IETF Logo Mail Archive

Re: [Cfrg] Threshold signatures

"Scott Fluhrer (sfluhrer)" <sfluhrer@cisco.com> Fri, 03 January 2020 15:24 UTC

Return-Path: <sfluhrer@cisco.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 21C0912004F for <cfrg@ietfa.amsl.com>; Fri, 3 Jan 2020 07:24:57 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.5
X-Spam-Level:
X-Spam-Status: No, score=-14.5 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=h1wMAZck; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=mTA0+blK
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7zIZwxqPMB2Q for <cfrg@ietfa.amsl.com>; Fri, 3 Jan 2020 07:24:55 -0800 (PST)
Received: from alln-iport-1.cisco.com (alln-iport-1.cisco.com [173.37.142.88]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CC23E120043 for <cfrg@irtf.org>; Fri, 3 Jan 2020 07:24:54 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=10538; q=dns/txt; s=iport; t=1578065094; x=1579274694; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=MYztBaapbGIiQ0r6tcXWPA/qRyHP7c+VkFhqAwBcA8c=; b=h1wMAZckxy9UVnkOScw0LzPMBQG4PSCQupq7eWtzetW/SGKr+kyXxAw+ 2OF5KKkPuN6iK+g/9L6Uui/Mr82lh4aG5hF7ACCN5TLSvmOq3M4QOse1h x1TbuSPp7RULxKueQ9vpFfpvJpA5j640oeK9ml/cWiCHplCVVu0XHrgVX s=;
IronPort-PHdr: 9a23:2pZwQBCQUYv43DYj0upHUyQJPHJ1sqjoPgMT9pssgq5PdaLm5Zn5IUjD/qs03kTRU9Dd7PRJw6rNvqbsVHZIwK7JsWtKMfkuHwQAld1QmgUhBMCfDkiuN/DuciwgEd5qX15+9Hb9Ok9QS47z
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0DJBQCLWw9e/4sNJK1mHAEBAQEBBwEBEQEEBAEBgXyBJS9QBWxYIAQLKgqDfoNGA4sAgl+JYIlLhGKBQoEQA1QJAQEBDAEBLQIBAYRAAheBUiQ4EwIDDQEBBAEBAQIBBQRthTcMhV4BAQEBAxIRChMBATcBDwIBCBEEAQEWAw8DAgICHxEUCQgCBAENBQgagl8XC4F5TQMuAaBGAoE4iGF1gTKCfgEBBYULDQuCDAmBNopWgUMagUE/gViCTD6CG4FpHikVHwkQgkEygiyNbYJRhVeYQ0QKgjWRdIRBmlqOU4pwj2kCBAIEBQIOAQEFgWkigVhwFYMnUBgNjRKDc4pTdIEoi0wCJAIHgQQBgQ8BAQ
X-IronPort-AV: E=Sophos;i="5.69,391,1571702400"; d="scan'208,217";a="396033590"
Received: from alln-core-6.cisco.com ([173.36.13.139]) by alln-iport-1.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 03 Jan 2020 15:24:52 +0000
Received: from XCH-RCD-005.cisco.com (xch-rcd-005.cisco.com [173.37.102.15]) by alln-core-6.cisco.com (8.15.2/8.15.2) with ESMTPS id 003FOqvP021909 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Fri, 3 Jan 2020 15:24:52 GMT
Received: from xhs-rcd-002.cisco.com (173.37.227.247) by XCH-RCD-005.cisco.com (173.37.102.15) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Fri, 3 Jan 2020 09:24:51 -0600
Received: from xhs-rcd-003.cisco.com (173.37.227.248) by xhs-rcd-002.cisco.com (173.37.227.247) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Fri, 3 Jan 2020 09:24:51 -0600
Received: from NAM04-BN3-obe.outbound.protection.outlook.com (72.163.14.9) by xhs-rcd-003.cisco.com (173.37.227.248) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Frontend Transport; Fri, 3 Jan 2020 09:24:51 -0600
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=hzPiWUxn4Qta8+ZRv3EiVx2QGz2R+qdZ+up46M1CrAtXXPsAdsjHrkk6W6JAuPtNz0Y5uEk4uD44fIqK9IetEpE9ZPh35YjImlKzWhAlj6JN2hfpBY+XDruxWgzAvkqi1Bnws6SPUyh6XiAMgKrIJgxNO4YKevkfvYaZ8XYOMgi6r8WueWZ3HdbgaziK5P4HDjMctv4mw1nUtgQKq1Bu7h+AfRGAUyAPvidRNpL2to6BIGcbcRKuqSoPyTxazTemhAsi9xj8JElAEJOWF8hQ9vUHswIYLglANaVaA+Iube7rhborHJzXCrHLXIRCbkmgjRy7fp2aasi4pdIqhNhNUA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=MYztBaapbGIiQ0r6tcXWPA/qRyHP7c+VkFhqAwBcA8c=; b=P+XJO+Es+wbCI6pi+3D+FVCB8Z7yhO1E7FRqEeH1R5/id5SN5C1K9PC1tiS3P9lXkFOMsAo3i9Ebeh6cOYSw1gY2pKRfHjrrGAjis5Q3pZ7x+ObuPE2Ms8PnL7AKpTCXBh0n5criuYZokSITBLHM9Up4+ewf4mbR1CBkSKYQWLwg7DrgDU2A2cRTlbT8T1ICY4+5tWki6BqrPckOFdu0io+gDVhw4+nzoJs6bwqzkQzJzv9ChriI66Hu4g5cOd6ZwrlrbVF6OzprYNyeD3J1bInzaj8k5jU2JeVkSUxE95ieOb5W7SQdBUc+XmRLfU72wdP26i/qvbiVQTErNdRAJw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=MYztBaapbGIiQ0r6tcXWPA/qRyHP7c+VkFhqAwBcA8c=; b=mTA0+blKXomn9lhUFTaDzPhVTMoooNmuSSDnpoHT0Kivricevue13aypL7tWBhHpFeijGkWbDkqo8qGvftLDx52t1e6JLPjjmMB+cCjZEoyg4Ew7X2dh14Rh/sTXBTX/dE3ZUn5XVbpta9kmoPM2joIpdFmZWPthxCCnhZS/Gdk=
