Re: [COSE] Comments on draft-ietf-cose-hash-sig-01
Stephen Farrell <stephen.farrell@cs.tcd.ie> Mon, 29 April 2019 23:04 UTC
Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: cose@ietfa.amsl.com
Delivered-To: cose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 280D31206EC for <cose@ietfa.amsl.com>; Mon, 29 Apr 2019 16:04:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.3
X-Spam-Level:
X-Spam-Status: No, score=-4.3 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cs.tcd.ie
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5kNeqF7rwu_o for <cose@ietfa.amsl.com>; Mon, 29 Apr 2019 16:04:20 -0700 (PDT)
Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C36811200DE for <cose@ietf.org>; Mon, 29 Apr 2019 16:04:19 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id 4856EBE64; Tue, 30 Apr 2019 00:04:16 +0100 (IST)
X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie
Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OWm6FFK3iFCJ; Tue, 30 Apr 2019 00:04:14 +0100 (IST)
Received: from [10.244.2.138] (95-45-153-252-dynamic.agg2.phb.bdt-fng.eircom.net [95.45.153.252]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id 571E3BE50; Tue, 30 Apr 2019 00:04:14 +0100 (IST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.tcd.ie; s=mail; t=1556579054; bh=/3NoEVBE83V3vIllCwUgBOYABJl+qLHXp4XguOM+Voo=; h=Subject:To:Cc:References:From:Date:In-Reply-To:From; b=Rg/FQ0uukCtDiEK7GSGxDnlrf7lTferarEyfRSNoKCNUaqkhtsUkl21nSi/17SSPY x4pztxLldFY4uNkl8XoB/VCikuYV2kTWScvZRJaJptQhLXkI+X2G8aqK9EzG/iDehX dA+JDozLPIwt0Q8Eh9nHewnDE5G6+an5IWw+BaC4=
To: Russ Housley <housley@vigilsec.com>, John Mattsson <john.mattsson@ericsson.com>
Cc: "cose@ietf.org" <cose@ietf.org>
References: <ED269B27-5C8D-4FC5-B763-08ED099314F7@ericsson.com> <0E85D28F-E211-45CA-A651-84D343B8AE94@vigilsec.com>
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Openpgp: id=5BB5A6EA5765D2C5863CAE275AB2FAF17B172BEA; url=
Autocrypt: addr=stephen.farrell@cs.tcd.ie; prefer-encrypt=mutual; keydata= mQINBFo9UDIBEADUH4ZPcUnX5WWRWO4kEkHea5Y5eEvZjSwe/YA+G0nrTuOU9nemCP5PMvmh 5Cg8gBTyWyN4Z2+O25p9Tja5zUb+vPMWYvOtokRrp46yhFZOmiS5b6kTq0IqYzsEv5HI58S+ QtaFq978CRa4xH9Gi9u4yzUmT03QNIGDXE37honcAM4MOEtEgvw4fVhVWJuyy3w//0F2tzKr EMjmL5VGuD/Q9+G/7abuXiYNNd9ZFjv4625AUWwy+pAh4EKzS1FE7BOZp9daMu9MUQmDqtZU bUv0Q+DnQAB/4tNncejJPz0p2z3MWCp5iSwHiQvytYgatMp34a50l6CWqa13n6vY8VcPlIqO Vz+7L+WiVfxLbeVqBwV+4uL9to9zLF9IyUvl94lCxpscR2kgRgpM6A5LylRDkR6E0oudFnJg b097ZaNyuY1ETghVB5Uir1GCYChs8NUNumTHXiOkuzk+Gs4DAHx/a78YxBolKHi+esLH8r2k 4LyM2lp5FmBKjG7cGcpBGmWavACYEa7rwAadg4uBx9SHMV5i33vDXQUZcmW0vslQ2Is02NMK 7uB7E7HlVE1IM1zNkVTYYGkKreU8DVQu8qNOtPVE/CdaCJ/pbXoYeHz2B1Nvbl9tlyWxn5Xi HzFPJleXc0ksb9SkJokAfwTSZzTxeQPER8la5lsEEPbU/cDTcwARAQABtDJTdGVwaGVuIEZh cnJlbGwgKDIwMTcpIDxzdGVwaGVuLmZhcnJlbGxAY3MudGNkLmllPokCQAQTAQgAKgIbAwUJ CZQmAAULCQgHAgYVCAkKCwIEFgIDAQIeAQIXgAUCWj6jdwIZAQAKCRBasvrxexcr6o7QD/9m x9DPJetmW794RXmNTrbTJ44zc/tJbcLdRBh0KBn9OW/EaAqjDmgNJeCMyJTKr1ywaps8HGUN hLEVkc14NUpgi4/Zkrbi3DmTp25OHj6wXBS5qVMyVynTMEIjOfeFFyxG+48od+Xn7qg6LT7G