-30][34-40][44-45][52-58][85-90][141-145][151-153][334-336][343]
– A major point was that post-quantum readiness is not just a cryptography problem but a large-scale transition problem affecting infrastructure, protocols, organizations, and the Internet ecosystem. Speakers emphasized that standards alone are insufficient; deployment must cover devices, networks, DNS, TLS, IoT, and operational interoperability, including concrete questions such as whether systems can validate correctly and remain stable during migration. [45][60-66][96-101][104-118][177-183][192-198][313-320]
– Participants repeatedly stressed that the main barrier is adoption, coordination, and communication rather than the mere existence of candidate algorithms. The discussion highlighted the need for inventories of where cryptography is used, prioritization of critical systems, crypto agility, coordinated deployment, and clearer practical guidance for non-technical organizations that do not understand what “transition” actually means or how much it will cost. [25-30][89][132-136][139-140][165-175][186-198][296-310][313-320][323-332][334-348]
– Responsibility for becoming quantum secure was discussed as shared across governments, service providers, standards bodies, businesses, and users, rather than resting on one actor alone. Although a Mentimeter asked who should be responsible, several participants argued for a layered, ecosystem-wide approach involving people, process, technology, ethics, human rights, governance, procurement, and coordination across regions to avoid fragmentation and digital divides. [229-240][242-263][266-271][278-282][283-291][344-349][358-363]
– The group also explored practical next steps: building awareness with trustworthy, non-alarmist messaging; creating roadmaps and capacity-building efforts; improving secure-by-design procurement; qualifying PQC-ready solutions; and prioritizing critical infrastructure. Speakers noted that individuals can make limited choices today by selecting more secure providers and products, but the larger burden falls on institutions and coordinated policy and market action. [130-137][215-228][266-271][348-353]
The overall purpose of the discussion was to assess the risks posed by quantum computing to current digital security, identify the most pressing concerns, and explore how governments, industry, technical communities, and other stakeholders can coordinate a transition toward post-quantum security. [13-18][40][59-66][80-90][229-240][344-348]
The overall tone was serious, urgent, and collaborative. It began with framing and audience engagement, moved into a deliberately alarm-raising description of the risks to underscore urgency, and then shifted into a more constructive, solution-oriented exchange about governance, business adoption, operational challenges, and practical next steps. By the end, the tone was focused on rough consensus and actionable messaging rather than only warning about collapse. [42-45][136][177-198][242-263][350-356][364-367]
Speakers
– Smee Cujic – Moderator/facilitator of the session; introduced the speakers and led the audience interaction.
– João Moreno Falcão – Cybersecurity specialist; Vice Chair of the Dynamic Coalition on Internet Standards, Security and Safety; member of the working group on emerging technologies. Also appeared as a speaker in a report launch on quantum encryption [S2].
– Benoît Ampeau – Director for Partnership and Innovation; Head of Ethic Labs; speaker from the perspective of AFNIC and DNS registry operations; AFNIC representative and member of the IS3C Dynamic Coalition. Also appeared as a speaker in a report launch on quantum encryption [S5].
– On-site participant – Audience participant(s); several different people intervened from the floor, including business, cybersecurity, student, and policy perspectives.
– Frederic Taes – Cybersecurity manager (stated he was speaking in his own name, in his quality of cybersecurity manager during his day job).
– Wout de Natris – Internet Governance Consultant; Coordinator of the Dynamic Coalition on Internet Standards, Security and Safety Coalition (IS3C/ISSC as stated in session).
– Nicolas Zahn – Participant helping summarize session messages; identified himself as from the Swiss Internet and Digital Governance context.
Additional speakers:
– Aaron Gallagher – Participant of this year’s EuroDIG; audience member asking about what individuals can do.
– Siva – University student; audience participant from a technical background.
– Shamira Ahmed – From TU Delft; audience participant discussing ecosystem-level quantum-safe transition and collaboration with UNESCO.
– Bolo Tife – With the Non-Commercial Stakeholder Group of ICANN; audience participant raising ICANN/root server questions.
– Tirak – Online participant/commenter.
– Tilaka – Mentioned via chat comment regarding upgrading protocols/software and hardware needs.
The session opened by framing post-quantum security as a practical risk to privacy, identity theft, digital signatures, contracts, banking interactions, and other online functions that rely on encryption [16-30]. A Mentimeter poll then asked participants what worried them most in a post-quantum world. Privacy emerged as the leading concern, followed by identity verification, digital signatures and contracts, and the slow adoption of post-quantum-resistant solutions [32-40]. The poll and opening remarks framed the issue as an immediate concern for everyday digital services rather than a purely theoretical future problem [34-40].
Wout de Natris set the tone with a vivid analogy: a capable quantum computer arriving before adequate preparation would be like a world in which physical locks suddenly stopped working [43-45]. He argued that such a development could expose devices, communications, email, bank accounts, cryptocurrencies, IoT systems and other digital assets if migration had not already begun [45]. Because nobody knows when “Q-Day” will arrive or who will reach it first, he said preparation cannot wait [45]. He also pointed to the weak historical record of deploying security standards across the internet, noting that the internet was not originally built with security in mind and that adoption of later protections remains uneven across countries [46-51]. That led him to compare the transition, in one respect, to Y2K: the whole ecosystem needs to move in time, even if there is no universally agreed cut-off date [52-58]. He then introduced a practical proposal for a Dynamic Coalition working group that would focus not on writing new technical standards, but on helping organisations understand and implement existing and emerging ones, including the technical, organisational and managerial barriers involved [59-72].
João Moreno Falcão, joining online from the Brazilian IGF, reinforced the urgency from a cryptographic perspective [73-90]. He explained that while quantum effects already underlie modern computing, the real issue is the growing ability to exploit quantum properties such as superposition to run algorithms in fundamentally new ways [81-84]. Once sufficiently powerful, those capabilities could undermine the public-key infrastructure used across the internet, putting integrity, authenticity, privacy and identity at risk [85-86]. He said the exact timeline remains uncertain, but there are already visible signs of technical progress, and his own research has examined how governments are preparing for that shift [87-90].