Received: from BY5PR11MB4086.namprd11.prod.outlook.com (10.255.160.218) by BY5PR11MB4468.namprd11.prod.outlook.com (52.132.255.26) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2602.12; Fri, 3 Jan 2020 15:24:50 +0000
Received: from BY5PR11MB4086.namprd11.prod.outlook.com ([fe80::891d:56b6:cb18:9316]) by BY5PR11MB4086.namprd11.prod.outlook.com ([fe80::891d:56b6:cb18:9316%6]) with mapi id 15.20.2581.014; Fri, 3 Jan 2020 15:24:50 +0000
From: "Scott Fluhrer (sfluhrer)" <sfluhrer@cisco.com>
To: Phillip Hallam-Baker <phill@hallambaker.com>, Bill Cox <waywardgeek@gmail.com>
CC: IRTF CFRG <cfrg@irtf.org>
Thread-Topic: [Cfrg] Threshold signatures
Thread-Index: AQHVwaLrq3YXD59wJkiAmlqOkWhcSKfYEsmAgADyUoCAAAWwAIAAA4MQ
Date: Fri, 03 Jan 2020 15:24:50 +0000
Message-ID: <BY5PR11MB40863C934F2381D4701A5156C1230@BY5PR11MB4086.namprd11.prod.outlook.com>
References: <CAMm+LwiXTA7UoFwSWE_c-cy_EdtYE5qFAm594UfFkdAVLNhimg@mail.gmail.com> <902BF3DD-4515-4A23-B7B7-0C9D8726E56F@gnunet.org> <CAOLP8p5Q=xswL7vkXVpSbVHUZ1dV+1wT3YdViq+1re1=fiSpRA@mail.gmail.com> <CAMm+LwiC5tBCd=fUo9e1tuQFVJ8C6hMXSxRZk2xff1238_9HRA@mail.gmail.com>
In-Reply-To: <CAMm+LwiC5tBCd=fUo9e1tuQFVJ8C6hMXSxRZk2xff1238_9HRA@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=sfluhrer@cisco.com;
x-originating-ip: [173.38.117.92]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 487a8248-4aef-4d0b-9160-08d790611360
x-ms-traffictypediagnostic: BY5PR11MB4468:
x-microsoft-antispam-prvs: <BY5PR11MB4468460DE1AD91141FD014B2C1230@BY5PR11MB4468.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:8882;
x-forefront-prvs: 0271483E06
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(376002)(346002)(396003)(136003)(39860400002)(366004)(189003)(199004)(85664002)(8936002)(33656002)(55016002)(81166006)(52536014)(8676002)(81156014)(5660300002)(2906002)(110136005)(66556008)(4326008)(186003)(316002)(26005)(6506007)(66946007)(66476007)(66446008)(76116006)(86362001)(64756008)(53546011)(7696005)(478600001)(71200400001)(9686003); DIR:OUT; SFP:1101; SCL:1; SRVR:BY5PR11MB4468; H:BY5PR11MB4086.namprd11.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: cisco.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 49X0/i+y8KHe2KhxkxBMPyUdq2r+frLGIH7e82FXGfteIn/LSbdeIRiJnn7zXpHHtCbQaHblg5AG4yNegseeVJqFSTczv2VZa5TMOZk34Y1sC7nIYiVOalqHu7SuevGzkahysf+3bWYpWQcUGI45+t+eKB9PcAr8Q2ezQPpZ83EHGsL08akGWBXbGyC54jhmcITWn51FtApFo6wJat3wjmCJCurWaEjhOW2Tm2pRPWzIkcqbsYO2yDZdU8RWZkpqlPLG3zDMV4IPZH/y6ljPDsjQcbcfD8EtWnZxviisyW9GpLxGDMMIJB5+NJtPow3IPEMMEyzfeuE8ZstbosWGizIwFbv/bFE4UaDOug5l2WVX6H5Iieubj3XJQwIMaDqtJjyMO4K7zLi0lIpHK1Chp5MOzFFdZKvrTwAMFPEdhGXEWVKEt0W7MJ8oqlfpltmBg5/p0Uk7Pim1FFlx1A7u10m7/1oQQOM3LbXY0MYTiaTxDK57+HyP0/3WcE0oW2g3
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_BY5PR11MB40863C934F2381D4701A5156C1230BY5PR11MB4086namp_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 487a8248-4aef-4d0b-9160-08d790611360
X-MS-Exchange-CrossTenant-originalarrivaltime: 03 Jan 2020 15:24:50.5358 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: ZVPUvvLCj/BUARXKHOx4d8O33DkJibldSPUWZjFHVCPQVdiVmImHR8y8V+DPRi540oiHOBi4A/0PB0lcEbR+VA==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BY5PR11MB4468
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.37.102.15, xch-rcd-005.cisco.com
X-Outbound-Node: alln-core-6.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/KhjL-7XzUmQO70mYjrReI8ZlxvY>
Subject: Re: [Cfrg] Threshold signatures
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Fri, 03 Jan 2020 15:24:57 -0000

