Re: [CFRG] CFRG and crypto-threatening quantum computers
Dan Harkins <dharkins@lounge.org> Fri, 17 September 2021 22:34 UTC
Return-Path: <dharkins@lounge.org>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id ABA6D3A193C for <cfrg@ietfa.amsl.com>; Fri, 17 Sep 2021 15:34:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, NICE_REPLY_A=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id t1gIcKfbKEJb for <cfrg@ietfa.amsl.com>; Fri, 17 Sep 2021 15:34:34 -0700 (PDT)
Received: from www.goatley.com (www.goatley.com [198.137.202.94]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B948A3A193D for <cfrg@irtf.org>; Fri, 17 Sep 2021 15:34:34 -0700 (PDT)
Received: from trixy.bergandi.net (cpe-76-176-14-122.san.res.rr.com [76.176.14.122]) by wwwlocal.goatley.com (PMDF V6.8 #2433) with ESMTP id <0QZL13OBTO1MQK@wwwlocal.goatley.com> for cfrg@irtf.org; Fri, 17 Sep 2021 17:34:34 -0500 (CDT)
Received: from blockhead.local ([69.12.173.8]) by trixy.bergandi.net (PMDF V6.7-x01 #2433) with ESMTPSA id <0QZL00PHKNSF7J@trixy.bergandi.net> for cfrg@irtf.org; Fri, 17 Sep 2021 15:29:05 -0700 (PDT)
Received: from 69-12-173-8.static.dsltransport.net ([69.12.173.8] EXTERNAL) (EHLO blockhead.local) with TLS/SSL by trixy.bergandi.net ([10.0.42.18]) (PreciseMail V3.3); Fri, 17 Sep 2021 15:29:05 -0700
Date: Fri, 17 Sep 2021 15:34:32 -0700
From: Dan Harkins <dharkins@lounge.org>
In-reply-to: <20210917215621.q675hgb77nlejshj@kaon.local>
To: cfrg@irtf.org
Message-id: <429e319d-7ad7-eac9-3766-a05385e945ad@lounge.org>
MIME-version: 1.0
Content-type: text/plain; charset="utf-8"; format="flowed"
Content-language: en-US
Content-transfer-encoding: 8bit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:78.0) Gecko/20100101 Thunderbird/78.14.0
X-PMAS-SPF: SPF check skipped for authenticated session (recv=trixy.bergandi.net, send-ip=69.12.173.8)
X-PMAS-External-Auth: 69-12-173-8.static.dsltransport.net [69.12.173.8] (EHLO blockhead.local)
References: <03b5ea0e-cf1a-8edf-d642-2fb4b2e458fd@htt-consult.com> <CACsn0ckZbA4=Xe+Lc1w5bc5os8Ekeh9q7AAxknknwrrBZ0R-KQ@mail.gmail.com> <E0D027B0-089E-4402-BD65-38ADEABC3351@ll.mit.edu> <CAEseHRoH941WndaQmL8F=4w6BLkfjCaxa8mKP14bjNUEz2MRfw@mail.gmail.com> <00DA2E69-D80A-4CA7-B744-97B30F237501@ll.mit.edu> <20210917184114.4gnz7g4dl7euf5po@kaon.local> <A3231C7A-6DA6-47A9-96B7-0A90339EFB7F@ll.mit.edu> <20210917215621.q675hgb77nlejshj@kaon.local>
X-PMAS-Software: PreciseMail V3.3 [210914] (trixy.bergandi.net)
X-PMAS-Allowed: system rule (rule allow header:X-PMAS-External noexists)
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/3NKRkS2RhB22DlnCukQAy4zRfEc>
Subject: Re: [CFRG] CFRG and crypto-threatening quantum computers
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Fri, 17 Sep 2021 22:34:38 -0000
"What does CFRG do?" In my view it bridges the gap between the academic paper and the protocol implementation. Its a crucial role that exists regardless of whether the crypto is QC-susceptible or not. Dan. On 9/17/21 2:56 PM, Riad S. Wahby wrote: > Hello Uri, > > (Changed the subject line since we're pretty off-topic here.) > > It seems silly for us to go back and forth point-by-point, especially > since most of our specific disagreements are minor and definitional. > > (e.g., What does CFRG do? Depends who you ask. From a research > cryptographer's point of view the things we're documenting right > now---pairing-friendly curves, hashing to curves, etc.