Benoît Ampeau, speaking from AFNIC’s perspective as a DNS registry operator, brought the discussion down to infrastructure level [92-102]. He stressed that post-quantum cryptography is not just a matter of selecting stronger algorithms; it is also about maintaining interoperability, operational stability and trust across the DNS ecosystem [96-102]. He asked practical questions about whether zones could still be signed in time, whether resolvers would be able to validate names correctly, and whether systems would remain interoperable during migration [99-102]. He also underlined that transport privacy tools such as DNS over TLS, DNS over HTTPS and DNS over QUIC do not replace DNSSEC’s role in ensuring authenticity and integrity [103-109]. To show how much depends on trustworthy DNS, he pointed to SPF, DKIM and DMARC for email authentication, as well as Encrypted Client Hello (ECH), whose configuration is distributed via DNS [111-119].
A major part of the audience discussion focused on the gap between technical understanding and practical decision-making. One on-site participant from a non-technical business background said that many organisations do not know whom to trust for reliable, non-alarmist guidance [127-129]. De Natris replied that this was the “$64 million question,” and argued that outreach would need to offer workable solutions rather than fear alone, ideally through trusted mainstream publications as well as technical communities [130-136]. Ampeau responded by treating the issue more as a normal IT transition, suggesting that businesses could eventually rely on training providers and qualified organisations to support them once the standards and certification landscape matures [138-140].
Several later interventions sharpened the sense of urgency. A cybersecurity participant cited a recent demonstration in which a small elliptic-curve cryptography instance had been broken with a quantum computer using 70 qubits, describing it as the largest public quantum attack yet shown, while acknowledging it was still far from production-strength cryptography such as Bitcoin’s 256-bit ECC [141-145]. De Natris accepted that technical progress matters, but argued that organisational inertia is often the bigger obstacle because engineers must still persuade CEOs and CFOs to fund migration [146-149]. Moreno Falcão added another sign of acceleration by referring to research co-authored by teams from Google, Berkeley and Stanford that, in his account, recommended migrating cryptocurrency systems to post-quantum cryptography by 2029, earlier than prior US government guidance [151-153]. An online commenter also described the issue as a countdown to Q-Day and urged organisations to migrate proactively using NIST-selected algorithms, while warning against waiting too long [154-160].
One of the clearest analytical moments came when a student participant noted that NIST had already standardized or selected post-quantum algorithms and asked why deployment was still so difficult [162-169]. The same participant also raised the “harvest now, decrypt later” problem and asked what should be done about data already at risk [172-175]. Moreno Falcão responded by distinguishing between the availability of algorithms and the much harder work of embedding them into real-world protocols and systems such as TLS, DNS and cryptocurrencies [177-183]. He then offered one of the clearest implementation frameworks of the session: organisations need cryptographic inventories to identify where cryptography is used, prioritisation to focus limited resources on the most important assets, crypto agility so systems can adopt new algorithms over time, and coordinated deployment so interconnected systems can continue to function securely together [186-198].
The discussion also made clear that “transition” remains opaque for many non-specialists. One participant observed that for households and small businesses, the term says little unless it is translated into concrete implications such as device replacement, provider changes, software upgrades, or major new costs [296-311]. Ampeau linked this concern to the longer-standing concept of crypto agility and suggested that organisations first identify their own dependencies and then ask whether their providers are ready to support migration [313-320]. In some cases, he said, the technical complexity may be absorbed by providers rather than customers [318-320]. Frédéric Taes, however, added a more cautionary note: some migration will require not just software changes but significantly more CPU power and potentially major hardware investment, especially for legacy systems [321-332]. Nicolas Zahn later reinforced the importance of inventories, saying that one of the first steps in security consulting is simply identifying where an organisation uses encryption before deciding what must change [334].
Responsibility and governance formed another major strand of the session. Smee Cujic introduced a second Mentimeter poll, and Frédéric Taes read out the answer options while sharing it, asking where responsibility for becoming quantum secure should lie: governments, service providers, individuals, the broader internet community, or “other” [229-240]. The responses showed little support for placing the burden mainly on individuals; governments, service providers and especially “other” all drew substantial support [232-239]. That result led into a broader debate in which one participant argued that responsibility should not be reduced to blame assigned to a single actor, but understood across layers of people, process and technology [242-255]. The same participant warned that uneven migration could create a new digital divide because countries and communities will not all move at the same pace [250-253].
The governance discussion was widened further by ethical and human-rights concerns. One participant argued that the transition is not only technical and mental but also ethical, urging member states to build on UNESCO’s work to keep privacy and human rights central while pursuing quantum advantage, and pointing to Austria’s initiative as a useful example [203-207]. A separate participant from TU Delft described related work with UNESCO on a safe and responsible quantum transition that includes legal, societal, ethical and regulatory dimensions alongside crypto agility [258-263]. Another audience member suggested that, if resources are limited, critical infrastructure should be prioritised, explicitly naming ICANN and the DNS root because of their systemic importance [266-271]. Ampeau replied that ICANN is clearly engaged through existing fora and standardisation discussions, but he did not present a specific roadmap [273-274]. De Natris then added an example from earlier work on IoT security, saying researchers had identified 442 different governmental approaches or recommendations, some contradictory, and arguing that such fragmentation makes practical progress much harder [277-282]. Moreno Falcão answered the responsibility question by advocating a genuinely shared model involving governments, ICANN, service providers and individuals, while noting that coordination is difficult because each group tends to optimise for its own interests [283-291].
When the discussion turned specifically to ordinary users, an audience member asked what individuals could actually do before Q-Day [211-214]. De Natris answered in limited terms: people can make better choices about providers and products, for example by looking for services with HTTPS, DNS security or more secure IoT protections, but they cannot solve the structural problem on their own [215-228]. The exchange suggested that individual action can help, but that larger institutional actors bear most of the burden [215-228].