rHeNf+z/r0v9+8eZ1Ip63kshQDGhhpmRMKu4Ws9ZvTW2ACXkkTFaSGYJj3yIP4R6IgwBYGMz DXFX6nS4LA1s3pcPNxOgrvCyb60AiJZTLcOk/rRrpZtXB1XQc23ZZmrlTkl2HaThL6w3YKdi Ti1NbuMeOxZqtXcUshII45sANm4HuWNTiRh93Bn5bN6ddjgsaXEZBKUBuUaPBl7gQiQJcAlS 3MmGgVS4ZoX8+VaPGpXdQVFyBMRFlOKOC5XJESt7wY0RE2C8PFm+5eywSO/P1fkl9whkMgml 3OEuIQiP2ehRt/HVLMHkoM9CPQ7t6UwdrXrvX+vBZykav8x9U9M6KTgfsXytxUl6Vx5lPMLi 2/Jrsz6Mzh/IVZa3xjhq1OLFSI/tT2ji4FkJDQbO+yYUDhcuqfakDmtWLMxecZsY6O58A/95 8Qni6Xeq+Nh7zJ7wNcQOMoDGj+24di2TX1cKLzdDMWFaWzlNP5dB5VMwS9Wqj1Z6TzKjGjru q8soqohwb2CK9B3wzFg0Bs1iBI+2RuFnxLkCDQRaPVAyARAA+g3R0HzGr/Dl34Y07XqGqzq5 SU0nXIu9u8Ynsxj7gR5qb3HgUWYEWrHW2jHOByXnvkffucf5yzwrsvw8Q8iI8CFHiTYHPpey 4yPVn6R0w/FOMcY70eTIu/k6EEFDlDbs09DtKcrsT9bmN0XoRxITlXwWTufYqUnmS+YkAuk+ TLCtUin7OdaS2uU6Ata3PLQSeM2ZsUQMmYmHPwB9rmf+q2I005AJ9Q1SPQ2KNg/8xOGxo13S VuaSqYRQdpV93RuCOzg4vuXtR+gP0KQrus/P2ZCEPvU9cXF/2MIhXgOz207lv3iE2zGyNXld /n8spvWk+0bH5Zqd9Wcba/rGcBhmX9NKKDARZqjkv/zVEP1X97w1HsNYeUFNcg2lk9zQKb4v l1jx/Uz8ukzH2QNhU4R39dbF/4AwWuSVkGW6bTxHJqGs6YimbfdQqxTzmqFwz3JP0OtXX5q/ 6D4pHwcmJwEiDNzsBLl6skPSQ0Xyq3pua/qAP8MVm+YxCxJQITqZ8qjDLzoe7s9X6FLLC/DA L9kxl5saVSfDbuI3usH/emdtn0NA9/M7nfgih92zD92sl1yQXHT6BDa8xW1j+RU4P+E0wyd7 zgB2UeYgrp2IIcfG+xX2uFG5MJQ/nYfBoiALb0+dQHNHDtFnNGY3Oe8z1M9c5aDG3/s29QbJ +w7hEKKo9YMAEQEAAYkCJQQYAQgADwUCWj1QMgIbDAUJCZQmAAAKCRBasvrxexcr6qwvD/9b Rek3kfN8Q+jGrKl8qwY8HC5s4mhdDJZI/JP2FImf5J2+d5/e8UJ4fcsT79E0/FqX3Z9wZr6h sofPqLh1/YzDsYkZDHTYSGrlWGP/I5kXwUmFnBZHzM3WGrL3S7ZmCYMdudhykxXXjq7M6Do1 oxM8JofrXGtwBTLv5wfvvygJouVCVe87Ge7mCeY5vey1eUi4zSSF1zPpR6gg64w2g4TXM5qt SwkZVOv1g475LsGlYWRuJV8TA67yp1zJI7HkNqCo8KyHX0DPOh9c+Sd9ZX4aqKfqH9HIpnCL AYEgj7vofeix7gM3kQQmwynqq32bQGQBrKJEYp2vfeO30VsVx4dzuuiC5lyjUccVmw5D72J0 FlGrfEm0kw6D1qwyBg0SAMqamKN6XDdjhNAtXIaoA2UMZK/vZGGUKbqTgDdk0fnzOyb2zvXK CiPFKqIPAqKaDHg0JHdGI3KpQdRNLLzgx083EqEc6IAwWA6jSz+6lZDV6XDgF0lYqAYIkg3+ 6OUXUv6plMlwSHquiOc/MQXHfgUP5//Ra5JuiuyCj954FD+MBKIj8eWROfnzyEnBplVHGSDI ZLzL3pvV14dcsoajdeIH45i8DxnVm64BvEFHtLNlnliMrLOrk4shfmWyUqNlzilXN2BTFVFH 4MrnagFdcFnWYp1JPh96ZKjiqBwMv/H0kw==
Message-ID: <e0f43875-5940-a028-12d7-040b2b21dcad@cs.tcd.ie>
Date: Tue, 30 Apr 2019 00:04:12 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.6.1
MIME-Version: 1.0
In-Reply-To: <0E85D28F-E211-45CA-A651-84D343B8AE94@vigilsec.com>
Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="PGRoMjiDos31qPThoTLDEKqO8a1UhSeiZ"
Archived-At: <https://mailarchive.ietf.org/arch/msg/cose/rj-0bh9xUQXaSaLBdXbURzsOU9g>
Subject: Re: [COSE] Comments on draft-ietf-cose-hash-sig-01
X-BeenThere: cose@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: CBOR Object Signing and Encryption <cose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cose>, <mailto:cose-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cose/>
List-Post: <mailto:cose@ietf.org>
List-Help: <mailto:cose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cose>, <mailto:cose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 29 Apr 2019 23:04:23 -0000
