IETF Logo Mail Archive

Re: [Cfrg] Fwd: I-D Action: draft-yonezawa-pairing-friendly-curves-01.txt

Ruslan Kiyanchuk <ruslan.kiyanchuk@gmail.com> Mon, 15 April 2019 18:05 UTC

Return-Path: <ruslan.kiyanchuk@gmail.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id ECF2E120058 for <cfrg@ietfa.amsl.com>; Mon, 15 Apr 2019 11:05:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VAd6taXSlibc for <cfrg@ietfa.amsl.com>; Mon, 15 Apr 2019 11:05:05 -0700 (PDT)
Received: from mail-oi1-x22e.google.com (mail-oi1-x22e.google.com [IPv6:2607:f8b0:4864:20::22e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 70CD9120408 for <cfrg@irtf.org>; Mon, 15 Apr 2019 11:05:05 -0700 (PDT)
Received: by mail-oi1-x22e.google.com with SMTP id y84so14577652oia.12 for <cfrg@irtf.org>; Mon, 15 Apr 2019 11:05:05 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=p53dOXmQ8LANLcU6mqhOrGktRNU3lj0YBJeVngc4NZ0=; b=e/x0yQh8BQTSGqZxq+axBGwvdkioKrlV0zDkxWZRxXYWg6xd1dw+qcJIo9PoNJ8YOL G/hfTlLqVKghrzEyeXRI6xkwR3nx0bpu4EBb5z2TmC2X5okNkq5XNbR17YNhEMYU6YyF 7iILBuUXMUdJ3dl6b9dZ4lifwNPjq/NBDbvj91kDPf7dGy/6PkGduJEZNVf39xXJ1UOP to5LGHg2XRUSlN+w/CGvehdjPBRlihtwFL+6qm1R7jMVVwdpeRMG//VG6W9MC/7p7O4Y VJBHQ2CZlThKNsG6q1O+0DEwD40LyCVSF5FN/tYOiK9i7oUcJIJrIpXa+gl50P2+IkPH qZNg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=p53dOXmQ8LANLcU6mqhOrGktRNU3lj0YBJeVngc4NZ0=; b=gh8QDHuMQ8aTusSPa1YuL85ZKCTr1igOecFv7hYhfavmEsAoBt1reHqPg3RWnkMOqi XdTruOKDO8VLhwgv5wq1DTA4FBq5haRkC2+5kkDqZ6uA1FDEJVl0S4Y/aiEYrwuCpla9 dx3t1Ou4ONSp8ZoEEdIiZdyJumiscMhskw8KmkMTRO9Wpy3ONm1X0IPbvJEoEQmbIJXQ 6AkwWPh/4p1zyblMS8uEEWU/HDGRL0+qbfQYSqBKspd3Aha9o9JsNXhEguQ8gKySZG4w soMZZxZYyQdx0WaCSBeKpThlqEn5KF5KKT0xMyYlobamXuLdUsYo0sLqhe/dINBTNloY tlUg==
X-Gm-Message-State: APjAAAVyaPUmWsttH8TV6TT1F5Wwpqx7uWFsZHdHTP0KBncDXSxr+OMn w0F31qAcWAxKjKSz675hqRTKjcoVbuNGPkP4EkYnC1CDrxg=
X-Google-Smtp-Source: APXvYqxSufKJeJxVae/vVxhad6ARCmxVhmySXIEA1XsuJpYTxvStVaVPEd66UKKOnuAH7540ohrrAu6ZL3ij7BgSSW0=
X-Received: by 2002:aca:4c08:: with SMTP id z8mr14937362oia.30.1555351504388; Mon, 15 Apr 2019 11:05:04 -0700 (PDT)
MIME-Version: 1.0
References: <155231848866.23086.9976784460361189399@ietfa.amsl.com> <737ea2b3-74e3-d02e-a44d-c44cca5db036@lepidum.co.jp> <CAEseHRrSiJ72tQepyTiL=pSBcRRLGXhnJyy_QzOubWax+v=Ntw@mail.gmail.com> <CAEseHRqh4d0VaeSaj4CWr_ZxJbbpm33ZaLF-aYGBjVowFNLFeQ@mail.gmail.com> <c57bbf7b-3177-eb64-a3c0-26842fccbb89@lepidum.co.jp> <CAEseHRrVomCo6KD7gidCRBzKJDzFZRQ+q0+PjfBr8tQT4dVpMQ@mail.gmail.com> <b016d1f6-68e4-9728-c738-ab72c593dfd1@lepidum.co.jp> <CAEseHRoLGFbf74HT9n2beryc9Liqf2Hz+_rh-yo6Q8hNqwCvNQ@mail.gmail.com> <CAMCcN7RTQU=a+SYVkGUHZ4enOhkA9j9i6ivMRDUwb+aXPZ9hBg@mail.gmail.com> <7AE82BE8-768D-4B70-B7F1-EAF6894E428E@ll.mit.edu> <9CABDAD4-AAB7-46BF-BED7-6A917F828F11@inf.ethz.ch> <27F5D9B6-A44D-4A12-B81D-C4FB01052113@ll.mit.edu> <810C31990B57ED40B2062BA10D43FBF501DB4A31@XMB116CNC.rim.net> <B79CBA86-3C81-4973-84C2-7DAD7B659CB4@ericsson.com> <CADPMZDCHgsP6=ssJymeoq7RP1eshWf4zk+N9Cf1DY-fk+ntCgA@mail.gmail.com> <1554167337418.62603@cs.auckland.ac.nz> <1A5915E5-E50A-426E-B8F5-6CCCA47AB392@ll.mit.edu> <DB8PR05MB599359EAB383B467DBE6DDB283570@DB8PR05MB5993.eurprd05.prod.outlook.com> <1555299362578.89262@cs.auckland.ac.nz> <2C14A5F0-641D-4B5A-B455-A0B90B2DA371@ll.mit.edu>
In-Reply-To: <2C14A5F0-641D-4B5A-B455-A0B90B2DA371@ll.mit.edu>
From: Ruslan Kiyanchuk <ruslan.kiyanchuk@gmail.com>
Date: Mon, 15 Apr 2019 11:04:48 -0700
Message-ID: <CALwRki4_NLujn7VQsDN8auoz5Tw0x3J-OyiUmrN6MnQfZUQEyA@mail.gmail.com>
To: "Blumenthal, Uri - 0553 - MITLL" <uri@ll.mit.edu>
Cc: Peter Gutmann <pgut001@cs.auckland.ac.nz>, Björn Haase <bjoern.haase@endress.com>, CFRG <cfrg@irtf.org>
Content-Type: multipart/alternative; boundary="000000000000eb87730586957d05"
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/X4yO3BInIXsGIdSXFYZz9bvaOo4>
Subject: Re: [Cfrg] Fwd: I-D Action: draft-yonezawa-pairing-friendly-curves-01.txt
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Mon, 15 Apr 2019 18:05:08 -0000