In the closing phase, participants moved from diagnosis to rough consensus language. De Natris argued for roadmap development and for capacity-building materials that could help procurement officers favour secure-by-design systems [221-223]. Zahn incorporated this into his closing synthesis, presenting two draft messages: first, that privacy was the dominant concern and Q-Day should no longer be treated as a purely distant scenario; and second, that technical standards alone are insufficient, because organisations also need awareness, resources and clarity about where they currently rely on encryption [334-349]. During the drafting exchange, de Natris objected first to the word “enforce” and then to “promote,” saying the preferred wording should be “stimulate secure-by-design deployment” [350][353]. Ampeau added that, in France, the national cyber security agency is developing a qualification path for PQC-ready solutions that could help organisations identify trustworthy offerings [351-352]. Another participant suggested making education and capacity building a distinct government role rather than hiding it inside procurement language [358-363]. Cujic then reminded the room that the aim was rough consensus rather than perfect wording and that the text could still be refined after the session [355-356].
Overall, the session treated post-quantum security as an urgent but still poorly understood transition. Speakers agreed that quantum computing threatens core internet trust mechanisms, but they also emphasized that the challenge is not limited to cryptography: organizations need inventories, prioritization, crypto agility, deployment planning, budget decisions, and clearer guidance for non-specialists [85-86][96-109][177-198][296-320][321-332]. The discussion also broadened into governance, ethics, procurement, and digital-divide concerns, with broad support for shared responsibility across governments, service providers, technical actors and other stakeholders rather than individuals alone [203-207][229-255][258-291]. The session ended with rough consensus around urgency and shared responsibility, while exact wording on policy roles and procurement language remained open for later refinement [350-367].
the moment anyone presses to speak, it automatically takes over from the current speaker. So be aware of that when trying to speak. Maybe when it comes to the room, same as online, they can raise hand, right? Perfect. So please raise your hand before speaking so you do not interrupt the previous person. As I said, we have our experts here, two in person and one online. And in no particular order, I would like to introduce Benoit Ampour on my right -hand side. He is the Director for Partnership and Innovation, Head of Ethnic Labs. Then we have Wout De Natris, the following. He is the Internet Governance Consultant and Coordinator of Dynamic Coalition on Internet Standards, Security and Safety Coalition, ISEC.
And we have our speakers. Online. Hi, Joao. Jean Moreno, he’s a cybersecurity specialist and vice chair of the Dynamic Coalition on the Internet Standards, Security and Safety, working group on emerging technologies. But before we start, I would like to see what your thoughts are. Can we share the Mentimeter? Okay. So we have a question. What are your most pressing concerns regarding digital security and post -quantum world? It’s using the application Menti. You have the QR code on the right, and you can also go to menti .com and give really the number just there. And there are five options. The first one is the loss of privacy and identity theft. It’s computing, breaks the encryption, protecting all your secrets from a password, a banking personal message.
That’s the first one. The second one is not knowing digital signature, contract, or identity is authentic because encryption is so used to sign contracts, to know that you are talking with your bank, the bank to recognize it is you. That’s the second one. The third one is the organization’s current slow adoptions. Of quantum computing resistant technology. due to the cost complexity or not knowing, not enough conscious on what needs to be done. And the next one, the fourth one, is only wealthy nations and corporations can afford advanced post -contrum security. That could be one of your concerns. That’s not accessible for, say, poor people, only from rich companies and countries or others. And if there are some others, please select that option, and you will be able to explain here what would be this other.
Yeah. Thank you. I see that we have already 29 answers. And you see it here. This is really the privacy. It’s a much bigger concern currently, but we have also some others. The identities, verification, signatures, and contracts. And authenticity, the slow adoptions of… post -quantum resistance solutions, activations, and others. 31 answers. Still a few seconds to answer. I don’t see more answers, so those are the answers here. I think we have a majority here, but I will let now our speakers tell us their thoughts about it. Wout?
Thank you, Smee. Smee, as I’ve been introduced, I will not do it again, but I do apologize for my voice, which, believe me, is a lot better than a week ago. I want to play a little bit with your mind to start. Just imagine a world in which all locks, all of a sudden, don’t work anymore because of a magical invention. So, of your front door, of your car, of your bank vault, whatever, they don’t work anymore. what would happen with everything you own would be an immediate risk got that in your mind? then we’re going to go to the day the first quantum computer comes online and we have not prepared ourselves as a world to protect our devices, our connections our email, our bank accounts our bitcoins, etc it would be the same situation if you would not be protected by your locks anymore but only online so the question then also is who turns on that first computer?
is that a benign someone who wants to make the world better or is it a malignant somebody who wants to attack you immediately? but if it is at a university where all of a sudden somebody has a eureka moment or has made a mistake why all of a sudden it works and they don’t know how but it works and that university has been hacked by a criminal gang somewhere in the world that they can’t be reached and they’ve been hacked for years so they build everything they know into the machine they have so that is a situation that we may face but this is something we can prevent for but that does mean there has to be a transition of just about everything online think of your mobile device, your laptops but your connections, your IOT devices, your sensors whatever, they all will need to go into a transition and that is something we can’t underestimate because this is not something that one person can decide or two persons decide it will be a worldwide necessary decision of people who know nothing nothing about this topic, but will have to be convinced that this is a step they have to invest in and it’s a step that they need to take to protect themselves and to protect the rest of the world and their customers, their own clients, etc.
If you look at the past at internet standards where they had a session next door in the other room an hour ago then the experience is not good. The original internet standards worked like a miracle because they were invented over 40 years ago and they connected the whole world. So it works perfectly except that they’re not secure. They were not made to be secure because there was no necessity to make them secure. The technical world came up with new standards. If you look at deployments and figures in the world depending on where you live it could be even, for example, DNS security less than 4%. of a country, while others perhaps reach 50 or 60 percent. So that is something that needs to change.
