IETF Logo Mail Archive

Re: [CFRG] CFRG and crypto-threatening quantum computers

Russ Housley <housley@vigilsec.com> Fri, 17 September 2021 23:01 UTC

Return-Path: <housley@vigilsec.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 90D643A1AD4 for <cfrg@ietfa.amsl.com>; Fri, 17 Sep 2021 16:01:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id V-Ymi7dvsPjp for <cfrg@ietfa.amsl.com>; Fri, 17 Sep 2021 16:01:24 -0700 (PDT)
Received: from mail.smeinc.net (mail.smeinc.net [209.135.209.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3DCFA3A1A58 for <cfrg@ietf.org>; Fri, 17 Sep 2021 16:01:21 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mail.smeinc.net (Postfix) with ESMTP id 6B4E7300C65 for <cfrg@ietf.org>; Fri, 17 Sep 2021 19:01:21 -0400 (EDT)
X-Virus-Scanned: amavisd-new at mail.smeinc.net
Received: from mail.smeinc.net ([127.0.0.1]) by localhost (mail.smeinc.net [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id WP9RsM95Sh9S for <cfrg@ietf.org>; Fri, 17 Sep 2021 19:01:19 -0400 (EDT)
Received: from [172.20.5.7] (unknown [65.210.89.2]) by mail.smeinc.net (Postfix) with ESMTPSA id 309B0300C4A; Fri, 17 Sep 2021 19:01:19 -0400 (EDT)
From: Russ Housley <housley@vigilsec.com>
Message-Id: <AF60635C-B6D4-4EC2-B84A-D1AE70D6507A@vigilsec.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_4E560331-CE74-427D-80DB-92533C8429E7"
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.21\))
Date: Fri, 17 Sep 2021 19:01:17 -0400
In-Reply-To: <CAOvwWh2v3ovm=JNW_Z=EXSfYabH0sw5U_m-TkA6mSQy+-YHtNQ@mail.gmail.com>
Cc: "<cfrg@ietf.org>" <cfrg@ietf.org>
To: Soatok Dreamseeker <soatok.dhole@gmail.com>
References: <03b5ea0e-cf1a-8edf-d642-2fb4b2e458fd@htt-consult.com> <CACsn0ckZbA4=Xe+Lc1w5bc5os8Ekeh9q7AAxknknwrrBZ0R-KQ@mail.gmail.com> <E0D027B0-089E-4402-BD65-38ADEABC3351@ll.mit.edu> <CAEseHRoH941WndaQmL8F=4w6BLkfjCaxa8mKP14bjNUEz2MRfw@mail.gmail.com> <00DA2E69-D80A-4CA7-B744-97B30F237501@ll.mit.edu> <20210917184114.4gnz7g4dl7euf5po@kaon.local> <A3231C7A-6DA6-47A9-96B7-0A90339EFB7F@ll.mit.edu> <20210917215621.q675hgb77nlejshj@kaon.local> <CAOvwWh2v3ovm=JNW_Z=EXSfYabH0sw5U_m-TkA6mSQy+-YHtNQ@mail.gmail.com>
X-Mailer: Apple Mail (2.3445.104.21)
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/lu86cRp1vv8OoGhb1oaDlmjjrZI>
Subject: Re: [CFRG] CFRG and crypto-threatening quantum computers
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Fri, 17 Sep 2021 23:01:38 -0000


> On Sep 17, 2021, at 6:16 PM, Soatok Dreamseeker <soatok.dhole@gmail.com> wrote:
> 
> I'm agnostic to the threat of quantum computers. My stance is simply: Design for the threat model you have, not the one you're worried about having in 10 years. If you're worried about having to migrate to new cryptography, ever, you should build versioning into whatever you're building, so you can migrate when your threat model evolves. This is true even if practical quantum computers somehow turn out to be impossible.

W have alway needed to transition to new hash functions, bigger key sizes, wider block ciphers, and so on.  Thus, versioning is always needed.

Russ

v2.23.0 | Report a Bug | By Email