Re: [Cfrg] likelihood that someone has a quantum computer
William Whyte <wwhyte@securityinnovation.com> Tue, 14 January 2014 00:05 UTC
Return-Path: <wwhyte@securityinnovation.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 009E81AE18B for <cfrg@ietfa.amsl.com>; Mon, 13 Jan 2014 16:05:29 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.379
X-Spam-Level:
X-Spam-Status: No, score=-1.379 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FM_FORGED_GMAIL=0.622, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2VKMXulZQqzV for <cfrg@ietfa.amsl.com>; Mon, 13 Jan 2014 16:05:27 -0800 (PST)
Received: from mail-qa0-x22d.google.com (mail-qa0-x22d.google.com [IPv6:2607:f8b0:400d:c00::22d]) by ietfa.amsl.com (Postfix) with ESMTP id 195E91AE107 for <cfrg@irtf.org>; Mon, 13 Jan 2014 16:05:26 -0800 (PST)
Received: by mail-qa0-f45.google.com with SMTP id ii20so3403031qab.32 for <cfrg@irtf.org>; Mon, 13 Jan 2014 16:05:15 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=securityinnovation.com; s=google; h=from:references:in-reply-to:mime-version:thread-index:date :message-id:subject:to:content-type; bh=y9YZXq0iIelzgjRkvUvZPCTPMq8II5YQUlcbyDbdxDc=; b=dFXx9E0XFanMbpZtlwtwKnY5dEnHKW3tY/p+OACJke2MVHFMhnAoZ7tSuYmpYW9zAe k917a4olTEeKqZMiUQA2jjgz5eg1aJg81PP4+7BnCLCxzNEVA1/RaYcDjphdJo0IC7Hb aBRaVIqpP9WYvTkkLxWb4kX1eX+QeV/Z0f1P0=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:references:in-reply-to:mime-version :thread-index:date:message-id:subject:to:content-type; bh=y9YZXq0iIelzgjRkvUvZPCTPMq8II5YQUlcbyDbdxDc=; b=My9azvqxY2aa2riDm5At77qeWLOq4C+LPgXgPwgmSGgXxhr1n+P6aPVRm+IbzDkCjb qeVFbQ0+zsgs2xLeUElVmtWm21gQPGYNZZwWWD8uXuSwvlJlKGUGfxGbhKVJXf3sczcy sCYwd6QGfFFLYg3pDUEy19NxWPr9KI25312G6M8Ue/zreaP7/hwLcShHoc6h1BsuFy3Q aMbYYwACHIiVPDmEPnC60pulG/Sl108ZQnTqRQ3/AToF6OxXx2vcV/ywN/ReQtSCPq2f rjJ7NtS0Lg+2NnFHSLoMjWp7XVzg22c12zFbt26shgPlYAFpfAj7k9dIXBZHCw4tONUo Mr3A==
X-Gm-Message-State: ALoCoQnVezkxxRSfouoXcnymEN5DI+8w4eV+Nn1EKKYe/Xy0ljnYvFmUi6BhIgkWMJguaUqtuxBH
X-Received: by 10.229.56.200 with SMTP id z8mr44316649qcg.1.1389657915680; Mon, 13 Jan 2014 16:05:15 -0800 (PST)
From: William Whyte <wwhyte@securityinnovation.com>
References: <52C755AA.70200@cisco.com> <33E0BF53-A331-4646-B080-FD4F6E13916E@ieca.com> <810C31990B57ED40B2062BA10D43FBF5C1BF54@XMB116CNC.rim.net> <52D29B10.4030401@cisco.com> <CACz1E9rsLRwqpA0fS2RNOcpsn7DMqaN=7dcJDQqEi8HDMKKonQ@mail.gmail.com> <CACsn0c=mYv7v3fGCHCe9D5w2j+gRWWsmoUA7NQ=AsczTMP1rDw@mail.gmail.com> <d4d82e7c3988ce4908202185921ed7bb@mail.gmail.com> <52D3FEC2.4080602@cased.de> <3C4AAD4B5304AB44A6BA85173B4675CABA9A1B1B@MSMR-GH1-UEA03.corp.nsa.gov>
In-Reply-To: <3C4AAD4B5304AB44A6BA85173B4675CABA9A1B1B@MSMR-GH1-UEA03.corp.nsa.gov>
MIME-Version: 1.0
X-Mailer: Microsoft Outlook 14.0
Thread-Index: AQJ4x4958Z+19boV+tPFc44KqqvFgQKFSLs2AjIpROUCKyrZpgJv7XkgAVQx05MA/TQlngIt1h5ZANEHYmaYutLNQA==
Date: Mon, 13 Jan 2014 19:05:12 -0500
Message-ID: <efac634df3c1665b5c7e0d44922a323b@mail.gmail.com>
To: "Igoe, Kevin M." <kmigoe@nsa.gov>, arne renkema-padmos <arne.renkema-padmos@cased.de>, cfrg@irtf.org
Content-Type: text/plain; charset="ISO-8859-1"
Subject: Re: [Cfrg] likelihood that someone has a quantum computer
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Tue, 14 Jan 2014 00:05:29 -0000
