Re: [Cfrg] QKD is pointless (was: Re: considering new topics for CFRG)

"Paterson, Kenny" <Kenny.Paterson@rhul.ac.uk> Wed, 08 January 2014 12:21 UTC

Return-Path: <Kenny.Paterson@rhul.ac.uk>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 329601AE351 for <cfrg@ietfa.amsl.com>; Wed, 8 Jan 2014 04:21:07 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7eoeHY0mZeUi for <cfrg@ietfa.amsl.com>; Wed, 8 Jan 2014 04:21:05 -0800 (PST)
Received: from db8outboundpool.messaging.microsoft.com (mail-db8lp0189.outbound.messaging.microsoft.com [213.199.154.189]) by ietfa.amsl.com (Postfix) with ESMTP id AB36C1AE34B for <cfrg@irtf.org>; Wed, 8 Jan 2014 04:21:04 -0800 (PST)
Received: from mail126-db8-R.bigfish.com (10.174.8.228) by DB8EHSOBE013.bigfish.com (10.174.4.76) with Microsoft SMTP Server id 14.1.225.22; Wed, 8 Jan 2014 12:20:54 +0000
Received: from mail126-db8 (localhost [127.0.0.1]) by mail126-db8-R.bigfish.com (Postfix) with ESMTP id AC1EC14019B; Wed, 8 Jan 2014 12:20:54 +0000 (UTC)
X-Forefront-Antispam-Report: CIP:157.56.249.149; KIP:(null); UIP:(null); IPV:NLI; H:AM2PRD0311HT002.eurprd03.prod.outlook.com; RD:none; EFVD:NLI
X-SpamScore: -26
X-BigFish: PS-26(z579ehzbb2dI98dI9371I148cI1432I1447Izz1f42h208ch1ee6h1de0h1d18h1fdah2073h2146h1202h1e76h2189h1d1ah1d2ah1fc6hzz1de098h1033IL177df4h17326ah8275bh8275dh1de097h186068hz2fh109h2a8h839h947he5bhf0ah1288h12a5h12a9h12bdh137ah13b6h1441h1504h1537h153bh162dh1631h1758h18e1h1946h19b5h19ceh1ad9h1b0ah224fh1d0ch1d2eh1d3fh1dfeh1dffh1fe8h1ff5h209eh2216h22d0h2336h1155h)
Received-SPF: pass (mail126-db8: domain of rhul.ac.uk designates 157.56.249.149 as permitted sender) client-ip=157.56.249.149; envelope-from=Kenny.Paterson@rhul.ac.uk; helo=AM2PRD0311HT002.eurprd03.prod.outlook.com ; .outlook.com ;
X-Forefront-Antispam-Report-Untrusted: SFV:NSPM; SFS:(10019001)(479174003)(377454003)(24454002)(51914003)(189002)(199002)(52604005)(51704005)(66066001)(74706001)(74876001)(77982001)(36756003)(63696002)(79102001)(59766001)(81816001)(81686001)(65816001)(83506001)(15975445006)(80022001)(76796001)(76786001)(15395725003)(56776001)(85306002)(87266001)(56816005)(90146001)(83072002)(85852003)(87936001)(2656002)(80976001)(19580395003)(83322001)(19580405001)(74366001)(53806001)(15202345003)(76482001)(54356001)(4396001)(46102001)(51856001)(49866001)(47736001)(50986001)(47976001)(74502001)(74482001)(47446002)(31966008)(54316002)(74662001)(81542001)(69226001)(81342001); DIR:OUT; SFP:1102; SCL:1; SRVR:DBXPR03MB382; H:DBXPR03MB383.eurprd03.prod.outlook.com; CLIP:192.76.146.51; FPR:; RD:InfoNoRecords; MX:1; A:1; LANG:en;
Received: from mail126-db8 (localhost.localdomain [127.0.0.1]) by mail126-db8 (MessageSwitch) id 138918365339201_2217; Wed, 8 Jan 2014 12:20:53 +0000 (UTC)
Received: from DB8EHSMHS014.bigfish.com (unknown [10.174.8.231]) by mail126-db8.bigfish.com (Postfix) with ESMTP id F0A48400047; Wed, 8 Jan 2014 12:20:52 +0000 (UTC)
Received: from AM2PRD0311HT002.eurprd03.prod.outlook.com (157.56.249.149) by DB8EHSMHS014.bigfish.com (10.174.4.24) with Microsoft SMTP Server (TLS) id 14.16.227.3; Wed, 8 Jan 2014 12:20:52 +0000
Received: from DBXPR03MB382.eurprd03.prod.outlook.com (10.141.10.12) by AM2PRD0311HT002.eurprd03.prod.outlook.com (10.255.162.37) with Microsoft SMTP Server (TLS) id 14.16.395.1; Wed, 8 Jan 2014 12:20:51 +0000
Received: from DBXPR03MB383.eurprd03.prod.outlook.com (10.141.10.15) by DBXPR03MB382.eurprd03.prod.outlook.com (10.141.10.12) with Microsoft SMTP Server (TLS) id 15.0.851.11; Wed, 8 Jan 2014 12:20:51 +0000
Received: from DBXPR03MB383.eurprd03.prod.outlook.com ([10.141.10.15]) by DBXPR03MB383.eurprd03.prod.outlook.com ([10.141.10.15]) with mapi id 15.00.0851.011; Wed, 8 Jan 2014 12:20:51 +0000
From: "Paterson, Kenny" <Kenny.Paterson@rhul.ac.uk>
To: David McGrew <mcgrew@cisco.com>, Sean Turner <TurnerS@ieca.com>
Thread-Topic: [Cfrg] QKD is pointless (was: Re: considering new topics for CFRG)
Thread-Index: AQHPDGHFfapLGWb7b0e30T2mmPF7wpp60BsA
Date: Wed, 8 Jan 2014 12:20:50 +0000
Message-ID: <CEF2F2B4.1346A%kenny.paterson@rhul.ac.uk>
References: <52C755AA.70200@cisco.com> <33E0BF53-A331-4646-B080-FD4F6E13916E@ieca.com> <52CD314B.2000604@cisco.com>
In-Reply-To: <52CD314B.2000604@cisco.com>
Accept-Language: en-GB, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/14.3.9.131030
x-originating-ip: [192.76.146.51]
x-forefront-prvs: 00851CA28B
Content-Type: text/plain; charset="iso-8859-1"
Content-ID: <D92F6BFF72D35541950DF654FC9A1CE2@eurprd03.prod.outlook.com>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: rhul.ac.uk
X-FOPE-CONNECTOR: Id%0$Dn%*$RO%0$TLS%0$FQDN%$TlsDn%
Cc: "cfrg@irtf.org" <cfrg@irtf.org>
Subject: Re: [Cfrg] QKD is pointless (was: Re: considering new topics for CFRG)
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Jan 2014 12:21:07 -0000