And although in the previous session someone said Y2K, the moment of the millennium bug, is not a good example, I do think it is. For this reason, everybody has to move around the same time. Yes, the difference is there is no single date. We can’t say 1st of January 2000 it needs to be done. But we do know it has to be done by 2029 or 2033, whatever. So in that sense it is about motivating people. There’s coming a day that you need to transition otherwise you’ll be too late, because not doing it means you lose everything. And then I come to my own dynamic coalition, and João will tell more about it, and Benoît has been working closely with us also because he strongly believes in it.
What we will try to do… is start expert working that is going to look into the topic from several angles. So not create any standards because that’s done elsewhere. But what does it mean when the standard is there? What does it mean for an organization that needs to deploy it? What will they run into physically and technically to actually deploy? How do you convince your boss that this is something he needs to finance because otherwise there will be an issue with his company later? So that’s the sort of topics that we want to address in that working group. We have the experts. We have people who are technically very feasible to be able to professionally assist the volunteers.
And we have me doing the coordination and organizing everything. But we do need parties who want to join it. And we do need parties who are able to finance the professionals. So that’s the invitation that we can discuss perhaps later. But that’s also where I’m going to stop my story now, because I think the issue is quite clear. And put that thing about the keys and locks that don’t work anymore in your mind as an example. Perhaps convince or discuss it to others. Thank you.
My turn? Yeah. Okay. Hello, everyone. Greetings from the Brazilian IGF. So I want to bring here in this first moment what we are seeing that we know it will change and how it relates to our fears and what you already strongly showed. So quantum computers, like quantum physics is a… reality. Every single computer only runs because we studied and we know quantum phenomena enough to make the computer work. But for the first time, we are being able to use quantum features to run algorithms. So when we are capable of using, for example, superposition inside a computer, we can expand a lot on what we can do. And this means that we can attack the public key infrastructure that we have now.
And this breaks integrity, this breaks authenticity, and with this, we know. for a fact that privacy is at risk when this powerful enough quantum computer appears. And as Walt said, we don’t know yet when it will happen, but we already know about Simplify, the text being executed in the quantum computers we have now, and we know that this will expand in the future. So, this systemic attack needs to be tackled. And what we did, me as an IS3C researcher, was to look after what governments were doing and how they were tackling the change, because we need to improve the systems, we need to make them safe. for when this new quantum computer comes, because it will put at risk our privacy and identity, because with this kind of computer, we can undermine the securities that we have now.
And I’m pretty happy that everyone sees this way, the quantum risk, and I would love to hear more about what you have to say. Thank you.
So I won’t add a lot, but we are, as AFNIC, a very proud member of the IS3C Dynamic Coalition. Now I will speak, and we will maybe dive into the infrastructure layer. So I speak here from the… a DNS registry operator perspective, running .ifr, but also French overseas territories, but also other ccTLDs and gTLDs. So my job and the job of my colleagues is to keep and contribute to an Internet which is open, secure, and stable. That being said, for AFNIC, the question is not only to choose, but how to preserve this interoperability and stability and trust at the DNS scale. So post -quantum cryptography is not just only a crypto topic. It’s also a very concrete operational topic.
As an example, so we operate a critical registry service at Internet scale, so the operational questions are very concrete. Can we sign zones in time? Can results? Can servers validate DNS names correctly? or can services remain interoperable during the transition? So with that framing in mind, the question is simple. Why does encryption matter in the everyday Internet people users? Encryption is now a condition for trusting everyday digital services. We already have DNS privacy and security improvements. I can quote and state DNS over TLS, DNS over HTTPS, or DNS over QUIC, but they mainly protect confidentiality on the transportation layer. It’s important and complementary to authenticity and integrity. That is why DNSSEC remains essential, because it lets resolver verify that DNS data really comes from the right source and has not been hacked.
Change tempered with during the transit. Let’s give me also some two examples. You might know SPF, DKIM and DMARC. These are email authentication standards that help verify whether a message really comes from the domain it claims to come from improved deliverability and better handle incoming messages policy on the recipient’s site. They use, they rely on the DNS. ECH, it’s a newer privacy mechanism for TLS that hides more of the secure session setup, but its configuration is distributed through DNS. So weak DNS authenticity can still put the ECH negotiation setup at risk. So encryption protects trust in daily internet services, not only secrecy. DNSSEC gives authenticity. And integrity. So it becomes even more important when we look at the quantum risk.
Thank you.
Thank you very much. I would like to open the floor for audience at this point. Are there any interventions? First, let’s see in the room. Okay, is there anyone online? No, not seeing. So hearing that people are very much concerned about their data and seeing how actually comprehensive an impact of having a quantum computer that can break the encryption matters, what can we really do about it at this point? Is there something that we can start with? just a moment, I see a hand yes, go does it work?
well, I just admit I’m not from the tech community, I’m from the EURODIG board and what I see, well I’m coming from the business side and businesses, not tech business, and just normal businesses and they don’t know whom to ask if they ask the big universities, of course you end up with some nerds, if they ask some NGOs it is just hell and doom, if they ask whoever, so who should actually ring the bell in a meaningful way meaningful, I mean just as if reading Financial Times, is it Financial Times? Financial Times, that should go to media, trustworthy media, who should tell it? So while I fully understand we have discussions about it, but actually from talking to you, it’s not the same as if I read it in the Financial Times.
I think that is the $64 million question, to paraphrase Crouch or Marx. But I haven’t got the answer yet, because where do you literally start? I think that is by having the right sort of information that is not only alarmist, but also proactive toward a solution. And with that message, you have to start doing the right outreach. And that would mean talking to people that you’ve already… already invited into the process at some period, so that they understand what it is about. But in the end, you arrive… an organization like the Financial Times or the Economist or that sort of trustworthy papers should be starting to addressing the topic from a non -alarmist point of view.
