Re: [Cfrg] BLS standard draft
Michael Scott <mike.scott@miracl.com> Mon, 11 February 2019 11:52 UTC
Return-Path: <mike.scott@miracl.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 36BE8130E8A for <cfrg@ietfa.amsl.com>; Mon, 11 Feb 2019 03:52:22 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=miracl-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9ZsH0p7baWbn for <cfrg@ietfa.amsl.com>; Mon, 11 Feb 2019 03:52:20 -0800 (PST)
Received: from mail-it1-x12a.google.com (mail-it1-x12a.google.com [IPv6:2607:f8b0:4864:20::12a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 078B4130E8C for <cfrg@irtf.org>; Mon, 11 Feb 2019 03:52:19 -0800 (PST)
Received: by mail-it1-x12a.google.com with SMTP id b5so25468571iti.2 for <cfrg@irtf.org>; Mon, 11 Feb 2019 03:52:19 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=miracl-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to; bh=Ccg9iJNta8HiqAB1hm7bbfnS8H/mZxFoeLJOqKwazHk=; b=gRS996+E88XVXxeWj9Ekv+k1LhnFLAhYT/hcoQDlSsJuAGrstQqRSoz4kPyeXQ+daS GBmm0IB9V9smZFcE+fFCdkLnwXNqOwTRRkSxMB2JmrCrMIfiMuDTM2UsfhIc9tXJSVx4 svsY7T+Sm3dMaLhZd4fp61N4VVHO4XFrFw4nocTIsWOfBUYEdAHULFucK+XHMAHrclSE +GP+11A5NwgctPLj8w799iVZteO+UWDtl8yME/mtzOyRjoBe7dJqX25+Bfb4dQY48qsD ZLHNWBC4bflCC0/U1E8wbRisryxZV9uOFe/xhtj+tkjn2UrX5MKSsIQd+YouioBQ8EQb 0qBQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to; bh=Ccg9iJNta8HiqAB1hm7bbfnS8H/mZxFoeLJOqKwazHk=; b=iyeQoS1Dorsp3rsMjKLRm119zLLflC6Woktq9veGVmlzGWKVfhefkiBKfl8mafWkaH 8bc2vcQWAyO0Y03KO1dt1+HEvqhCDFkFsteHLI8d2Yxe65cGsceK+hIFL6JbQ8qQQ5TP Tm6sL51PFf7Y4Oe8y5G2W4YZHek6TKMTVV5yzulEVw5EViZdikCJvVHU+3qB11bFFzvd 0yeho3ha1xosnCBDw8ieH7w0gvSiT2SFu1UHqeaunM6wC/reduV8dYYYY76ABuipDP3d o3fZBn4SZN6iTLT+hmZA6G1x2Yl6Nxy9BvHEY1BVKtH0QguDuYOyEeQeL/sU5jde9lPH zOsA==
X-Gm-Message-State: AHQUAuY3RksY4uQtQvEeKG4xJoYlL8hv/j/so43JQ9Ri/fx9t6QpV3kD jn0TUAuOuD00aqmnI3M0vWWkYqvjpp9dKFO67QnUZN/TBmU=
X-Google-Smtp-Source: AHgI3Ibg97IKPkOkesQp24fm7Hpkp6iTkzibZNXmqSWCOy0m2MQp71sAOBcEJu6ZBv0D5okF5rHi/WeSUReYWMjPx0U=
X-Received: by 2002:a24:5c90:: with SMTP id q138mr4999771itb.32.1549885938783; Mon, 11 Feb 2019 03:52:18 -0800 (PST)
MIME-Version: 1.0
References: <CACnav0oBNCt7VwR5_kvf7HqqVFF33iKv5y3mqeWnwx2UVHhD=g@mail.gmail.com> <CAND9ES1bYNC2V5oCHVXO4CO6iG5QBh+N51K4Mjdu6T3aBxF08A@mail.gmail.com>
In-Reply-To: <CAND9ES1bYNC2V5oCHVXO4CO6iG5QBh+N51K4Mjdu6T3aBxF08A@mail.gmail.com>
From: Michael Scott <mike.scott@miracl.com>
Date: Mon, 11 Feb 2019 11:52:09 +0000
Message-ID: <CAEseHRqWTQppCOnF2KyZEKZyf4bhYr2nwuE6pHATnq84ttnLXg@mail.gmail.com>
To: CFRG <cfrg@irtf.org>
Content-Type: multipart/alternative; boundary="000000000000d2f05205819cf018"
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/b19pyRNHtXzlE0jFXpZkCaEtnSY>
Subject: Re: [Cfrg] BLS standard draft
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Mon, 11 Feb 2019 11:52:22 -0000
