I think that "having no known quantum attack" is a reasonable interpretation of "quantum resistant". If there were no possible "quantum attack" (under appropriate complexity assumptions, such as EC-DLP not being in P), then we could call it "quantum proof" instead of quantum resistant.

▲

DoctorOetker 20 hours ago | parent [-]

I understand what you mean, but I think such a concept or definition would be highly misleading: "having no known quantum attack" means every novel encryption method would be automatically "quantum resistant" for having had 0 adversarial attempts to find quantum or even classical weaknesses!

There should be some measure of competence-level-adjusted man-hours of cryptographers and mathematicians trying to swing their favorite hammers at the problem; in order to estimate this "quantum resilience".

	▲	defrost 19 hours ago \| parent [-]
		In minutes, on a single computer, for example, is the lowest bar. * https://mathematical-research-institute.sydney.edu.au/quantu... * https://magma.maths.usyd.edu.au/magma/ Props to John Cannon, George Havas, Charles Leedham-Green, et al.