---are > roughly the same vintage as S/MIME!) > > (e.g., is USG making new quantum-susceptible standards? Well, > should we count NIST's adding Ed25519 to FIPS-186?) > > The high-level question is whether CFRG should act as if it's all but > certain that crypto-threatening quantum computers will exist in the > next few years. I think no; reasonable people can certainly disagree. > But let's try to avoid spitting contests. We will win by reaching > consensus, not by saying the cleverest things. > > In that vein: > > "Blumenthal, Uri - 0553 - MITLL" <uri@ll.mit.edu> wrote: >>> This argument does not seem productive: essentially all cryptography >>> is based on hardness assumptions that have not been proved or disproved >>> (and, given our current knowledge, seem unlikely to be). If we accept >>> the above argument, the logical conclusion seems to be "disband CFRG". >> You equate "make new designs quantum-resistant" with "let's disband CFRG"??? Hmm... > The argument was: "there is no way to prove or disprove convincingly > this [security] concern", in the context of constructing crypto-threatening > quantum computers, implies "make all new designs quantum-resistant." > > The point is, this doesn't go nearly far enough: "there is no way > to prove or disprove convincingly this [security] concern", in the > context of cryptography more broadly (and given prevailing beliefs > vis-a-vis complexity theory), implies "give up". > > But we both agree that's absurd. So maybe we should rethink the premise > here. > > Cheers, > > -=rsw > > _______________________________________________ > CFRG mailing list > CFRG@irtf.org > https://www.irtf.org/mailman/listinfo/cfrg -- "The object of life is not to be on the side of the majority, but to escape finding oneself in the ranks of the insane." -- Marcus Aurelius
- [CFRG] Please review draft-ietf-drip-rid Robert Moskowitz
- Re: [CFRG] Please review draft-ietf-drip-rid Watson Ladd
- Re: [CFRG] Please review draft-ietf-drip-rid Blumenthal, Uri - 0553 - MITLL
- Re: [CFRG] Please review draft-ietf-drip-rid Watson Ladd
- Re: [CFRG] Please review draft-ietf-drip-rid Blumenthal, Uri - 0553 - MITLL
- Re: [CFRG] Please review draft-ietf-drip-rid Michael Scott
- Re: [CFRG] Please review draft-ietf-drip-rid Blumenthal, Uri - 0553 - MITLL
- Re: [CFRG] Please review draft-ietf-drip-rid Robert Moskowitz
- Re: [CFRG] Please review draft-ietf-drip-rid Robert Moskowitz
- Re: [CFRG] Please review draft-ietf-drip-rid Blumenthal, Uri - 0553 - MITLL
- Re: [CFRG] Please review draft-ietf-drip-rid Robert Moskowitz
- Re: [CFRG] Please review draft-ietf-drip-rid Riad S. Wahby
- Re: [CFRG] Please review draft-ietf-drip-rid Blumenthal, Uri - 0553 - MITLL
- Re: [CFRG] Please review draft-ietf-drip-rid Paul Hoffman
- Re: [CFRG] Please review draft-ietf-drip-rid Robert Moskowitz
- Re: [CFRG] Please review draft-ietf-drip-rid Blumenthal, Uri - 0553 - MITLL
- [CFRG] CFRG and crypto-threatening quantum comput… Riad S. Wahby
- Re: [CFRG] CFRG and crypto-threatening quantum co… Soatok Dreamseeker
- Re: [CFRG] CFRG and crypto-threatening quantum co… Dan Harkins
- Re: [CFRG] CFRG and crypto-threatening quantum co… Russ Housley
- Re: [CFRG] [Non-DoD Source] Re: Please review dra… Gajcowski, Nicholas H
- Re: [CFRG] [Non-DoD Source] Re: Please review dra… Robert Moskowitz
- Re: [CFRG] CFRG and crypto-threatening quantum co… John Mattsson