We can write an I-D on NTRUEncrypt and other NTRU algorithms, though this won't happen until the end of this quarter. I'm also still interested in combining public-key algorithms, see separate thread. William -----Original Message----- From: Cfrg [mailto:cfrg-bounces@irtf.org] On Behalf Of Igoe, Kevin M. Sent: Monday, January 13, 2014 1:25 PM To: 'arne renkema-padmos'; cfrg@irtf.org Subject: Re: [Cfrg] likelihood that someone has a quantum computer I believe there is a consensus on the mailing list for the RG to commit to identifying public key algorithms suitable for use should advances in quantum computing make Shor's algorithm a viable threat. I agree with William that the transition should start before we are forced to do so. As JFK said, "The time to repair the roof is when the sun is shining". Volunteers for authors greatly appreciated. No need to limit ourselves to a single technology/draft this early in the process. Any dissenting voices out there should speak up now. -----Original Message----- From: Cfrg [mailto:cfrg-bounces@irtf.org] On Behalf Of arne renkema-padmos Sent: Monday, January 13, 2014 9:57 AM To: cfrg@irtf.org Subject: Re: [Cfrg] likelihood that someone has a quantum computer On 13/01/14 11:48, William Whyte wrote: > I don't think you can say that just because there have been few > discontinuities in the security of algorithms there will be no > discontinuities in the future. There might be, and if it does happen > unexpectedly it'll be a big problem. It's not a problem we need to > work on right now, but, again, that makes this a really good time > to address it. It makes sense to have a fallback algorithm set, as ETSI has done with the 3GPP algorithms: http://www.etsi.org/services/security-algorithms/3gpp-algorithms They standardised both KASUMI and SNOW 3G with the requirements for SNOW 3G as fallback algorithm being: * maximizing "cryptographic distance" from KASUMI * minimizing potential vulnerability to algebraic attacks See: https://www.cosic.esat.kuleuven.be/ecrypt/courses/end/slides-28/8-gilbert. pdf Cheers, arne -- Arne Renkema-Padmos @hcisec, secuso.org Doctoral researcher CASED, TU Darmstadt _______________________________________________ Cfrg mailing list Cfrg@irtf.org http://www.irtf.org/mailman/listinfo/cfrg _______________________________________________ Cfrg mailing list Cfrg@irtf.org http://www.irtf.org/mailman/listinfo/cfrg
- Re: [Cfrg] considering new topics for CFRG David McGrew
- Re: [Cfrg] considering new topics for CFRG David McGrew
- Re: [Cfrg] considering new topics for CFRG Trevor Perrin
- [Cfrg] considering new topics for CFRG David McGrew
- Re: [Cfrg] considering new topics for CFRG Sean Turner
- Re: [Cfrg] considering new topics for CFRG Henrick Hellström
- Re: [Cfrg] considering new topics for CFRG David Wagner
- Re: [Cfrg] considering new topics for CFRG Henrick Hellström
- Re: [Cfrg] considering new topics for CFRG Henrick Hellström
- Re: [Cfrg] considering new topics for CFRG Paul Lambert
- Re: [Cfrg] considering new topics for CFRG David McGrew
- Re: [Cfrg] considering new topics for CFRG Paul Lambert
- Re: [Cfrg] considering new topics for CFRG Stephen Farrell
- Re: [Cfrg] considering new topics for CFRG William Whyte
- Re: [Cfrg] considering new topics for CFRG Stephen Farrell
- Re: [Cfrg] considering new topics for CFRG Watson Ladd
