Fancy cryptography in the wild 🎩

Curated list of deployments of fancy cryptography.

A secondary goal of this list is to provide cryptographers with a list of schemes that still need to be upgraded to post-quantum cryptography.

💫 Contributions welcome

Large-scale mainstream deployments

• Signal private group system.
  Key-verification anonymous credentials.
  Reading: blog. Fully PQ: 😔.

• Apple Homekit device enrollment
  PAKE (SRP).
  Reading: documentation. Fully PQ: 😔.

• Apple Keychain key escrow
  PAKE (SRP), threshold cryptography? ("majority of HSMs agrees").
  Reading: documentation. Fully PQ: 😔.

• Apple Carkey
  PAKE (SPAKE2+).
  Reading: documentation. Fully PQ: 😔.

• Apple Private Relay.
  Blind signatures for anonymous tokens.
  Reading: overview. Fully PQ: 😔.

• Apple Private Cloud Compute.
  Blind signatures for anonymous tokens.
  Reading: blog. Fully PQ: 😔.

• WhatsApp encrypted backups.
  OPAQUE for backup key retrieval from PIN.
  Reading: presentation, Meta whitepaper, Academic paper, audit. Fully PQ: 😔.

• Chrome compromised passwords check.
  Private Set Intersection.
  Reading: blog. Fully PQ: 😔.

• Cloudflare Geo Key Manager.
  Attribute/Identity-based encryption.
  Reading: blog. Fully PQ: 😔.

• (...)

Web3 / Blockchain

• ZCash
  Reading: TBD. Fully PQ: 😔.

• (...)

Growing or niche

• IACR voting
  Reading: Helios. Fully PQ: TBD.

• (...)

See also

• IETF PQUIP working group's "state of protocols and PQC"