IETF Logo Mail Archive

Re: [CFRG] NSA vs. hybrid

"Blumenthal, Uri - 0553 - MITLL" <uri@ll.mit.edu> Tue, 07 December 2021 02:15 UTC

Return-Path: <prvs=89753b2724=uri@ll.mit.edu>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A051F3A0D62 for <cfrg@ietfa.amsl.com>; Mon, 6 Dec 2021 18:15:40 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Jk76me212s6b for <cfrg@ietfa.amsl.com>; Mon, 6 Dec 2021 18:15:39 -0800 (PST)
Received: from MX3.LL.MIT.EDU (mx3.ll.mit.edu [129.55.12.52]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3C3A93A0E0F for <cfrg@irtf.org>; Mon, 6 Dec 2021 18:15:38 -0800 (PST)
Received: from LLEX2019-2.mitll.ad.local (llex2019-2.llan.ll.mit.edu [172.25.4.124]) by MX3.LL.MIT.EDU (8.16.1.2/8.16.1.2) with ESMTPS id 1B72Faxq155287 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=FAIL) for <cfrg@irtf.org>; Mon, 6 Dec 2021 21:15:36 -0500
ARC-Seal: i=1; a=rsa-sha256; s=arcselector5401; d=microsoft.com; cv=none; b=yrj8ZlbexH5HFZO269KOU6f5wSLhkkTlAXMVx66tpz03ZyLqsK2ndqLl1xEgZJwr/EbiAQ8df+RWc87L5ESalJBccoeSqsC8rSCZLBG5QBYQbnttRqdl2oWtOmjZWnRrUBliAl4mldj40ceebIj8G4XZ7CJhM1G9EeOkHNvZvrCtAF+2NGmQi3iLwNuBCFM5ZFCN4W/AItCxdJ1lMMMEe+GW7oJONQURLyKSs1PpBg9PtWEwOAUoOUSB5syTaHnjWyHLse0qAusRXe0G9N+fwPXzOF4ZbgISDUfT79rjD4QhJbwt7PKLizDSk2OtScs+6PnsHQVtXj9jvEAqWo41Jw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector5401; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=O78xbU2u06mZt2j8K423MnpYTD5f8e+hSxdt4KMqcVM=; b=1ludrx2EegnaTkYohvsWdqpQYqNL5w7f4ICe6q5nOgnQg3xBmaoyclxP8a3q+QTemSRviz43UrvlLajl16626QDRzcx/OHu/MimyGWgPZiyJo91Okng/rH9bfJRjX/Vpact6JFAMs+zFfl0oKdEOoBThi4RSsa/uTmLHgxEyXHru8Eb0C21hvPxTwRaJniyKagNEiaFBi0Cv5jQZH6sYoLVVovvDSRIF7eKRwrVG/PI8N5pk2bXzYdHUZrXFTq/Pklyg4hOhKDhTQpl5Ld9+8IVNQL7zAQYY8BAYjSZU+dyHe4OfXzndpsaj0goQnx9lQKSkDulVdg3lNBrX93LuBQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ll.mit.edu; dmarc=pass action=none header.from=ll.mit.edu; dkim=pass header.d=ll.mit.edu; arc=none
From: "Blumenthal, Uri - 0553 - MITLL" <uri@ll.mit.edu>
To: "cfrg@irtf.org" <cfrg@irtf.org>
Thread-Topic: [CFRG] NSA vs. hybrid
Thread-Index: Adfq+SifdKkyH8eASvmUsdG8SJfxR///vEKAgABXtID//69qgP//q8fggABrVoA=
Date: Tue, 07 Dec 2021 02:15:34 +0000
Message-ID: <32073C5C-9DDE-4CA7-BB8A-F078C2406152@ll.mit.edu>
References: <BL3PR11MB5732F4B9822A93E08E7E115F9F6D9@BL3PR11MB5732.namprd11.prod.outlook.com> <310998F0-F6A8-46D0-AF14-A85367169396@ll.mit.edu> <e8e80662-ac81-4845-8f8c-64ac81e30890@www.fastmail.com> <E383D80F-D38C-4A6F-9DA6-1BABDA7D8FBF@ll.mit.edu> <BL3PR11MB5732461035F7173FED4A0F309F6E9@BL3PR11MB5732.namprd11.prod.outlook.com>
In-Reply-To: <BL3PR11MB5732461035F7173FED4A0F309F6E9@BL3PR11MB5732.namprd11.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.54.21101001
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 373982d3-94bb-4dd9-c184-08d9b92773bd
x-ms-traffictypediagnostic: CY1P110MB0744:
x-microsoft-antispam-prvs: <CY1P110MB07446F2B198A33C2C5536CF4906E9@CY1P110MB0744.NAMP110.PROD.OUTLOOK.COM>