- Re: [Cfrg] considering new topics for CFRG Paul Lambert
- Re: [Cfrg] considering new topics for CFRG Dan Brown
- Re: [Cfrg] considering new topics for CFRG Blumenthal, Uri - 0558 - MITLL
- Re: [Cfrg] considering new topics for CFRG Paul Lambert
- Re: [Cfrg] considering new topics for CFRG William Whyte
- Re: [Cfrg] considering new topics for CFRG Max Pritikin (pritikin)
- Re: [Cfrg] considering new topics for CFRG Watson Ladd
- Re: [Cfrg] considering new topics for CFRG Sean Turner
- Re: [Cfrg] considering new topics for CFRG Sean Turner
- Re: [Cfrg] considering new topics for CFRG Adam Back
- [Cfrg] QKD is pointless (was: Re: considering new… David McGrew
- Re: [Cfrg] considering new topics for CFRG Stephen Farrell
- Re: [Cfrg] QKD is pointless (was: Re: considering… Paterson, Kenny
- Re: [Cfrg] QKD is pointless (was: Re: considering… Sean Turner
- Re: [Cfrg] considering new topics for CFRG Sean Turner
- Re: [Cfrg] considering new topics for CFRG Max Pritikin (pritikin)
- Re: [Cfrg] considering new topics for CFRG Dan Brown
- Re: [Cfrg] considering new topics for CFRG Paul Lambert
- Re: [Cfrg] QKD is pointless (was: Re: considering… Igoe, Kevin M.
- Re: [Cfrg] QKD is pointless (was: Re: considering… Igoe, Kevin M.
- Re: [Cfrg] QKD is pointless (was: Re: considering… Watson Ladd
- [Cfrg] DANE in the IETF (was: Re: considering new… Paul Hoffman
- [Cfrg] One Key -> RE: considering new topics for … Paul Lambert
- Re: [Cfrg] QKD is pointless (was: Re: considering… Paul Lambert
- [Cfrg] ReL DANE in the IETF (was: Re: considering… Paul Hoffman
- Re: [Cfrg] QKD is pointless David McGrew
- Re: [Cfrg] QKD is pointless Hilarie Orman
- [Cfrg] likelihood that someone has a quantum comp… David McGrew
- Re: [Cfrg] considering new topics for CFRG dan
- Re: [Cfrg] likelihood that someone has a quantum … David Jacobson
- Re: [Cfrg] likelihood that someone has a quantum … William Whyte
- Re: [Cfrg] likelihood that someone has a quantum … Watson Ladd
- Re: [Cfrg] likelihood that someone has a quantum … Yoav Nir
- Re: [Cfrg] likelihood that someone has a quantum … Stephen Farrell
- Re: [Cfrg] likelihood that someone has a quantum … William Whyte
- Re: [Cfrg] likelihood that someone has a quantum … David McGrew
- Re: [Cfrg] likelihood that someone has a quantum … David McGrew
- Re: [Cfrg] likelihood that someone has a quantum … William Whyte
- Re: [Cfrg] likelihood that someone has a quantum … arne renkema-padmos
- Re: [Cfrg] likelihood that someone has a quantum … Igoe, Kevin M.
- Re: [Cfrg] QKD is pointless David Wagner
- Re: [Cfrg] likelihood that someone has a quantum … William Whyte
- Re: [Cfrg] likelihood that someone has a quantum … William Whyte
- Re: [Cfrg] likelihood that someone has a quantum … William Whyte
- Re: [Cfrg] likelihood that someone has a quantum … David McGrew
- Re: [Cfrg] likelihood that someone has a quantum … arne renkema-padmos
- Re: [Cfrg] considering new topics for CFRG Paul Lambert
- Re: [Cfrg] considering new topics for CFRG Igoe, Kevin M.
- Re: [Cfrg] considering new topics for CFRG Paul Lambert
- Re: [Cfrg] considering new topics for CFRG David McGrew
- [Cfrg] 'key centric' architecture (was: Re: consi… Rene Struik
- Re: [Cfrg] 'key centric' architecture (was: Re: c… Richard Barnes
- Re: [Cfrg] considering new topics for CFRG David McGrew