IETF Logo Mail Archive

Re: [Cfrg] Fwd: I-D Action: draft-yonezawa-pairing-friendly-curves-01.txt

Peter Gutmann <pgut001@cs.auckland.ac.nz> Tue, 02 April 2019 06:18 UTC

Return-Path: <pgut001@cs.auckland.ac.nz>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 74481120058 for <cfrg@ietfa.amsl.com>; Mon, 1 Apr 2019 23:18:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.2
X-Spam-Level:
X-Spam-Status: No, score=-4.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_MED=-2.3] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=auckland.ac.nz
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OWYoJyN9ofr8 for <cfrg@ietfa.amsl.com>; Mon, 1 Apr 2019 23:18:45 -0700 (PDT)
Received: from mx4-int.auckland.ac.nz (mx4-int.auckland.ac.nz [130.216.125.246]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CBA1F12001E for <cfrg@irtf.org>; Mon, 1 Apr 2019 23:18:44 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=auckland.ac.nz; i=@auckland.ac.nz; q=dns/txt; s=mail; t=1554185925; x=1585721925; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=kbsJZejrzBIQH+hL8ybuijJ/tBb4N9NiFjuHKHlnuQs=; b=XtjJBDbJQkpwjzI1MoOiyqcuREJ4toyqNAK4D/RqJR9sTDQEd4dZNJzD HZ+q1l2H6NzSMFkyx3omYJjiXTQjNvB6Ktilwtdr9NGhQXiWbU8AfjVs4 vAeUTkzYhbh7XWBMJVDUdgQjNOtnh6hpfKQnFbVVz3SXn/VIB9n09v0E5 cIdCLh7zSDf9kL5FWSlthDZUg2u7O6Mr4iVFMeWWANdmKumyIcUfYe2iD 2yfUZgBENvr6jgH9AQtSwrpD3np2Ro44JPzePlVUq/vkhAuDoLsMf+h+A wAvdPkSEZqoQPhX82ccFKRsvOCdhkHWKSsB+l9LNQHNiBgWCCUmpD1ETg Q==;
X-IronPort-AV: E=Sophos;i="5.60,298,1549882800"; d="scan'208";a="54105813"
X-Ironport-HAT: MAIL-SERVERS - $RELAYED
X-Ironport-Source: 10.6.3.9 - Outgoing - Outgoing
Received: from uxcn13-tdc-e.uoa.auckland.ac.nz ([10.6.3.9]) by mx4-int.auckland.ac.nz with ESMTP/TLS/AES256-SHA; 02 Apr 2019 19:18:40 +1300
Received: from uxcn13-ogg-d.UoA.auckland.ac.nz (10.6.2.5) by uxcn13-tdc-e.UoA.auckland.ac.nz (10.6.3.9) with Microsoft SMTP Server (TLS) id 15.0.1395.4; Tue, 2 Apr 2019 19:18:40 +1300
Received: from uxcn13-ogg-d.UoA.auckland.ac.nz ([10.6.2.5]) by uxcn13-ogg-d.UoA.auckland.ac.nz ([10.6.2.5]) with mapi id 15.00.1395.000; Tue, 2 Apr 2019 19:18:40 +1300
From: Peter Gutmann <pgut001@cs.auckland.ac.nz>
To: "Blumenthal, Uri - 0553 - MITLL" <uri@ll.mit.edu>
CC: CFRG <cfrg@irtf.org>
Thread-Topic: [Cfrg] Fwd: I-D Action: draft-yonezawa-pairing-friendly-curves-01.txt
Thread-Index: AQHU2YhHElp7qJVa306c7sp7VaiA0aYKZlUAgAA63ACABtxrAIACXiwAgAwGegCAAD6YAP//creAgAEMZwCAAWPLAIAAENIAgATQZgCAAARKgIAAL2WAgAEVMb///15bAIAA94rE
Date: Tue, 02 Apr 2019 06:18:39 +0000
Message-ID: <1554185903715.11087@cs.auckland.ac.nz>
References: <155231848866.23086.9976784460361189399@ietfa.amsl.com> <737ea2b3-74e3-d02e-a44d-c44cca5db036@lepidum.co.jp> <CAEseHRrSiJ72tQepyTiL=pSBcRRLGXhnJyy_QzOubWax+v=Ntw@mail.gmail.com> <CAEseHRqh4d0VaeSaj4CWr_ZxJbbpm33ZaLF-aYGBjVowFNLFeQ@mail.gmail.com> <c57bbf7b-3177-eb64-a3c0-26842fccbb89@lepidum.co.jp> <CAEseHRrVomCo6KD7gidCRBzKJDzFZRQ+q0+PjfBr8tQT4dVpMQ@mail.gmail.com> <b016d1f6-68e4-9728-c738-ab72c593dfd1@lepidum.co.jp> <CAEseHRoLGFbf74HT9n2beryc9Liqf2Hz+_rh-yo6Q8hNqwCvNQ@mail.gmail.com> <CAMCcN7RTQU=a+SYVkGUHZ4enOhkA9j9i6ivMRDUwb+aXPZ9hBg@mail.gmail.com> <7AE82BE8-768D-4B70-B7F1-EAF6894E428E@ll.mit.edu> <9CABDAD4-AAB7-46BF-BED7-6A917F828F11@inf.ethz.ch> <27F5D9B6-A44D-4A12-B81D-C4FB01052113@ll.mit.edu> <810C31990B57ED40B2062BA10D43FBF501DB4A31@XMB116CNC.rim.net> <B79CBA86-3C81-4973-84C2-7DAD7B659CB4@ericsson.com> <CADPMZDCHgsP6=ssJymeoq7RP1eshWf4zk+N9Cf1DY-fk+ntCgA@mail.gmail.com> <1554167337418.62603@cs.auckland.ac.nz>, <1A5915E5-E50A-426E-B8F5-6CCCA47AB392@ll.mit.edu>
In-Reply-To: <1A5915E5-E50A-426E-B8F5-6CCCA47AB392@ll.mit.edu>
Accept-Language: en-NZ, en-GB, en-US
Content-Language: en-NZ
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [130.216.158.4]
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/xTpa8Cjy1zuPYmyr6Nsj_elOOqw>
Subject: Re: [Cfrg] Fwd: I-D Action: draft-yonezawa-pairing-friendly-curves-01.txt
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Tue, 02 Apr 2019 06:18:48 -0000