Hi Russ, Sorry, I hadn't read this 'till just now, when the text below made me wonder. I don't get the logic for including most of the text in this draft (other than section 3, the samples and IANA stuff). Why would this draft be introducing Shor and LMS etc? That seems like a thing to be done by reference only. (It may make sense for the draft to include this text but for it to not be in an eventual RFC I guess.) S. On 29/04/2019 23:52, Russ Housley wrote: > John: > > I was revisiting an old comment from you. > >> - Section 1.1: I think some short info on the threat from Shor's algorithm would be good. I don't think [BH2013] talked about quantum computers. > > There are two major points in this section: advances in cryptanalysis and advances in the development of quantum computers. The presentation in [BH2103] is about advances in cryptanalysis, not quantum computers. > > Does this make that more clear? > > There have been recent advances in cryptanalysis and advances in the > development of quantum computers. Each of these advances pose a > threat to widely deployed digital signature algorithms. > > At Black Hat USA 2013, some researchers gave a presentation on the > current state of public key cryptography. They said: "Current > cryptosystems depend on discrete logarithm and factoring which has > seen some major new developments in the past 6 months" [BH2013]. Due > to advances in cryptanalysis, they encouraged preparation for a day > when RSA and DSA cannot be depended upon. > > Peter Shor showed that a large-scale quantum computer could be used > to factor a number in polynomial time [S1997], effectively > breaking RSA. If large-scale quantum computers are ever built, these > computers will be able to break many of the public-key cryptosystems > currently in use. A post-quantum cryptosystem [PQC] is a system that > is secure against quantum computers that have more than a trivial > number of quantum bits (qu-bits). It is open to conjecture when it > will be feasible to build such computers; however, RSA, DSA, ECDSA, > and EdDSA are all vulnerable if large-scale quantum computers come to > pass. > > The HSS/LMS signature algorithm does not depend on the difficulty of > discrete logarithm or factoring, as a result these algorithms are > considered to be post-quantum secure. > > Thanks, > Russ > > _______________________________________________ > COSE mailing list > COSE@ietf.org > https://www.ietf.org/mailman/listinfo/cose >
- [COSE] Comments on draft-ietf-cose-hash-sig-01 John Mattsson
- Re: [COSE] Comments on draft-ietf-cose-hash-sig-01 Russ Housley
- Re: [COSE] Comments on draft-ietf-cose-hash-sig-01 John Mattsson
- Re: [COSE] Comments on draft-ietf-cose-hash-sig-01 Russ Housley
- Re: [COSE] Comments on draft-ietf-cose-hash-sig-01 Russ Housley
- Re: [COSE] Comments on draft-ietf-cose-hash-sig-01 Stephen Farrell
- Re: [COSE] Comments on draft-ietf-cose-hash-sig-01 Russ Housley
- Re: [COSE] Comments on draft-ietf-cose-hash-sig-01 Stephen Farrell
- Re: [COSE] Comments on draft-ietf-cose-hash-sig-01 Russ Housley