feat: Document post-quantum threat models across cryptographic primitives

[Meyanis95]

Background

As quantum computing advances, many cryptographic primitives currently used in privacy-preserving protocols face potential vulnerabilities. We need to incrementally document post-quantum (PQ) threats across the iptf-map knowledge base to help institutions understand the long-term security implications of their technology choices.

Objective

Perform a systematic pass through iptf-map content to add PQ threat documentation where relevant. The goal is not to catalog PQ-resistant alternatives, but to clearly surface the quantum-computing threat model for existing cryptographic approaches.

Scope

In Scope

• Document PQ vulnerabilities for cryptographic primitives used in patterns
• Flag "harvest now, decrypt later" (HNDL) risks for encryption schemes
• Note where proof systems have soundness breaks under quantum adversaries
• Specify security bit requirements in PQ context (e.g., "needs 256-bit security against quantum adversaries")

Out of Scope

• Comprehensive PQ-resistant architecture design
• Detailed migration strategies to PQ cryptography
• Implementation of PQ alternatives

Acceptance Criteria

• Audit all cryptographic primitives mentioned in patterns
• Add PQ threat notes to relevant pattern sections (typically in "Guarantees" or "Trade-offs")
• Use consistent terminology (e.g., "quantum adversary", "HNDL attack")
• Update affected patterns' lastmod dates
• Document changes in CHANGELOG.md

References

• NIST Post-Quantum Cryptography Standardization
• Harvest Now, Decrypt Later threat model