And I’ve been alarmist here deliberately to set the stage, but that is not the way you convince somebody because they will probably run away saying this is too difficult. Perhaps João or Benoit, you have another answer to get on
Maybe a piece of the answer. Assuming that you are considering that this is a technical transition you need to do as any technical transition you need to make for your business to run from the server side, software side, whatever. So you, I’m sure, you have training, certified organization. close to you that could deliver and help you also to have this approach having like being prepared how to transition and how can I set up the services once the standardization will be mature enough so forth and so on so I think this is also a way to look at the thing so about awareness it’s a thing but also considering that it’s a technical transition we have to do and I’ll follow up again
I’m a cyber security professional I’m from the technical community just last month a researcher cracked a 15 bit ECC using a quantum computer with only 70 qubits while that’s far smaller than the it’s a it’s a 256 -bit ECC protecting Bitcoin today, it’s the largest public quantum attack ever demonstrated. It shows that the Q -Day isn’t a distant theory. It’s already unfolding in real time. If such breakthroughs keep accelerating, our privacy and financial system could be exposed much sooner than expected. Thank you.
I’m talking about a technical transition. But quite often, the transition is not just technical. It’s about convincing the right people that we need to make the technical transition. Because quite often, you hear that… technicians have been trained to do the transition to DNS security for example but then they have to explain it to the CEO or CFO and he just asks what does it cost me and that’s not what we’re going to do today so in other words it’s not a technical transition, it’s also a mind transition of people have an understanding that they need to act now because otherwise they may lose a lot and I think that that is where the disorder discussions on a higher level at some points will help us
Just a moment, João.
Okay, thank you I read today an article co -authored by Google a researcher from Berkeley and one from Stanford saying that envision attackers much sooner than they were thinking before. So they did research focused on cryptocurrency, as Talaika mentioned, and they said that they advised everyone to migrate to post -quantum cryptography at most in 2029. So advancing seven years than what the U .S. government created in their guidance documents. Thank you.
We have intervention.
Hello. All right, great. So thank you for your attention. My name is Siva. I’m a university student. I was two years ago. I come from a technical background, although I’m not an expert in any shape or manner. So my question is, first of all, unless I’m mistaken, I think there exists complete cryptographic suit. It came out from NIST tournament, let’s say. So we do have post -quantum tools. So as it’s been mentioned, it’s mostly an adoption problem. So my question would be, what are the major obstacles between adoption and our current situation? Of course, economic burden will be one of them. But since the problem is so major, one wouldn’t imagine that we’d have such difficulties.
And especially I’d like to hear the business side, since we have a very diverse array of points of view here. And the second question. It’s maybe a bit more technical, but there is surface level. What should we do with the data that’s already been exposed? I’m talking about a collect and decrypt later strategy with, for instance, a malicious agent who stores encrypted communications that are vulnerable to quantum computers. Maybe should there be laws that force companies to change credentials? What are proposed mechanisms against this sort of scenario? Thank you very much.
Yeah, thank you. So the first thing, I will use a slightly different vocabulary just to differentiate two things. What Nest created are cryptographic algorithms and they sign it saying, okay, this is trustworthy. But what we need to develop are cryptography protocols, so the security protocols, because we know that this algorithm is here and can be used, but how can we translate this to the tools that we use in our daily basis? So what this means that RSA is essential, it’s everywhere, and it’s vulnerable against quantum computers. And this is used in TLS, this is used in DNS, this is used elaborate curves are used in Bitcoin and they are vulnerable too. So we need to translate these trustworthy algorithms into secure protocols.
And the second part that you pointed is something that we really want to discuss here on what should we do. And I picture my answer for this into four topics. And this is also in our report when we are advising on the next steps. The first one is that we need to develop cryptographic inventories. What this means? We need to understand where cryptography is used and using which algorithm. So in this way we know what needs to be done. To change to be resilient against a quantum computer attack. The second part we need to prioritize because, you know, resources are limited. And first, we need to protect what is most dear to us. The third one is crypto agility.
And this is another jargon that means how can we use the protocols we have, the security protocols we have, to implement and to use new crypto systems inside them. So TLS used to have triple deaths in their structure. It’s not secure anymore, so it’s been dropped by like 99.99% of the places using TLS. But… Now we use ellipid curves, we use RSA, and we need to go further and implement new… not we as ISRC, but we as the society. We need to define how we are going to change the protocols and then move towards that. And of course, we need… a coordinated deployment because we are speaking of thousands, millions of devices all around the world talking the same language and we need to keep that and like without allowing places to be vulnerable that can undermine the whole structure of the internet.
Thank you very much Joao. We have intervention in the room. Yeah just press one more. Okay yeah great yeah
I would like to circle back to the point of technical transition not being only technical one but also a mind transition and I would also add ethical transition to that and the great example is UNESCO’s commerce work. which kind of outlines that protecting privacy and human rights remains a central priority as countries and member states pursue quantum advantage. So that would be the first point. And then the second point, I think that research and human rights and security always need to work hand in hand. And a great example is a Quantum Austria initiative where they have funding and support to boost research and innovation. And to wrap this up, I think that member states should build upon the legacy of UNESCO’s work and maybe also try to follow Austria’s example.
Thank you.
No additional interventions? No, perfect. Oh. Thank you.
Hi, excuse me. My name is Aaron Gallagher and I’m a participant of this year’s Ute Dig. And I just have a question for the panel, as I don’t come from a very technical background myself. And I suppose my question really revolves around, is there any steps that we as individuals, as opposed to society, can take, I suppose, in preparation for Q Day? Thank you.
Thank you. That where large corporations and governments are concerned, things are different. One organization may offer a service provider or IoT device maker or whatever. They provide a lot of security and others don’t. When you procure, if you don’t procure your ICTs secure by design, you buy off the shelf. And that means you’re handing yourself over and all your data over to whoever. You don’t even know if it’s secure or not. So if governments, and that is, I think, one of the outcomes of the project that I was mentioning that we want to start, is a sort of roadmap saying what sort of solutions there are available for you. And one would be a capacity building program for procurement officers saying you need to procure securities by design and make sure that there’s enough examples in that document that they can actually start using it.
