Significant attack on post-quantum KEM Kyber published before Nov 2026

#Cryptography #Quantum Computing #Cybersecurity

Ṁ30

Ṁ90

2026

56%

chance

ALL

Resolves Yes, if, before November 2026, an attack on quantum or conventional computer of the Key Encapsulation Mechanism Kyber (1) is published (preprint, journal article or conference proceeding), that leads to NIST dropping the algorithm from its post-quantum standard, or discouraging its use; or alternatively, if multiple recognized/leading cryptographers recommend against its use.

This algorithm is notably used in Signal (2), and downstream adopters of the Signal protocol (though it is coupled with elliptic curve key exchange such that attacks on both are necessary for key interception)

I reserve the right to discuss in the comments, temporarily halt trading, and possibly even resolve N/A on ambiguity. Suggestions and comments on resolution criteria are welcome if made well in advance of the resolving event

(1) https://en.m.wikipedia.org/wiki/Kyber

(2) https://signal.org/blog/pqxdh/

Get Ṁ600 play money

Related questions

[Metaculus] Will a major cyberattack/malware use LLMs in some important way before January 1st, 2025? [Ṁ1000 subsidy]

60% chance

Significant attack on post-quantum signature SPHINCS+ published before Nov 2026

41% chance

Significant attack on post-quantum signature Dilithium published before Nov 2026

50% chance

Will Quantum computing break RSA encryption before 2030?

20% chance

Will a cyber attack by a top 10 GDP nation involving exposing mass private civilian data occur before 2028?

55% chance

Will quantum computers break current encryption algorithms by 2024?

6% chance

Significant attack on post-quantum signature FALCON published before Nov 2026

41% chance

"The Verge": Fully SNARKed Ethereum by 2027-02-06?

52% chance

Will a major AI lab announce that the weights of one of its models were compromised in a cyberattack before 2027?

65% chance

Will quantum computing break cybersecurity by 2030?

Sort by:

Paper that claims to break Ring LWE on a quantum compute: https://eprint.iacr.org/2024/555.pdf

Relevant passage:

If an attack on the ML-KEM-512 parameter set is published (for example), leading to its retraction, but the other parameter sets remain secure/recommended, would that still be a No?

@Retr0id That would most definitely resolve Yes

if multiple recognized/leading cryptographers recommend against its use.

Can we discount DJB from this?

@Retr0id I'm not up to date on drama, regrettably. I specified "multiple" exactly because people might hold different opinions on who is a credible expert.