Re: [Cfrg] Europe's "Quantum Manifesto" and QKD snake oil

Aaron Zauner <azet@azet.org> Mon, 02 May 2016 07:05 UTC

Return-Path: <azet@azet.org>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BEC8C12B04A for <cfrg@ietfa.amsl.com>; Mon, 2 May 2016 00:05:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=azet.org
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id l-4uokbDCPuC for <cfrg@ietfa.amsl.com>; Mon, 2 May 2016 00:05:12 -0700 (PDT)
Received: from mail-pa0-x235.google.com (mail-pa0-x235.google.com [IPv6:2607:f8b0:400e:c03::235]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D1D9B12B040 for <cfrg@irtf.org>; Mon, 2 May 2016 00:05:12 -0700 (PDT)
Received: by mail-pa0-x235.google.com with SMTP id iv1so70455393pac.2 for <cfrg@irtf.org>; Mon, 02 May 2016 00:05:12 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=azet.org; s=gmail; h=subject:mime-version:from:in-reply-to:date:cc:message-id:references :to; bh=5M/SgslUQO/iPWq0Y82Ww7AX8Nv7gUY57FcdK5RqS+c=; b=VQEjMgFldVyWe1XdIJ8ooTpUQurbdrVc+WZe8EqIqr4MzXYecwc5Ly+FKZOWhhfdFm VkPMNbPrNjzuYxwd23FqVDqo7Zf0c46eoX/diNhuubA/PujE29PoBrnQa6H4POdmOde6 j5D2YtQz2tGQOs3lgA4Rq43rEutH3tOPAaniY=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:subject:mime-version:from:in-reply-to:date:cc :message-id:references:to; bh=5M/SgslUQO/iPWq0Y82Ww7AX8Nv7gUY57FcdK5RqS+c=; b=QCnmrWfS8ZXFAS/XFmCAI32zZS65pXDZNgZsudvMVuhRk1EZK4DMmumdNNBhDM7BWZ EFefB4MTcV8ElK1BVd+nvXWvlanCKAf30Aff84aV0+3ZyfVD4fgPjmYjIJH6iKq0UuOk O8xFs8iuhsRWthFVJpuw1f77TTiRMHm6t2f1TM2fqfnm6/ww+Rq2HWb/Y8HwG4tfOG2+ +CKvJLwiOg3JNcgUjkr3oGYH0SAsY7k51G7cJA0y9h+wAB41FtkNhyw8GkLeSXX/qZf7 2r3DMuQF1Xu/eFQqj53blfSjsbkgLxW0WxkLw+wU8/DqxiPZS8SkI3jgoTRy8ULbPnqS XnUA==
X-Gm-Message-State: AOPr4FX4ZNUApOHKj1fm0yDtIF2cewFNNtEys59QxVWI5D8JJHZYBz/COoVRjJ/Q3s+DXA==
X-Received: by 10.66.175.110 with SMTP id bz14mr49442337pac.41.1462172712375; Mon, 02 May 2016 00:05:12 -0700 (PDT)
Received: from [192.168.1.234] (ppp-49-237-177-50.revip6.asianet.co.th. [49.237.177.50]) by smtp.gmail.com with ESMTPSA id 82sm42316139pfb.64.2016.05.02.00.05.10 (version=TLS1 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Mon, 02 May 2016 00:05:11 -0700 (PDT)
Mime-Version: 1.0 (Mac OS X Mail 9.2 \(3112\))
Content-Type: multipart/signed; boundary="Apple-Mail=_BB78E26B-AB66-46A3-9B81-4DA05AD61E29"; protocol="application/pgp-signature"; micalg=pgp-sha512
X-Pgp-Agent: GPGMail 2.6b2
From: Aaron Zauner <azet@azet.org>
In-Reply-To: <20160430152810.16190.qmail@cr.yp.to>
Date: Mon, 2 May 2016 14:05:04 +0700
Message-Id: <18CB4DBD-6075-4A3A-8DF2-F35171F09ADB@azet.org>
References: <20160430152810.16190.qmail@cr.yp.to>
To: "D. J. Bernstein" <djb@cr.yp.to>
X-Mailer: Apple Mail (2.3112)
Archived-At: <http://mailarchive.ietf.org/arch/msg/cfrg/vt0aRR-8d3ylCtOn0psv6efT-aw>
Cc: cfrg@irtf.org
Subject: Re: [Cfrg] Europe's "Quantum Manifesto" and QKD snake oil
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Mon, 02 May 2016 07:05:15 -0000

Hi,

> On 30 Apr 2016, at 22:28, D. J. Bernstein <djb@cr.yp.to> wrote:
> 
> There's a serious push---a draft manifesto endorsed by fairly high-level
> politicians and 1000 signatories---to get the European Commission to
> spend 1 billion EUR on "quantum technologies":
> 
>   http://qurope.eu/manifesto
> 
> I'm not sure how long the public-comment page will stay open:
> 
>   https://ec.europa.eu/futurium/en/content/quantum-manifesto-quantum-technologies-0
> 

Spot on comments, BTW.

> My understanding is that there's some interest in having CFRG become
> more proactive and systematic in publicly reviewing the security level
> of cryptographic technologies that are proposed _to IETF_. I realize
> that merely labeling something as a "quantum Internet" and telling
> people to spend huge amounts of money on it is not the same as making
> current proposals to IETF, but there does seem to be a large risk of
> future proposals to IETF, and maybe this justifies current CFRG action.

I'm not sure there will ever be any serious drafts to IETF w.r.t. QKD or quantum information/computation, as it seems to be entirely science fiction outside a lab setting. They may end up in the independent submissions stream (https://www.rfc-editor.org/about/independent/). Is anybody aware of existing publications or drafts in that direction within IETF/IRTF?

> Or maybe what this manifesto is illustrating is that the public
> cryptographic community needs to organize a bigger mechanism, outside
> any particular standardization organization, for systematic security
> evaluations (with some way of deciding priorities). Many current crypto
> failures can be traced to a denial-of-service attack against the public
> security-evaluation process---there are too many organizations with far
> too many crypto proposals for us to effectively review---and a more
> centralized process could help solve this.

JP Aumasson suggested a petition against this manifesto on Twitter yesterday, I think that would be a good idea -- if the signatories are well received cryptographers (and maybe even physicists).

Aaron