IETF Logo Mail Archive

Re: [Cfrg] Fwd: I-D Action: draft-yonezawa-pairing-friendly-curves-01.txt

denis bider <denisbider.ietf@gmail.com> Mon, 01 April 2019 21:35 UTC

Return-Path: <denisbider.ietf@gmail.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 75B0F12000E for <cfrg@ietfa.amsl.com>; Mon, 1 Apr 2019 14:35:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Y70SmYOV4Loi for <cfrg@ietfa.amsl.com>; Mon, 1 Apr 2019 14:35:45 -0700 (PDT)
Received: from mail-ot1-x341.google.com (mail-ot1-x341.google.com [IPv6:2607:f8b0:4864:20::341]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3D3B112001B for <cfrg@irtf.org>; Mon, 1 Apr 2019 14:35:45 -0700 (PDT)
Received: by mail-ot1-x341.google.com with SMTP id s24so10028993otk.13 for <cfrg@irtf.org>; Mon, 01 Apr 2019 14:35:45 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=CAisKWIztAl6O8geVpeiuIymK8dYpVU4ld/KOnC8YIY=; b=jW8c4u6R6onI+fwyVwnXm+DITP9cEozbW9WHNdfsGEXd1GC16Qx5t336v2R16zvBjg 0MgL5l0Ie4RbHIkHnTyFKkGSzIw3u3sa86/oSYp1Ag+7p3wjhdog8XluWWJ/9/YLIekB ThAfNdJMzb/fA9/saFdz2K+ia/0QJPTHYMWUYuWWKsMA9W0GumowoQ61GXerTi7SKmcG eCD6Jkk6kkTXdAotdwmQQb6o2RzxOM3+2ro5T01MdsR0uFbvIPQmzZAkLF8B9ok9H1kM AdA5KCaS4qE45pT4ENwu8tGLO4yMChgfikd7fADWXBPaV6AOJqKvr6p2qFLSOGGDquFM pI3A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=CAisKWIztAl6O8geVpeiuIymK8dYpVU4ld/KOnC8YIY=; b=aUzFiYWM8zSPwtFFoQTneAwxYjQiXeRShvELFjTKcEtCl/7zNKSzFLWfWOP8sbL1Cu Q5ACAt28/SIIns4qg5l+xlnd5uGvWSTlZXT68+UYiYW7obis3ZkAf8ADTkB61N4mBEfq SD/qvHIG81jQAmA0N5nLAMqYGRonVn2cvJ13g9ePCRAXIjVsSk/G7qLQmIDmXlcU7lgD f23SduGm/dPbQQUfefj26/FY4W1Usnt9rJIIyiVIeuXGqBMjzjEbzvc6h5Q50kvYV0xW MN/fPJxNOYmTK0FICtjQbAeNOXpUFftb6MdjAKNA3ccPChY6VHO71ewNpt7EOS0tYOvB hRrQ==
X-Gm-Message-State: APjAAAXos0TmzjCrHBGDc8FO1iq5kHnXtY99lq3PAaUfy/HTUHNBSGqM 1tscila0ckKXQ0vZJfvN1rfiSWUECZ+dUSOUVac=
X-Google-Smtp-Source: APXvYqyHUJebgxinQNtKQA7aUk5SIZfpsnw1AItfUnX/+1GDRGD+gcLzpftR/ImGA+DmgjTRORCKOQbXX4kNEXCTzko=
X-Received: by 2002:a9d:6941:: with SMTP id p1mr41511902oto.64.1554154544596; Mon, 01 Apr 2019 14:35:44 -0700 (PDT)
MIME-Version: 1.0
References: <155231848866.23086.9976784460361189399@ietfa.amsl.com> <737ea2b3-74e3-d02e-a44d-c44cca5db036@lepidum.co.jp> <CAEseHRrSiJ72tQepyTiL=pSBcRRLGXhnJyy_QzOubWax+v=Ntw@mail.gmail.com> <CAEseHRqh4d0VaeSaj4CWr_ZxJbbpm33ZaLF-aYGBjVowFNLFeQ@mail.gmail.com> <c57bbf7b-3177-eb64-a3c0-26842fccbb89@lepidum.co.jp> <CAEseHRrVomCo6KD7gidCRBzKJDzFZRQ+q0+PjfBr8tQT4dVpMQ@mail.gmail.com> <b016d1f6-68e4-9728-c738-ab72c593dfd1@lepidum.co.jp> <CAEseHRoLGFbf74HT9n2beryc9Liqf2Hz+_rh-yo6Q8hNqwCvNQ@mail.gmail.com> <CAMCcN7RTQU=a+SYVkGUHZ4enOhkA9j9i6ivMRDUwb+aXPZ9hBg@mail.gmail.com> <7AE82BE8-768D-4B70-B7F1-EAF6894E428E@ll.mit.edu> <9CABDAD4-AAB7-46BF-BED7-6A917F828F11@inf.ethz.ch> <27F5D9B6-A44D-4A12-B81D-C4FB01052113@ll.mit.edu> <810C31990B57ED40B2062BA10D43FBF501DB4A31@XMB116CNC.rim.net> <B79CBA86-3C81-4973-84C2-7DAD7B659CB4@ericsson.com>
In-Reply-To: <B79CBA86-3C81-4973-84C2-7DAD7B659CB4@ericsson.com>
From: denis bider <denisbider.ietf@gmail.com>
Date: Mon, 01 Apr 2019 16:35:31 -0500
Message-ID: <CADPMZDCHgsP6=ssJymeoq7RP1eshWf4zk+N9Cf1DY-fk+ntCgA@mail.gmail.com>
To: John Mattsson <john.mattsson@ericsson.com>
Cc: Dan Brown <danibrown@blackberry.com>, "Blumenthal, Uri - 0553 - MITLL" <uri@ll.mit.edu>, Paterson Kenneth <kenny.paterson@inf.ethz.ch>, Marek Jankowski <mjankowski309@gmail.com>, "yonezawa@lepidum.co.jp" <yonezawa@lepidum.co.jp>, CFRG <cfrg@irtf.org>
Content-Type: multipart/alternative; boundary="0000000000008e8a5405857ecd36"
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/K8s-Dww5OYy1o8h0tDcPwof4dfw>
Subject: Re: [Cfrg] Fwd: I-D Action: draft-yonezawa-pairing-friendly-curves-01.txt
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Mon, 01 Apr 2019 21:35:48 -0000