Blumenthal, Uri - 0553 - MITLL <uri@ll.mit.edu> writes:

>Do you think then, that quantum computers capable of threatening, e.g., ECC,
>won't come in the next 50 years or so, if at all?

>From the existing data we've got, yes.

  Someone may or may not build a cryptanalysis-capable quantum computer,
  someone may or may not prove/disprove one of the many mathematical
  assumptions underlying our cryptosystems, space aliens may land and tell us
  that what we're using is the sort of crypto that newly-hatched space spawn
  solve as basic homework exercises, or any other kind of fantastic event may
  or may not occur, but what will definitely happen is that attackers will use
  trojan-horse software to steal keys, take advantage of software bugs, employ
  side-channel attacks, backdoor the crypto, and perform a million other
  actual attacks that are being used right now.

  It doesn't matter whether you can build a magic quantum computer or not when
  another process in the system can suck your crypto keys right out of memory.
  It's not magical attacks from the future that you need to worry about, it's
  real attacks from right now.

Having said that, it doesn't mean cryptographers won't invest vast amounts of
time and effort into PQC.  It's a cool chance to reset the crypto world and
start again with entirely new designs, which is always fun to do.  There's
entire conference tracks just waiting to be held on all this, new journals,
research funding, government contracts, the sky's the limit.

Peter.

v2.23.0 | Report a Bug | By Email