My take on this would be that 1) Pairing-based crypto threw open the doors to lots of nice new crypto possibilities, enabling stuff that we couldn't do before 2) Gradually post-quantum crypto is catching up and demonstrating capabilities that mirror some (but not all) of these achievements 3) Post-quantum crypto depends on hard problems that it will take time to develop full confidence in, even in regard to attacks from non-quantum computers 4) In the meantime (and that could be quite a long time) it makes perfect sense to proceed with the development and standardization of non-quantum safe methods. 5) In the year x out pops a quantum computer. However in the year x-1 out popped well-developed and well-understood post-quantum crypto replacements in which we can have complete confidence. Everyone is a winner! Well except for the guys who invested in a business plan to develop a quantum computer on the basis that it would break all of crypto. Mike Scott On Sun, Feb 10, 2019 at 11:37 PM William Whyte <wwhyte@onboardsecurity.com> wrote: > Hi all, > > With no intent to cast aspersions on this particular scheme, I'm not sure > that CFRG should be putting a lot of time into non-quantum-safe schemes > these days unless there's a compelling reason to. > > Cheers, > > William > > On Sun, Feb 10, 2019 at 5:44 PM Sergey Gorbunov <sgorbunov@uwaterloo.ca> > wrote: > >> Dear Colleagues: >> >> We submitted a draft-00 on the BLS signature scheme. >> We received some preliminary feedback from interested parties, and we >> plan to continue updating it as we receive more. >> Please take a look. >> We appreciate any additional feedback! >> https://datatracker.ietf.org/doc/draft-boneh-bls-signature/ >> >> Abstract >> >> The BLS signature scheme was introduced by Boneh-Lynn-Shacham in >> 2001. The signature scheme relies on pairing-friendly curves and >> supports non-interactive aggregation properties. That is, given a >> collection of signatures (sigma_1, ..., sigma_n), anyone can produce >> a short signature (sigma) that authenticates the entire collection. >> BLS signature scheme is simple, efficient and can be used in a >> variety of network protocols and systems to compress signatures or >> certificate chains. This document specifies the BLS signature and >> the aggregation algorithms.. >> >> >> Regards, >> Sergey >> web <https://cs.uwaterloo.ca/~sgorbuno/> >> _______________________________________________ >> Cfrg mailing list >> Cfrg@irtf.org >> https://www.irtf.org/mailman/listinfo/cfrg >> > > > -- > > --- > > I may have sent this email out of office hours. I never expect a response > outside yours. > _______________________________________________ > Cfrg mailing list > Cfrg@irtf.org > https://www.irtf.org/mailman/listinfo/cfrg >
- [Cfrg] BLS standard draft Sergey Gorbunov
- Re: [Cfrg] BLS standard draft William Whyte
- Re: [Cfrg] BLS standard draft Michael Scott
- Re: [Cfrg] BLS standard draft david wong
- Re: [Cfrg] BLS standard draft Tony Arcieri
- Re: [Cfrg] BLS standard draft Eric Rescorla
- Re: [Cfrg] BLS standard draft 赵运磊
- Re: [Cfrg] BLS standard draft David Wong
- Re: [Cfrg] BLS standard draft Sergey Gorbunov
- Re: [Cfrg] BLS standard draft John Mattsson
- Re: [Cfrg] BLS standard draft Michael Scott
- Re: [Cfrg] BLS standard draft Sergey Gorbunov
- Re: [Cfrg] BLS standard draft Antonio Sanso
- Re: [Cfrg] BLS standard draft Antonio Sanso
- Re: [Cfrg] BLS standard draft Marek Jankowski