On 08/01/2014 12:06, "David McGrew" <mcgrew@cisco.com>; wrote:

>Hi Sean,
>
>On 01/08/2014 12:26 AM, Sean Turner wrote:
>> My list is kind of short:
>
>thanks for sharing your top of mind list, it will help us to prioritize
>work.
>
>>
>> 0) Could the CFRG get behind these recommendations for RSA-OAEP/PSS or
>>not:
>> http://www.ietf.org/mail-archive/web/saag/current/msg04481.html
>> http://www.ietf.org/mail-archive/web/saag/current/msg04482.html
>>
>> If so, let¹s do a draft!
>>
>> 1) Assuming RSA goes kaput, it seems like we¹re moving towards EC (am I
>>wrong here) then are these EC-based documents worth saying more about
>>(e.g., in the next version of the protocol use this or run away in fear):
>> https://datatracker.ietf.org/doc/rfc6979/
>> https://datatracker.ietf.org/doc/draft-peck-ecdhpop/
>> https://datatracker.ietf.org/doc/draft-jivsov-ecc-compact/
>>
>> 2) Is QKD something we need to start considering:
>> http://tools.ietf.org/id/draft-nagayama-ipsecme-ipsec-with-qkd-00.txt
>> http://tools.ietf.org/id/draft-ghernaouti-sfaxi-ppp-qkd-00.txt
>
>#0 and #1 are well worth discussion.   For now, I will only comment on #2.
>
>Quantum Key Distribution does not provide a solution to any problem that
>we have at hand, and is not worthy of serious consideration for
>extensive use in the Internet.

<excellent explanation of the shortcomings of QKD excised>

>
>My talk isn't online (just mentioned but not archived
>http://bristolcrypto.blogspot.com/2012_12_01_archive.html)   If we need
>to get these points understood more widely, we could publish something
>on it.

Thanks for the reminder about this talk, which I very much enjoyed at the
time.

A few years back, we wrote a paper [1] explaining why we believed that QKD
is not commercially interesting. Some of the points are orthogonal to
yours, some overlap.

[1] Quantum cryptography: a practical information security perspective.
Kenneth G. Paterson, Fred Piper, Ruediger Schack
http://arxiv.org/abs/quant-ph/0406147

Cheers

Kenny