@Uri, the link statement reads fishy. I am also not a professional quantum
physicist, but my understanding was that D-Wave computers can only do
quantum annealing, which makes them applicable to a very narrow set of
quantum problems, and makes them unsuitable for running Shor's or Grover's
algorithms, which are not quantum annealing problems. At least that's how
it used to be couple of years ago. Did D-Wave broaden the scope of their
computers recently?

On Mon, Apr 15, 2019 at 9:09 AM Blumenthal, Uri - 0553 - MITLL <
uri@ll.mit.edu> wrote:

> While not a quantum physicist myself, I do think you are downplaying the
> risks:
>
>
> https://www.insidequantumtechnology.com/news/new-hope-quantum-computers-factorizations-rsa-thousand-fold-excess/?utm_source=IQT+Daily+Newsletter&utm_campaign=a7528b4239-RSS_EMAIL_CAMPAIGN&utm_medium=email&utm_term=0_e8f238b4dd-a7528b4239-72197729
>
> I understand Peter's point that unlike QC, attacks against implementations
> are really bad *now* (and probably will stay that way), but that's not an
> excuse to ignore the upcoming threat on the algorithmic level.
> --
> Regards,
> Uri
>
> On 4/14/2019, 23:37, "Peter Gutmann" <pgut001@cs.auckland.ac.nz> wrote:
>
>     Björn Haase <bjoern.haase@endress.com> writes:
>
>     >Saying this, I think that it is important to have researchers working
> on PQ-
>     >Crypto such that we have a solution "in the box", even if the actual
>     >probability that we'd actually need it might be small.
>
>     If it was researchers publishing via standard academic venues that'd
> be fine,
>     the problem is that the CFRG is a de facto standards body so anything
>     published will become an Internet standard.  At that point the
> yet-to-be-
>     given-a-cool-name rule [0] which says that the best crypto is the
> latest
>     trendiest bleeding-edge stuff and not the long-established stuff that
> we have
>     a lot of experience with will kick in, and whatever PQC is written up
> will
>     start being deployed and rushed into production before the RFC is even
>     published.
>
>     The end result will be the worst of both worlds, we'll have a bunch of
> PQC
>     algorithms that work nothing like existing stuff so that people will
> be able
>     revisit thirty years of mistakes in applying it, alongside the
> existing crypto
>     that also needs to be supported.
>
>     So standardising PQC at this point is hugely premature.  Leave it for
> academic
>     conferences from which it can be pulled as required, but don't give
>     implementers an excuse to re-make all the mistakes that have been made
> in the
>     past with an entirely new set of algorithms.
>
>     Peter.
>
>     [0] Suggestions for a name welcome, currently "The Hipster Crypto
> Rule" but
>         I'm not too happy with that.
>
> _______________________________________________
> Cfrg mailing list
> Cfrg@irtf.org
> https://www.irtf.org/mailman/listinfo/cfrg
>

v2.23.0 | Report a Bug | By Email