Re: [jose] Support PQC in JOSE
Anders Rundgren <anders.rundgren.net@gmail.com> Mon, 01 February 2016 15:24 UTC
Return-Path: <anders.rundgren.net@gmail.com>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9E84F1ACDE8 for <jose@ietfa.amsl.com>; Mon, 1 Feb 2016 07:24:36 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZuDgXbL6A9nu for <jose@ietfa.amsl.com>; Mon, 1 Feb 2016 07:24:33 -0800 (PST)
Received: from mail-wm0-x22a.google.com (mail-wm0-x22a.google.com [IPv6:2a00:1450:400c:c09::22a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 761781ACDE6 for <jose@ietf.org>; Mon, 1 Feb 2016 07:24:32 -0800 (PST)
Received: by mail-wm0-x22a.google.com with SMTP id p63so76432792wmp.1 for <jose@ietf.org>; Mon, 01 Feb 2016 07:24:32 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=subject:to:references:from:message-id:date:user-agent:mime-version :in-reply-to:content-type:content-transfer-encoding; bh=AU/3wteYhLAaWwDjsc68g5KM8/EFPHLgPD3/HPjuk6I=; b=xjzEfh0bw6yzGMAx0f85r0W8/r9L9EEgz4ar9q1xapuihLvbbbBodk6WEZkm5X+Bwo cJXU1cyB1etK1pCDgesHqqhwvb2aStVPPXRrGDgtC5whABLGdlKmD140tb37NolyKDWx QWCarG7ILf7/dV0Z045Xd/zUT/DMp21Amj+PN2bE0u7lDe2O8cCK9lsquKzqLtTPuO/L KVFP2+fBnkOzlKBdq9HabILPa0/X/VNy6/JV3WvPmfrg3uquzBdDqAVFuUbtQtIpVlWQ H7Fcf+O52OAtiitqaGY44DL5RAY1/3Am1O/VwevHn0TGtSJhpgJyxuWT2ActBb3E7s9r IK2w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:subject:to:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-type :content-transfer-encoding; bh=AU/3wteYhLAaWwDjsc68g5KM8/EFPHLgPD3/HPjuk6I=; b=Hy2Wj0bMYVJ7aQvPPoN9SmBrUT3ZzNZLYYfjeGJqxTQ+EGOx8Q+BbTMhZEqWlnbaS0 9uWyj8lj2jaturKTpqOjg5P2q6o/qUtnFmwR+xAbGUZFHo59S+emfe0DwLF7fVDLMaOd VjdygwGnENOJrqBxkm/WBifSmUZ9jKO3892ZG+DB8chLZOfew3OSXZCUAWARk4yrneeX pQKdhTc4aGDYZdkenmFF9hsBTx+B+YFinkNzjrtyD2fMFcA07VJLW3Gta6DjP9h6OaRU KA9sZ+Qn3cvLHwtCnV35liE6idlbHNUf5V8eB4okBeWSJ7Yl4l1jIuPNDjCbLv8LqPcb PghQ==
X-Gm-Message-State: AG10YOS5L9s49s1B2DgWpiWhV/bTm726vybNa/OymQntK4a519dJBU6NSTteO60DMJ16SA==
X-Received: by 10.28.59.136 with SMTP id i130mr13250722wma.12.1454340271028; Mon, 01 Feb 2016 07:24:31 -0800 (PST)
Received: from [192.168.1.79] (9.197.130.77.rev.sfr.net. [77.130.197.9]) by smtp.googlemail.com with ESMTPSA id w136sm11983036wmw.0.2016.02.01.07.24.29 (version=TLSv1/SSLv3 cipher=OTHER); Mon, 01 Feb 2016 07:24:29 -0800 (PST)
To: Antonio Sanso <asanso@adobe.com>, "jose@ietf.org" <jose@ietf.org>
References: <69E1ACAC-AAEE-49D8-953F-FAE3649EB3D2@adobe.com>
From: Anders Rundgren <anders.rundgren.net@gmail.com>
Message-ID: <56AF789C.4050302@gmail.com>
Date: Mon, 01 Feb 2016 16:24:12 +0100
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:38.0) Gecko/20100101 Thunderbird/38.5.1
MIME-Version: 1.0
In-Reply-To: <69E1ACAC-AAEE-49D8-953F-FAE3649EB3D2@adobe.com>
Content-Type: text/plain; charset="windows-1252"; format="flowed"
Content-Transfer-Encoding: 8bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/jose/RASkNJ8_BMKCKAJu8tAu9OG0xJw>
Subject: Re: [jose] Support PQC in JOSE
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/jose/>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 01 Feb 2016 15:24:36 -0000
On 2016-02-01 10:27, Antonio Sanso wrote: > hi *, > > I know that this might sounds a bit crazy but I think that is time to kind of think about Post Quantum Cryptography (and JOSE should not be left out). > But let me rewind a bit. > According to the last research (done from IBM et al) and NSA suggestions, having a quantum computer is “only” 8/15 years from now (maybe earlier) > Taking as example JWS it support RSA signature. A quantum computer will break computer will break totally this (thanks to Show algorithms). > Thinking about start to expand JWS specification to use some of the PQC is not so inimmaginable IMHO. > For example having JWS supporting Hash based signatures would be a great move (always IMHO :)) for JOSE and JWS. > > WDYT? I'm a complete n00b when it comes to PQC but if the scheme you suggested https://en.wikipedia.org/wiki/Merkle_signature_scheme is considered useful, it shouldn't be particularly difficult to implement. If I interpret this correctly, you would have to regenerate signature keys quite frequently which requires a specific infrastructure to work. OTOH, short-lived keys are actually quite handy in more traditional systems as well so this is definitely worth investigating. Clear text signature schemes like JCS should be ideally suited for PQC since signature data seems to become the major part of a signed object. Anders > > antonio > > P.S. a great post about Hash based signatures and Merkle tree is at https://www.imperialviolet.org/2013/07/18/hashsig.html > _______________________________________________ > jose mailing list > jose@ietf.org > https://www.ietf.org/mailman/listinfo/jose >
- [jose] Support PQC in JOSE Antonio Sanso
- Re: [jose] Support PQC in JOSE Antonio Sanso
- Re: [jose] Support PQC in JOSE Anders Rundgren
- Re: [jose] Support PQC in JOSE Stephen Farrell
- Re: [jose] Support PQC in JOSE Antonio Sanso