And that would mean as an individual. that if you want to look at your service provider today, then perhaps you could see that they don’t offer DNS security to you or they don’t even, the HTTPS, for example, that is not even included with some, that still happens. That means that you have the opportunity to move elsewhere. But you have to check what the level of security it is they’re offering you. When you’re buying IoT devices, perhaps you can check the list saying, is there any security in place so that not everybody can access that baby camera that you want to install in your room and that it’s closed. So that’s the sort of thing you can do as an individual, but not in the greater scheme of things.
And that’s where governments and larger corporations have to start giving the right example.
So just, I’ve noticed there’s another comment, but for the sake of the… having the session happening on time I would like just to do the second Mentimeter that builds perfectly on this one and it is about the responsibility where it should lie.
Thank you, Smee, so the responsibility of being quantum secure should be with governments, that’s the first option with service providers, second possibility individuals, that would be the third option or the internet community in general with ITF, particular internet society I can order, stakeholder organism or other, and if you choose other, please elaborate afterwards which other stakeholder should take it Do you see here? No, you don’t see? Okay, so I need to share again, yeah, I see I share my screen, I will share again Okay and authorize, okay and this this okay this one here this one okay you can see it okay so that’s the same code again on meti .com you have the qa code and you have the responsibility of being quantum secure through with government service providers individuals internet community or other and i see that there are some others and even a majority so you please elaborate afterwards if you are in the room or online please raise your hands to to explain who should act thank you so we have 14 answers we should have more i see that service provider now is growing governments you can also select you the different ones, but I see that individuals looks to be really the…
How to say that? With no option and no action to take. Just what we have discussed before. Yeah, see even now a majority of order. So not governments, not service providers. Few for individuals and internet community. So if we have someone in the room maybe to start and to share what the orders could be. For people having answers order. S
o I was just wondering instead of asking the question or just pointing fingers like who is going to be responsible. Maybe we could say… Think about in layers like people, process and technology. You mentioned procurements. And this is talking about debates, technology standards, supply chain developments, and then people, whether we are as citizens in different organizations, stakeholders, and, of course, as human rights perspective, and how we are responsible from beginning. I mean, cyber hygiene is different on different level and digital literacy in different countries. And you mentioned transition. It is a process and it is a kind of a roadmap. And the roadmap would be different in different countries and region. And I’m afraid if there is a transition, then we need to, I’m kind of thinking ahead, is this going to be, again, some kind of digital divide if we’re not ready at the same time to go from point A to point B?
in a same way, and it’s not going to be the same way. That’s definitely, we’re all in a different path for this. It’s kind of tricky, but maybe if we discuss it on layers, different layers, it’s going to be easier for the country to make plans, action plans. And if we talk about citizens layers, then how do we prepare this? If we talk about who’s responsible? Otherwise, this kind of question, who is responsible, is just pointing fingers and saying, getting rid of the accountability, and I think we’re all in it together. My name is Shamira Ahmed. I’m from TU Delft. And just to add on to what the… former speaker highlighted, it is a joint collaboration.
And actually, we’re working on this with UNESCO on an ecosystem perspective on how to advance responsible and safe quantum transitions. And we have a session at RISIS. If you’re going to be there, please join us as part of the workshop as we collaborate on creating an ecosystem -level quantum safe transition, focusing on the ethical, legal, societal, and regulatory aspects of a quantum safe transition beyond crypto agility and other limitations other people have mentioned. It’s not only a technical transition. It’s a mental, ethical governance, so on and so forth. Thank you. Just one sentence. To be honest, the greatest technological advancement and transition, the fastest one, happened during pandemics, right? So… So we have another comment online Tirak says we often hear cybersecurity discussions begin with warnings of collapse but with quantum computing this is not another warning it is a countdown to Q -Day and the only real safeguard is proactive migration to post -quantum cryptography NIST has already finalized Kiber, Ethelium and Sphinx Plus and if organizations wait until 2013 the encrypted data being harvested today we could be decrypted tomorrow the time is to act now Hi everyone my name is Bolo Tife and I’m with the non -commercial stakeholder group of ICANN and From my perspective, I think if there are limited resources for such a migration, I would propose a risk -based approach, which means prioritizing critical infrastructures.
And so I have an intervention and I also have a question. I believe ICANN on its own is a critical infrastructure that affects everyone, considering that they manage the root servers for the domain name system. So my question would be also to the speaker from the ESSA. What are the steps that are being taken from ICANN’s perspective to protect the root servers and the entire domain name system as a critical infrastructure? Which… Which I think should be prioritized. Thank you.
I might not have the correct answer, but I know it’s a topic for ICANN in the sense that they are looking and participating to different fora in addition to ICANN meetings and also proactive in standardization as well. So it’s a technical topic they are following for sure and they are even engaged in it, but I don’t have an exact roadmap from them as far as I’m concerned. S
orry again, my horse. I would still like to respond to the ladies over there that give you an example. João worked with a colleague of his from Uruguay, Nicolas, on an IoT report and we were asked by Microsoft to compare. legislation or roadmaps or whatever governments produced on IoT. And they’ve cataloged them and they came up with 442 different approaches, recommendations, whatever you want to call them, of which some were 100 % contradictory. So if industry has to work with 442 recommendations, nothing is going to happen. So with the roadmap that we hope to be able to make is to give a head start in this discussion so that not everybody starts inventing the wheel except that it is important that governments do join at some point this discussion because otherwise they will probably ignore it when it’s published.
And Joao, I think that you may be able to respond to the digital divide that we also recognize in the
hi yeah so I think we we have a on what we think about this who should bear the responsibility of being of making society quantum secure when we brought this discussion to erotic right the place where we can find all stakeholders in Europe and I think our answer to that comes from this so we know that ICANN have an important role coordinating we know that the governments as we researched have an essential role the service providers too individuals I have an example myself of of this because In the past, when I was like a teenager, I wanted to encrypt data in my hard drive. But almost none of the providers had that functionality embedded in their systems.
