Re: [Cfrg] likelihood that someone has a quantum computer
William Whyte <wwhyte@securityinnovation.com> Tue, 14 January 2014 02:04 UTC
Return-Path: <wwhyte@securityinnovation.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1AE871AE098 for <cfrg@ietfa.amsl.com>; Mon, 13 Jan 2014 18:04:26 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.379
X-Spam-Level:
X-Spam-Status: No, score=-1.379 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FM_FORGED_GMAIL=0.622, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id waw7AMRRhtC3 for <cfrg@ietfa.amsl.com>; Mon, 13 Jan 2014 18:04:24 -0800 (PST)
Received: from mail-qc0-x229.google.com (mail-qc0-x229.google.com [IPv6:2607:f8b0:400d:c01::229]) by ietfa.amsl.com (Postfix) with ESMTP id 8431E1ADFE4 for <cfrg@irtf.org>; Mon, 13 Jan 2014 18:04:24 -0800 (PST)
Received: by mail-qc0-f169.google.com with SMTP id w7so1841015qcr.0 for <cfrg@irtf.org>; Mon, 13 Jan 2014 18:04:13 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=securityinnovation.com; s=google; h=from:references:in-reply-to:mime-version:thread-index:date :message-id:subject:to:content-type; bh=6o9MFwN8Igdv6QDWek6FHg5V/shD98vJciACsecrf5g=; b=OeFf++F2PoQ9NolTZgsGjmOf6e1i5rvXwecvuv2UNIzED7rS9+TbogoQlYCzaDMR/7 5HoHFE/8AHYjylQLicnw47xa/S5eFGzJkqkkdSbmW1K0t45nDbH79Fho1buUsFYX2EEE a8ybjuknOlARj8/LaP1Gn+TUCGHJ4oDO/i7Wk=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:references:in-reply-to:mime-version :thread-index:date:message-id:subject:to:content-type; bh=6o9MFwN8Igdv6QDWek6FHg5V/shD98vJciACsecrf5g=; b=nIeSeF3u9jSo9s54HAEFJX+KzDXyuZqE4Re7ZEGYfO3eT1ms+mUU5CyQiyGNId5npT srOpOb1jC4UCEneblOCys2RO6iX/w50hzfqM/J9eEU435z07vYrtSW/556XIRNA7sFtV xZlDRt6yWoXs6JpJ4l7n8NxisgWaXMCcXFEePNTg9ieoarbcPCBk6JmD/f3bmLXJq3EV OEbjJXApz8EsVpdA58vNVrW4otnQz9nyhC5H1kZEn7OdCFfVVAyXVTbnD8PakeB6OSvF CMKZJl3YDUOQY7MVpDy+RFmWNW3JOHn9BQIhcfNVjIXEFiptnuQPZ7DxaO1/hKfd5VJe q0eQ==
X-Gm-Message-State: ALoCoQnGoZ6JD2iTwNMl2rjvTgDkMXoFpimjlQCX99R08frAzOKfebfdGg52MCU7VES3fhh3ioET
X-Received: by 10.224.124.74 with SMTP id t10mr45493396qar.40.1389665052982; Mon, 13 Jan 2014 18:04:12 -0800 (PST)
From: William Whyte <wwhyte@securityinnovation.com>
References: <52C755AA.70200@cisco.com> <33E0BF53-A331-4646-B080-FD4F6E13916E@ieca.com> <810C31990B57ED40B2062BA10D43FBF5C1BF54@XMB116CNC.rim.net> <52D29B10.4030401@cisco.com> <CACz1E9rsLRwqpA0fS2RNOcpsn7DMqaN=7dcJDQqEi8HDMKKonQ@mail.gmail.com> <CACsn0c=mYv7v3fGCHCe9D5w2j+gRWWsmoUA7NQ=AsczTMP1rDw@mail.gmail.com> <d4d82e7c3988ce4908202185921ed7bb@mail.gmail.com> <52D3FEC2.4080602@cased.de>
In-Reply-To: <52D3FEC2.4080602@cased.de>
MIME-Version: 1.0
X-Mailer: Microsoft Outlook 14.0
Thread-Index: AQJ4x4958Z+19boV+tPFc44KqqvFgQKFSLs2AjIpROUCKyrZpgJv7XkgAVQx05MA/TQlngIt1h5ZmMF2qrA=
Date: Mon, 13 Jan 2014 21:04:12 -0500
Message-ID: <94153160f9ff12c3f2171a240bd9855f@mail.gmail.com>
To: arne renkema-padmos <arne.renkema-padmos@cased.de>, cfrg@irtf.org
Content-Type: text/plain; charset="ISO-8859-1"
Subject: Re: [Cfrg] likelihood that someone has a quantum computer