From: Cfrg <cfrg-bounces@irtf.org> On Behalf Of Phillip Hallam-Baker
Sent: Friday, January 03, 2020 10:04 AM
To: Bill Cox <waywardgeek@gmail.com>
Cc: IRTF CFRG <cfrg@irtf.org>
Subject: Re: [Cfrg] Threshold signatures



On Fri, Jan 3, 2020 at 9:43 AM Bill Cox <waywardgeek@gmail.com<mailto:waywardgeek@gmail.com>> wrote:
On Thu, Jan 2, 2020 at 4:18 PM Jeff Burdges <burdges@gnunet.org<mailto:burdges@gnunet.org>> wrote:

You need pairings ala BLS signatures for a one round trip multi-signature scheme.  I donno if anyone proved that but you’ll get nothing from fancy zero-knowlede proof tricks among the signers obviously.  I’d expect BLS smart cards for cyber-coin validators within the next couple years, if not already.

Jeff

You can also use this pairing scheme for rate-limited threshold password-authenticated key generation.  This could be useful for his Mathematical Mesh, but as he says, crypto on devices changes only very slowly.

We take a long time to get comfortable with it. NSA nagged us about Suite-B for how many decades before we started using ECC?

At this point, I think we need to focus on making X25519/448 and Ed25519/448 the basis for the next gen of security products. It took about five years from AES being announced as a winner for it to become the new normal.

Hmmmm, it is likely at some point someone will have a cryptographically relevant Quantum Computer, such a Quantum Computer can break elliptic curves (and, in fact, Elliptic Curves appear to be the easiest cryptographical object to break, as it requires the fewest qubits and circuit depth).  No one is certain when (or if) such a Quantum Computer will exist; maybe in 10 years, or 20.  However, if we are planning for the future, it would appear to be reasonable to take that into account, and include a postquantum scheme (possibly in conjunction with a classical ECC or RSA scheme)

v2.23.0 | Report a Bug | By Email