So I had to like search the internet, find a specific software to do that. And this is hard, but this also helps to set the standard. And when we talk about coordination, we know how hard it is. We know that everyone wants to do the best for their groups. And this is why we need to discuss this in this kind of forum. Because the contradictory parts need to be tackled on before implementing. This is the solution. And… Yeah, I think that’s it. Thank you very much.
We have had one intervention in the room. Y
es, thank you. Just coming back to what the earlier side said about the transition, I’ve also put it in the chat. The transition for non -technicians is a totally opaque thing. Okay. So it’s a totally, totally un -understandable thing. What means transition? Is it costly? Does it mean I just have to open all data and save it like from PDF to JPEG or vice versa? Is it something like I have to just buy new equipment fully? Do I have to change my provider? So as long as… Just the ones who should transition have no clue what transition would mean. They don’t start thinking about it, and there is no budget nowhere. It’s not in the private household, the budget for that.
Nobody is going to save for the new Q -safe iPhone if one doesn’t know about it. On the small businesses, they don’t know anything. You are not having budget for having consultants, so I think it should start there. There, bringing in some very low -floor knowledge about what transition would mean. People are not against, but they have no clue. S
o, tricky question. So, transition, if I’m talking about infrastructure layer, we are managing its infrastructure. typically what we call the crypto agility and it’s not a new concept it’s like 11 years ago there were i don’t even remember the rfc but it was like let me just check rfc 7696 also known as best quantum practices 201 cryptographic algorithm agility guidelines for cryptographic algorithm agility and select mandatory to implement algorithm so basically and we are also now the same for pqc dns pqc for engineers so from the standardization technical part it’s about being agile in doing the transition from the technical layer then when you are running a business if you are running a business on the internet where are you looking at some funds to switch from http to https you or were you relying on your providers to ask your provider, okay, I would like you to host my website in a secure manner and giving some secure communication between the end users and the providers.
So it’s more or less the same. So I understand food is a question, and there is a lot to raise, but the question is like you would need to look at your business. What are the threats and what are the concerned parts of the business who need to rely on PQC? And now you would start, since you have the inventory, start maybe also put some costs. Maybe it could cost nothing because you have providers that are ready in doing this transition, and the provider will provide you the PQC algorithm you need to protect your business. This is a mix between look at what you need and what to keep your business secure. And after, I think the cost is a shared cost between the business providers and all the stakeholders of this trust chain.
Yeah, Frederic Stas speaking. I speak on my own, but in my quality of cybersecurity manager during my day life. And I observe that already today, even with the classical encryption, you have some parts really not protected at all. And there was a good comment in the chat from Tilaka. It means upgrading protocols and software. Yes, that’s true, but that’s not sufficient. You need sometimes to have more powerful hardware with more CPU power, et cetera. And so it means sometimes really huge investments in terms of hardware and not only just upgrading the software. It’s like you have. A very old computer and you need you come with new software. It will just not work. So that’s huge investments behind.
Thank you.
before we come to the messages i’m uh very very short remark uh Nicolas Zahn from the swiss internet and digital governance uh i guess just building on your last point that’s also why one of the first steps that you see in quantum security or cyber security consulting is to start with the inventory because organizations first need to understand where they are currently using encryption so that they can understand where they potentially need to change something to uh to move towards the post -carnitine world but in terms of the discussions that we’ve seen i have two major messages prepared the the first um deals with the deals with the question of why does this matter and what specifically do we see as the biggest potential issue and there the mentimeter showed that loss of privacy is seen as the most pressing concern regarding digital security and the post -quantum world.
Q -Day is not a far -distant threat, but already a partial reality, as first successful breaks of encryption using quantum computers have shown. And since the post -quantum world affects almost every aspect of digital life we need to prepare today, or rather even yesterday, I’ve also noted down, given the back and forth on the lack of clarity on what it is that is expected by organizations, that organizations, public and private, need more clarity on what is needed and where they currently use encryption.
Otherwise you can share. I don’t have the right to share my screen again, but if you give me the rights, I can show the screen. I don’t have the right to share my screen again, but if you give me the rights, I can show the screen.
Okay, here we go. It’s a bit small. That’s better. Perfect. So, as you can see, the first message deals with the question of why this is a topic of relevance and what the timeline looks like. like and what we see as the biggest issue, the biggest issue being the loss of privacy. The second message then deals with the next logical step saying what should we be doing about this, what can be done and who should be doing it. There I noted down from the discussion that technical standards are only part of the answer. We also need awareness and resources to help organizations with the deployment of these new standards. And we also noted in the discussion that QDA is a structural issue that needs coordinated actions and cannot be addressed on the individual level, something that the Mentimeter showed.
Just to give an example, I’m adding the point on the potential element in a government roadmap could be capacity building for procurement officers to enforce procurement of secure by design systems. And in terms of responsibility, the survey shows that the participants, or split between governments and service providers, I know that others got an equal amount or almost as high amount of… votes but at least for me it was not clear from the discussion what this now refers to so I’m happy to add more specific content there in the message
If I can comment I would not use the word enforce because procurement is in the end voluntary something because you can you can either decide to join it or say but I’m not going to offer that so I’m not going to give an offer so the word that I would use is probably stimulate stimulate security by design deployment
I was just thinking about for instance in France the National Security Agency by next year they will propose a way to qualify for PQC -ready solutions, so it could help. So it’s something that capacity building in promoting or qualifying secure by design solutions, for instance.
It’s not promote either, because you don’t promote in a procurement process. So I would say the stimulation of secure by design deployment.
I just need to remind everyone that we need to work on a rough consensus, meaning it’s not about details. If there is any very strong disagreement, we still have, I think, a week to polish it out. So I want to give the word.