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Tue, 14 Jan 2014 02:04:26 -0000
Hi Arne, So is the idea that all devices have to implement both algorithms? Is there a mechanism in place for declaring one broken and requiring that the other is used at all times? TBH I'm less concerned about catastrophic failure of symmetric algorithms than public-key algorithms, but I'm very interested in processes to replace algorithms. Cheers, William -----Original Message----- From: Cfrg [mailto:cfrg-bounces@irtf.org] On Behalf Of arne renkema-padmos Sent: Monday, January 13, 2014 9:57 AM To: cfrg@irtf.org Subject: Re: [Cfrg] likelihood that someone has a quantum computer On 13/01/14 11:48, William Whyte wrote: > I don't think you can say that just because there have been few > discontinuities in the security of algorithms there will be no > discontinuities in the future. There might be, and if it does happen > unexpectedly it'll be a big problem. It's not a problem we need to > work on right now, but, again, that makes this a really good time > to address it. It makes sense to have a fallback algorithm set, as ETSI has done with the 3GPP algorithms: http://www.etsi.org/services/security-algorithms/3gpp-algorithms They standardised both KASUMI and SNOW 3G with the requirements for SNOW 3G as fallback algorithm being: * maximizing "cryptographic distance" from KASUMI * minimizing potential vulnerability to algebraic attacks See: https://www.cosic.esat.kuleuven.be/ecrypt/courses/end/slides-28/8-gilbert. pdf Cheers, arne -- Arne Renkema-Padmos @hcisec, secuso.org Doctoral researcher CASED, TU Darmstadt _______________________________________________ Cfrg mailing list Cfrg@irtf.org http://www.irtf.org/mailman/listinfo/cfrg
- Re: [Cfrg] considering new topics for CFRG David McGrew
- Re: [Cfrg] considering new topics for CFRG David McGrew
- Re: [Cfrg] considering new topics for CFRG Trevor Perrin
- [Cfrg] considering new topics for CFRG David McGrew
- Re: [Cfrg] considering new topics for CFRG Sean Turner
- Re: [Cfrg] considering new topics for CFRG Henrick Hellström
- Re: [Cfrg] considering new topics for CFRG David Wagner
- Re: [Cfrg] considering new topics for CFRG Henrick Hellström
- Re: [Cfrg] considering new topics for CFRG Henrick Hellström
- Re: [Cfrg] considering new topics for CFRG Paul Lambert
- Re: [Cfrg] considering new topics for CFRG David McGrew
- Re: [Cfrg] considering new topics for CFRG Paul Lambert
- Re: [Cfrg] considering new topics for CFRG Stephen Farrell
- Re: [Cfrg] considering new topics for CFRG William Whyte
- Re: [Cfrg] considering new topics for CFRG Stephen Farrell
- Re: [Cfrg] considering new topics for CFRG Watson Ladd
- Re: [Cfrg] considering new topics for CFRG Paul Lambert
- Re: [Cfrg] considering new topics for CFRG Dan Brown
- Re: [Cfrg] considering new topics for CFRG Blumenthal, Uri - 0558 - MITLL
- Re: [Cfrg] considering new topics for CFRG Paul Lambert
- Re: [Cfrg] considering new topics for CFRG William Whyte
