IETF Logo Mail Archive

Re: [jose] Support PQC in JOSE

Stephen Farrell <stephen.farrell@cs.tcd.ie> Mon, 01 February 2016 15:37 UTC

Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 91C311ACEB0 for <jose@ietfa.amsl.com>; Mon, 1 Feb 2016 07:37:05 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.847
X-Spam-Level:
X-Spam-Status: No, score=-1.847 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FRT_ADOBE2=2.455, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kllxwCOWQO8t for <jose@ietfa.amsl.com>; Mon, 1 Feb 2016 07:37:03 -0800 (PST)
Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4D7091ACEB2 for <jose@ietf.org>; Mon, 1 Feb 2016 07:37:03 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id AB8E3BE7D; Mon, 1 Feb 2016 15:37:01 +0000 (GMT)
Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id a4Puyol0LUNf; Mon, 1 Feb 2016 15:37:01 +0000 (GMT)
Received: from [134.226.36.93] (bilbo.dsg.cs.tcd.ie [134.226.36.93]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id 3451ABE7C; Mon, 1 Feb 2016 15:37:01 +0000 (GMT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.tcd.ie; s=mail; t=1454341021; bh=bk5O28k0n54KFvWgiDQTdBNib8lRxiS0fViiKQVwJAo=; h=Subject:To:References:From:Date:In-Reply-To:From; b=LSP9pNYmFNOrWPe4o9iMoYofW3zvKwj2sGAfjmhvrdt0s62vbieE9HyGxRR+3Kg9p JHBkudURvkkYcDRodx0gWZYb0I8Tj3DVySylYPfK+rpb7fFNxR9DcYngeV5fTwrouI TPEc+gV/nx8uuIs+QZl2Ibp75Q/uSuC8n4bzFA6w=
To: Antonio Sanso <asanso@adobe.com>, "jose@ietf.org" <jose@ietf.org>
References: <69E1ACAC-AAEE-49D8-953F-FAE3649EB3D2@adobe.com> <30A36E2A-2263-4F5A-A093-3D54B3842E8F@adobe.com>
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Openpgp: id=D66EA7906F0B897FB2E97D582F3C8736805F8DA2; url=
Message-ID: <56AF7B9D.5020807@cs.tcd.ie>
Date: Mon, 01 Feb 2016 15:37:01 +0000
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.5.1
MIME-Version: 1.0
In-Reply-To: <30A36E2A-2263-4F5A-A093-3D54B3842E8F@adobe.com>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/jose/V7SRvQM4lKHoJdGUwVO6jUTA8Nk>
Subject: Re: [jose] Support PQC in JOSE
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/jose/>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 01 Feb 2016 15:37:05 -0000

The IRTF's CFRG [1] are at the beginning of considering PQC
so I'd say discussion would be much better off there and not
(yet) in the IETF. IMO none of the PQC schemes are ready for
prime-time right now, so CFRG is a much better venue.

Cheers,
S.

[1] https://irtf.org/cfrg

On 01/02/16 09:50, Antonio Sanso wrote:
> ops it look like I kind of fat fingered , meant 
> 
> A quantum computer will break totally this (thanks to Shor's algorithm).
> 
> On Feb 1, 2016, at 10:27 AM, Antonio Sanso <asanso@adobe.com> wrote:
> 
>> hi *,
>>
>> I know that this might sounds a bit crazy but I think that is time to kind of think about Post Quantum Cryptography (and JOSE should not be left out).
>> But let me rewind a bit. 
>> According to the last research (done from IBM et al) and NSA suggestions, having a quantum computer is “only” 8/15 years from now (maybe earlier)
>> Taking as example JWS it support RSA signature. A quantum computer will break computer will break totally this (thanks to Show algorithms).
>> Thinking about start to expand JWS specification to use some of the PQC is not so inimmaginable IMHO.
>> For example having JWS supporting Hash based signatures would be a great move (always IMHO :)) for JOSE and JWS. 
>>
>> WDYT?
>>
>> antonio
>>
>> P.S. a great post about Hash based signatures and Merkle tree is at https://www.imperialviolet.org/2013/07/18/hashsig.html
>> _______________________________________________
>> jose mailing list
>> jose@ietf.org
>> https://www.ietf.org/mailman/listinfo/jose
> 
> _______________________________________________
> jose mailing list
> jose@ietf.org
> https://www.ietf.org/mailman/listinfo/jose
>

v2.23.0 | Report a Bug | By Email