I just suggest a very minor thing. It is a potential government role. It could be capacity building. So capacity building and education, I would suggest we take it as a third. bullet. So take it out since this is not really fitting there or could be emphasized in putting it on the three. And as a final comment that we have to start now because tomorrow might be too late to make it explicit.
So again, unless there’s a really, really strong disagreement, we need to end the session since I’ve been informed that the plenary is waiting for us. Okay. Thank you very much for everyone’s participation. Thank you. Thank you. Thank you.
“The session framed post-quantum security as a practical risk to privacy, identity, banking, contracts, and other everyday digital services rather than a purely theoretical future issue.”
This framing is consistent with the knowledge base, which describes quantum computing as a growing cybersecurity concern and highlights immediate implications for existing encryption and digital services, including the risk that current encrypted data can be harvested now and decrypted later [S60].
“Wout de Natris argued that if a capable quantum computer arrives before preparation is complete, devices, communications, bank accounts, cryptocurrencies, IoT systems and other digital assets could be exposed.”
The knowledge base supports this general claim by stating that quantum computers could break today’s cryptographic methods using algorithms like Shor’s and Grover’s, affecting current encryption standards and creating immediate risks such as ‘harvest now, decrypt later’ attacks [S50] and [S60].
“Because nobody knows when ‘Q-Day’ will arrive or who will reach it first, preparation cannot wait.”
The uncertainty and urgency around ‘Q-Day’ are corroborated in the knowledge base, which notes both that the timeline for cryptographically relevant quantum computers is uncertain and that speakers emphasized the need to prepare before ‘the so-called quantum day’ [S21] and [S60].
“Wout de Natris compared the post-quantum transition in one respect to Y2K, saying the whole ecosystem needs to move in time even without a universally agreed cut-off date.”
This comparison is directly reflected in the knowledge base summary of the IGF report launch, which says Wout de Natris drew parallels to the millennium bug and emphasized the compressed timeline for post-quantum migration [S2].
“He proposed a Dynamic Coalition working group focused not on writing new technical standards, but on helping organisations understand and implement existing and emerging ones, including technical, organisational and managerial barriers.”
The knowledge base aligns with this description of IS3C’s mission: it emphasizes deployment of existing security-related internet standards, highlights implementation and compliance challenges, and notes that adoption barriers are not only technical but also political, economic, and organisational [S74].
“João Moreno Falcão explained that sufficiently powerful quantum computing could undermine the public-key infrastructure used across the internet, putting integrity, authenticity, privacy and identity at risk.”
This is supported by the knowledge base, which states that cryptographically relevant quantum computers could break currently valid encryption including RSA and that quantum computing threatens existing cryptographic methods and broader cybersecurity frameworks [S60] and [S50].
“He said the exact timeline remains uncertain, but there are already visible signs of technical progress.”
The knowledge base adds useful nuance: it stresses that prediction is highly uncertain, with experts cautioning that no one knows where quantum computing stands on the path to practical cryptographic impact, while also documenting recent hardware milestones such as Google’s 105-qubit Willow processor demonstrating strong quantum advantage on a benchmark task [S21] and [S66].
“Benoît Ampeau stressed that post-quantum cryptography is not just about choosing stronger algorithms, but also about preserving interoperability, operational stability and trust across the DNS ecosystem.”
The knowledge base provides supporting context on why DNS operators would focus on these issues: DNS is identified as a foundational internet standard, and the broader post-quantum transition is described as involving implementation and coordination challenges beyond algorithm selection alone, including system upgrades, interoperability, and ecosystem-wide migration planning [S74] and [S50].
The discussion showed strong consensus that quantum computing presents a serious threat to current cryptographic systems, with privacy identified as the most immediate concern, and that preparation must begin now rather than after fully capable quantum computers arrive [34-40][44-45][53-58][81-89][141-145][334-347]. There was also broad agreement that the challenge is not only technical but organizational, economic, educational, and governance-related [138-140][146-149][177-198][296-311][323-332][358-363].
High consensus on the nature of the threat and on the need for early action. This implies that the debate has largely moved beyond whether the issue is real and toward how to organize migration, build capacity, and coordinate actors.
The discussion showed broad agreement on the seriousness of the post-quantum threat, the need to start preparing now, and the importance of coordination, inventories, and capacity building. Most disagreements concerned governance framing, communication strategy, implementation emphasis, and wording of recommended actions rather than the underlying need for transition [125][177-198][221-223][334-348].
Low to moderate. The speakers were largely aligned on the goal of post-quantum preparedness, but they differed on who should lead, how strongly to present urgency, whether the core barrier is technical or organizational, and how recommendations should be phrased. These differences imply that the main challenge is not establishing that action is needed, but producing a governance and communication model that is understandable, politically acceptable, and operationally useful [242-263][296-311][350-355].
The key comments shaped the discussion by moving it through several distinct phases. Wout de Natris’s opening analogy established urgency and made the issue legible to both technical and non-technical audiences. Audience interventions then shifted the conversation from abstract risk to practical questions: who communicates this to businesses, how real the threat timeline is, what obstacles stand in the way of adoption, and what ‘transition’ actually means. João Moreno Falcão’s distinction between algorithms and protocols, and his four-part framework for inventories, prioritization, crypto agility, and coordinated deployment, gave the discussion analytical structure and a path toward action. Later interventions broadened the scope further by adding ethical, human-rights, ecosystem, and digital-divide perspectives, while Wout’s example of 442 conflicting approaches highlighted the governance problem of fragmentation. Finally, comments about opacity, cost, and hardware requirements grounded the discussion in operational reality. Overall, these comments transformed the session from a warning about post-quantum risk into a more mature multi-layered conversation about communication, governance, coordination, equity, and implementation.
Disclaimer: This is not an official session record. DiploAI generates these resources from audiovisual recordings, and they are presented as-is, including potential errors. Due to logistical challenges, such as discrepancies in audio/video or transcripts, names may be misspelled. We strive for accuracy to the best of our ability.
Related event