x-ms-oob-tlc-oobclassifiers: OLM:8273;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: V+W5Ziw8RKTUvqsjOGjo+8005HPXWI7AKwcZ30CexQS2brZWNv9GvUWIH4ySRjKjeJCZmk6PDf1BcJnhDvYlf+f9ogGPJJhM36Ocyk2WLhm8xbmyoBnxgHhLWmBpJC0Ak36gFdRPDEa2aSplD5SjmhoBrjCP6kkQeH8VG4RiiHj2uG5oTZ11QuOVB1TQuVTtcolBEeJLSMMqsToYDoAG/ldLuqq2Y5iVsmKqyjsjF4pUO/t82Qtj+N4QwQfw8lT5ceWEugLwvzgf+mYcKDoQD6eJyszk3QUvV0qxBv4K/4chEx+Gos4aM1MFxGYK19P5VJMZ+PsUeIVEnnBCPdbDY/E3ravZgvxGidgK0y4HvioXFDC+o8rKO8L6RK70OOMJM9IBszV6EWNtyfuCeC2F6ZIzZ0Nc5F9al0cw8oWiTJa3lFjukfxs7brdolcCme0aZIBMdrGjJyxkCyC9FdxpD4lMuKbJgT2cZ/WY5MCjld0JBG4VyH+byZc5QQd+M/uSd8yiJyWj8SF4fy/s//wMbPyHypinqSVB+gNqWltpA4GtQ+t3mjEvgCZj/d0zf/m9pvCWuCsWXyyYzOCDyiC1rj2O77LmHwvt4tDNeZdVca6xVxEZYVjWXYHDc8JeMXXOnFKtVIjj/erGJvHr2QaeHCtHzU2Gu4vM/WDg92R7Hug=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:CY1P110MB0616.NAMP110.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(366004)(6512007)(71200400001)(5660300002)(26005)(8676002)(75432002)(99936003)(8936002)(33656002)(6916009)(38070700005)(6486002)(83380400001)(86362001)(6506007)(498600001)(186003)(2616005)(2906002)(4744005)(66476007)(64756008)(66556008)(66446008)(122000001)(66946007)(76116006)(38100700002)(45980500001); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: /MX4MNwu7arujNHBfaceU42JU4wF5f/K+YjELXDJwco5uuKc4ZDRlvu41TJn7on/VibJc5wTsUT5ggXAT5iAmAIkxOGTGloEHPI5S3r5rgczbIkRDOEUsv+p7L7Qc/FrFfd616MKPnQ/P93qzRbiEQ==
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg="sha256"; boundary="B_3721670134_879656471"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: CY1P110MB0616.NAMP110.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: 373982d3-94bb-4dd9-c184-08d9b92773bd
X-MS-Exchange-CrossTenant-originalarrivaltime: 07 Dec 2021 02:15:34.4495 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 83d1efe3-698e-4819-911b-0a8fbe79d01c
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY1P110MB0744
X-Proofpoint-ORIG-GUID: 5XoXQOAyYwxdK9NScMmMdm-oGLHKJzqt
X-Proofpoint-GUID: 5XoXQOAyYwxdK9NScMmMdm-oGLHKJzqt
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.425, 18.0.790 definitions=2021-12-06_08:2021-12-06, 2021-12-06 signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 bulkscore=0 suspectscore=0 malwarescore=0 adultscore=0 mlxlogscore=833 mlxscore=0 spamscore=0 phishscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2110150000 definitions=main-2112070013
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/QhGnQhFpUtbTXOPKe9YW8J6qnU0>
Subject: Re: [CFRG] NSA vs. hybrid
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Tue, 07 Dec 2021 02:15:41 -0000

> In all scenarios:
> 2) Hybrid (esp. with 3+ algs) allows you to combine
> multiple PQC algs, spreading out your risk.

Repeating myself, yes it would spread out the risk, but IMHO it is not worth the cost. It has not been done before, and it isn't worth doing now.

Besides, if "combining" was done back in the early 2000, it wouldn't've helped now - because the threat today (CRQC) would break all of them. Now we're talking about some unknown attacks that we *hope* would compromise some algorithms, but not other... What makes one think that the next (after-Quantum) threat wouldn't threaten both our Classic and our PQ?

v2.23.0 | Report a Bug | By Email