Re: [Cfrg] New draft on the transition from classical to post-quantum cryptography
"Dearlove, Christopher (UK)" <chris.dearlove@baesystems.com> Tue, 09 May 2017 09:22 UTC
Return-Path: <chris.dearlove@baesystems.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D848A129B76 for <cfrg@ietfa.amsl.com>; Tue, 9 May 2017 02:22:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.921
X-Spam-Level:
X-Spam-Status: No, score=-6.921 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qEC_maa7sIN4 for <cfrg@ietfa.amsl.com>; Tue, 9 May 2017 02:22:16 -0700 (PDT)
Received: from ukmta1.baesystems.com (ukmta1.baesystems.com [20.133.0.55]) (using TLSv1.2 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 951F2129B69 for <cfrg@irtf.org>; Tue, 9 May 2017 02:22:13 -0700 (PDT)
X-IronPort-AV: E=Sophos;i="5.38,313,1491260400"; d="scan'208";a="181618324"
Received: from unknown (HELO baemasmds016.greenlnk.net) ([10.15.207.101]) by ukmta1.baesystems.com with ESMTP; 09 May 2017 10:17:09 +0100
X-IronPort-AV: E=Sophos;i="5.38,313,1491260400"; d="scan'208";a="170487425"
Received: from glkxh0004v.greenlnk.net ([10.109.2.35]) by baemasmds016.greenlnk.net with ESMTP; 09 May 2017 10:16:52 +0100
Received: from GLKXM0003V.GREENLNK.net ([169.254.4.172]) by GLKXH0004V.GREENLNK.net ([10.109.2.35]) with mapi id 14.03.0248.002; Tue, 9 May 2017 10:16:52 +0100
From: "Dearlove, Christopher (UK)" <chris.dearlove@baesystems.com>
To: "Blumenthal, Uri - 0553 - MITLL" <uri@ll.mit.edu>, Paul Hoffman <paul.hoffman@vpnc.org>
CC: "cfrg@irtf.org" <cfrg@irtf.org>
Thread-Topic: [Cfrg] New draft on the transition from classical to post-quantum cryptography
Thread-Index: AQHSxFyyrdxv3Y4EbE29PkiMhZEf96Hj5ceAgAWiEoCAANDSgIAAEN0AgAAJkwCAAAIdAIAAAcAAgAFIm+A=
Date: Tue, 09 May 2017 09:16:52 +0000
Message-ID: <B31EEDDDB8ED7E4A93FDF12A4EECD30DE6330D69@GLKXM0003v.GREENLNK.net>
References: <BAE7613D-D89C-4F19-8FA5-1D3BCC55DCCB@vpnc.org> <78B0B91A8FEB2E43B20BCCE132613181399287CA@mail-essen-01.secunet.de> <9E0DFD44-3000-4E5B-BAE6-2EF74DB3EA4E@vpnc.org> <0d785b8b616846e9aa0eda962d1aade5@usma1ex-dag1mb1.msg.corp.akamai.com> <48F06B9A-7ED4-4711-901C-AA17DD690BC6@vpnc.org> <8076F68B-F7B1-487B-86ED-B6DCFE93EBF2@ll.mit.edu> <E6CCB3B6-3D85-4F98-A8A8-9DA3C97EDF44@vpnc.org> <58C7D7DD-B129-4FF1-B091-9AA8FAA46607@ll.mit.edu>
In-Reply-To: <58C7D7DD-B129-4FF1-B091-9AA8FAA46607@ll.mit.edu>
Accept-Language: en-GB, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.109.62.6]
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: base64
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/_0tDtK4EQWkopipHi5tQlRtMJ0I>
Subject: Re: [Cfrg] New draft on the transition from classical to post-quantum cryptography
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Tue, 09 May 2017 09:22:18 -0000
The NSA, who probably have the longest timescales, say (https://www.iad.gov/iad/library/ia-guidance/ia-solutions-for-classified/algorithm-guidance/assets/public/upload/CNSA-Suite-and-Quantum-Computing-FAQ.pdf, on page 8): "Algorithms often require 20 years to be fully deployed on NSS. NSS equipment is often used for 30 years or more. National security information intelligence value is often 30 years (sometimes more) although it may vary depending on classification, sensitivity, and subject." [NSS = National Security System] -- Christopher Dearlove Senior Principal Engineer BAE Systems Applied Intelligence Laboratories __________________________________________________________________________ T: +44 3300 467500 | E: chris.dearlove@baesystems.com BAE Systems Applied Intelligence, Chelmsford Technology Park, Great Baddow, Chelmsford, Essex CM2 8HN. www.baesystems.com/ai BAE Systems Applied Intelligence Limited Registered in England & Wales No: 01337451 Registered Office: Surrey Research Park, Guildford, Surrey, GU2 7YP -----Original Message----- From: Cfrg [mailto:cfrg-bounces@irtf.org] On Behalf Of Blumenthal, Uri - 0553 - MITLL Sent: 08 May 2017 15:35 To: Paul Hoffman Cc: cfrg@irtf.org Subject: Re: [Cfrg] New draft on the transition from classical to post-quantum cryptography On 5/8/17, 10:28 AM, "Paul Hoffman" <paul.hoffman@vpnc.org> wrote: > Wouldn’t you agree that for long-term documents (those that need to > survive for 15+ - 20+ years from now) the “need to change” is now > with a pretty high probability? No. That is, I haven't seen evidence that there will be quantum computers in 15 to 20 years from now that will be able to break classical cryptography using current key sizes. The same is true if you said "50 years". First, I’m sure there are documents now that need a “secure life” longer than 20 or even 50 years. Of course, I might have missed something in the early research for the -00 draft, so if you have pointers to such calculations, that would be great. Alas, my crystal ball is out of order right now. But scientific progress tends to be not exactly predictable/calculate-able. E.g., did you expect to talk about “quantum computers breaking crypto” 20 years ago? I didn’t. ******************************************************************** This email and any attachments are confidential to the intended recipient and may also be privileged. If you are not the intended recipient please delete it from your system and notify the sender. You should not copy it or use it for any purpose nor disclose or distribute its contents to any other person. ********************************************************************
- [Cfrg] New draft on the transition from classical… Paul Hoffman
- Re: [Cfrg] New draft on the transition from class… Tams, Benjamin
- Re: [Cfrg] New draft on the transition from class… Paul Hoffman
- Re: [Cfrg] New draft on the transition from class… Tams, Benjamin
- Re: [Cfrg] New draft on the transition from class… Salz, Rich
- Re: [Cfrg] New draft on the transition from class… Paul Hoffman
- Re: [Cfrg] New draft on the transition from class… Tams, Benjamin
- Re: [Cfrg] New draft on the transition from class… Blumenthal, Uri - 0553 - MITLL
- Re: [Cfrg] New draft on the transition from class… Paul Hoffman
- Re: [Cfrg] New draft on the transition from class… Blumenthal, Uri - 0553 - MITLL
- Re: [Cfrg] New draft on the transition from class… Dearlove, Christopher (UK)
- Re: [Cfrg] New draft on the transition from class… Russ Housley
- Re: [Cfrg] New draft on the transition from class… Stephen Farrell
- Re: [Cfrg] New draft on the transition from class… Richard Outerbridge
- Re: [Cfrg] New draft on the transition from class… Hugo Krawczyk