The following graph is commonly shared about why fusion is always 30 years
away:

http://i.imgur.com/3vYLQmm.png

I am surprised by Dan's probability estimation for QC capable of breaking
ECC at 2^(-10). This could be taken to mean that out of 1024 probable
universes that start in this moment, quantum decoherence and other
obstacles would be solved in only 1.

This is a prediction with 99.9% confidence. The human track record of
predicting the future does not seem to support predictions with such
confidence. When billions of USD are being invested into research by people
who expect a pay off, we could entertain a prediction that they're 90%
likely to fail, but a prediction that they're 99.9% likely to fail seems
overly confident.


On Mon, Apr 1, 2019 at 1:46 PM John Mattsson <john.mattsson@ericsson.com>
wrote:

> Dan Brown <danibrown@blackberry.com> wrote:
>
> > The topic of non-PQ crypto's value applies to other CFRG drafts, such as
> PAKEs, VRFs, Oblivious
> > functions, etc., so maybe this discussion should be taken outside this
> thread?
>
> +1
>
> > Non-PQ crypto still seems worthwhile to me, mainly because I estimate
> the chance of a practical ECC-
> > breaking quantum computer to be low, e.g. 2^(-10), yet still high enough
> to warrant a hybrid of PQ and
> > non-PQ crypto, e.g. McEliece + ECC. (See further below.)
>
> I would not be too surprised if ECC breaking quantum computers turn out to
> be like (warm) fusion power and always be an estimated 20 years away.
> (first fusion power reactor patents was in the 1940s). However artificial
> intelligence beating humans in Go was always estimated to be far into the
> future, until DeepMind did it.
>
> John
>
>
> _______________________________________________
> Cfrg mailing list
> Cfrg@irtf.org
> https://www.irtf.org/mailman/listinfo/cfrg
>

v2.23.0 | Report a Bug | By Email