- Re: [Cfrg] considering new topics for CFRG Max Pritikin (pritikin)
- Re: [Cfrg] considering new topics for CFRG Watson Ladd
- Re: [Cfrg] considering new topics for CFRG Sean Turner
- Re: [Cfrg] considering new topics for CFRG Sean Turner
- Re: [Cfrg] considering new topics for CFRG Adam Back
- [Cfrg] QKD is pointless (was: Re: considering new… David McGrew
- Re: [Cfrg] considering new topics for CFRG Stephen Farrell
- Re: [Cfrg] QKD is pointless (was: Re: considering… Paterson, Kenny
- Re: [Cfrg] QKD is pointless (was: Re: considering… Sean Turner
- Re: [Cfrg] considering new topics for CFRG Sean Turner
- Re: [Cfrg] considering new topics for CFRG Max Pritikin (pritikin)
- Re: [Cfrg] considering new topics for CFRG Dan Brown
- Re: [Cfrg] considering new topics for CFRG Paul Lambert
- Re: [Cfrg] QKD is pointless (was: Re: considering… Igoe, Kevin M.
- Re: [Cfrg] QKD is pointless (was: Re: considering… Igoe, Kevin M.
- Re: [Cfrg] QKD is pointless (was: Re: considering… Watson Ladd
- [Cfrg] DANE in the IETF (was: Re: considering new… Paul Hoffman
- [Cfrg] One Key -> RE: considering new topics for … Paul Lambert
- Re: [Cfrg] QKD is pointless (was: Re: considering… Paul Lambert
- [Cfrg] ReL DANE in the IETF (was: Re: considering… Paul Hoffman
- Re: [Cfrg] QKD is pointless David McGrew
- Re: [Cfrg] QKD is pointless Hilarie Orman
- [Cfrg] likelihood that someone has a quantum comp… David McGrew
- Re: [Cfrg] considering new topics for CFRG dan
- Re: [Cfrg] likelihood that someone has a quantum … David Jacobson
- Re: [Cfrg] likelihood that someone has a quantum … William Whyte
- Re: [Cfrg] likelihood that someone has a quantum … Watson Ladd
- Re: [Cfrg] likelihood that someone has a quantum … Yoav Nir
- Re: [Cfrg] likelihood that someone has a quantum … Stephen Farrell
- Re: [Cfrg] likelihood that someone has a quantum … William Whyte
- Re: [Cfrg] likelihood that someone has a quantum … David McGrew
- Re: [Cfrg] likelihood that someone has a quantum … David McGrew
- Re: [Cfrg] likelihood that someone has a quantum … William Whyte
- Re: [Cfrg] likelihood that someone has a quantum … arne renkema-padmos
- Re: [Cfrg] likelihood that someone has a quantum … Igoe, Kevin M.
- Re: [Cfrg] QKD is pointless David Wagner
- Re: [Cfrg] likelihood that someone has a quantum … William Whyte
- Re: [Cfrg] likelihood that someone has a quantum … William Whyte
- Re: [Cfrg] likelihood that someone has a quantum … William Whyte
- Re: [Cfrg] likelihood that someone has a quantum … David McGrew
- Re: [Cfrg] likelihood that someone has a quantum … arne renkema-padmos
- Re: [Cfrg] considering new topics for CFRG Paul Lambert
- Re: [Cfrg] considering new topics for CFRG Igoe, Kevin M.
- Re: [Cfrg] considering new topics for CFRG Paul Lambert
- Re: [Cfrg] considering new topics for CFRG David McGrew
- [Cfrg] 'key centric' architecture (was: Re: consi… Rene Struik
- Re: [Cfrg] 'key centric' architecture (was: Re: c… Richard Barnes
- Re: [Cfrg] considering new topics for CFRG David McGrew