Re: [pkix] [Cfrg] Applied Quantum Resistant Crypto
CJ Tjhai <cjt@post-quantum.com> Tue, 17 July 2018 20:08 UTC
Return-Path: <cjt@post-quantum.com>
X-Original-To: pkix@ietfa.amsl.com
Delivered-To: pkix@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 38320130F2D for <pkix@ietfa.amsl.com>; Tue, 17 Jul 2018 13:08:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.91
X-Spam-Level:
X-Spam-Status: No, score=-1.91 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, T_DKIMWL_WL_MED=-0.01] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=post-quantum-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id i2wDPLhuE1Ec for <pkix@ietfa.amsl.com>; Tue, 17 Jul 2018 13:08:31 -0700 (PDT)
Received: from mail-oi0-x22d.google.com (mail-oi0-x22d.google.com [IPv6:2607:f8b0:4003:c06::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3CB21130EBE for <pkix@ietf.org>; Tue, 17 Jul 2018 13:08:28 -0700 (PDT)
Received: by mail-oi0-x22d.google.com with SMTP id k12-v6so4412132oiw.8 for <pkix@ietf.org>; Tue, 17 Jul 2018 13:08:28 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=post-quantum-com.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=xRBSN/TKOQuGSc2Z1D3fHTvr6n3vJhEPBQplEN6u0qk=; b=WvgvR0Wg5XlaeS2Ofqq8OR+EdwpfMK5dlx72+gaXZUr3+Sww7YUTOLqMSOO4Rlj1dC CW1ig2Qozxo/FiGsT0PGcRWUkrjfg0wnw+yYSHSFtir3bcw9gu4COClw5TtDMngLyPer u87GyiKIISi46LdWuR6K3YOGQ+IN/0RacT5VW2OOn6W1uKPWBFn1tABPku85azD5CB6X RJLGWGDM6MjtMYoecfSmJ5nVcomuOJRotuL1zkQ3814aD+V8yaYx6aWvkR3ZNhGO2ScF ij+3saRVrMKIXcqq0Fv1qjaVFVwqSNgqq3PT4uTlpqeeFMFVyA8hY69v8+nKXNDCR0qf /thg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=xRBSN/TKOQuGSc2Z1D3fHTvr6n3vJhEPBQplEN6u0qk=; b=lbwYq8LufenXrnK2vD7kviOLuSMzCUBtpwjmj2l/yvsKm1wXC4y7CF/lLMgQ89og13 KKaBs1qHE7lVLDzH5p/jlnv1My5ojb0LyCMeBLxemwYMfwgCZMZBB+IGNrUS3+wgj+b8 +Vcri8Mo0Edf9t2uhAqYn/TVYFErSRZUw1vtvLgmowo6Qaz22say9LhfxkyxPIdhyof/ 7p09yIswD91Av5HjZPJeDXF44slTa4rKx9Sp/HQJOcEYGsA90r7BD0g4FDlOZD61EsKk bHTXv+fyHVoh1ro/uhKD3YU8b+O1pqDK4QMjsYNByAYfX6Yo2m9l5Ejsp9xi8gMfy+Zb F2Uw==
X-Gm-Message-State: AOUpUlH3DTCii1PSs+oxdDswCrz5SikDld81vq5W3JorvqsS4ZWdnaar xgBKoJnJ+OqZzZp02omEYn8fww+wMA2dZZdWhj2ThQ==
X-Google-Smtp-Source: AAOMgpcLDj316OhAeAgkQfyZsM0VkB/n5X5r1Q0KFqJzlBJerRkTi38UjGjgTr9cJ8cFicwPPJrvS+I4LhvFrrtBdnw=
X-Received: by 2002:aca:5d86:: with SMTP id r128-v6mr2974467oib.243.1531858107354; Tue, 17 Jul 2018 13:08:27 -0700 (PDT)
MIME-Version: 1.0
Received: by 2002:a9d:787:0:0:0:0:0 with HTTP; Tue, 17 Jul 2018 13:08:26 -0700 (PDT)
In-Reply-To: <42efe1a4-0532-dbb0-a21a-10120f6656b3@openca.org>
References: <42efe1a4-0532-dbb0-a21a-10120f6656b3@openca.org>
From: CJ Tjhai <cjt@post-quantum.com>
Date: Tue, 17 Jul 2018 21:08:26 +0100
Message-ID: <CANs=h-V=bx8V_SRFePZHUG=hd-giRb6vtyN6n2NivJB_QqdgVQ@mail.gmail.com>
To: "Dr. Pala" <director@openca.org>
Cc: "saag@ietf.org" <saag@ietf.org>, PKIX <pkix@ietf.org>, "cfrg@irtf.org" <cfrg@irtf.org>
Content-Type: multipart/related; boundary="0000000000005603ff0571378208"
Archived-At: <https://mailarchive.ietf.org/arch/msg/pkix/KyETCJeX18j5-tFHoMCXU-csfF0>
Subject: Re: [pkix] [Cfrg] Applied Quantum Resistant Crypto
X-BeenThere: pkix@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: PKIX Working Group <pkix.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pkix>, <mailto:pkix-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/pkix/>
List-Post: <mailto:pkix@ietf.org>
List-Help: <mailto:pkix-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pkix>, <mailto:pkix-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 17 Jul 2018 20:08:34 -0000
Hi Max, There is also an experimental work on hybrid post-quantum key-exchange for IKEv2 VPN. The work was done on a forked of strongSwan and it is available here: https://github.com/post-quantum/strongswan/commits/qske and it works on Linux, Android and OS X. It relies on the post-quantum libraries that is available at this repository: https://github.com/post-quantum/nistpqc, which contains a number of post-quantum algorithms submitted as part of NIST standardization. Not all submitted algorithms are included, but it's pretty straightforward to add additional ones. This experimental work implements version 00 of this IETF draft: https://datatracker.ietf.org/doc/draft-tjhai-ipsecme-hybrid-qske-ikev2/. We hope to update the experimental work once the draft is in a more mature state. Best regards, CJ On 17 July 2018 at 20:35, Dr. Pala <director@openca.org> wrote: > Hi all, > > I was wondering if there are people interested in setting up some sort of > discussion forum where to discuss the deployment (from a practical point of > view) for QRC in their systems. The intent here would be to share the > experiences, provide feedback, and possibly even share > implementations/references/etc. > > Moreover, being this quite a new field when it comes to real-world > applications, it would be interesting to understand the new requirements so > that we can plan for algorithm agility correctly and not having to go > through what we suffered in the past (and in some cases with current > protocols) to upgrade/switch among different schemes/algorithms. > > For example, some of the topics might include: > > - How to deploy PKI services > - Mixed environments considerations (QRC and "Traditional" Crypto) > - Mixed environments (stateful vs. stateless) > - Encryption and Key-Exchange for QRC - what are the options there (it > seems auth is well understood, but other problems are still open)? > - Are there implications for the deployment of PKIs we need to be > aware of and are not currently mentioned/addressed? > - Any real-world deployment out there (or plans for it)? > - Algorithm Agility, what to plan for? > - Applicability to Revocation Services > > Most of the activities to standardize QRC in CMS/SecFirmware/etc. that I > can see are related to the use of Stateful HASHSIG and I have not seen any > "standardization" activities around stateless schemes (e.g., SPHINCS), but > if I am wrong, please let me know (and if you could provide some > interesting links, that would be great). I think it would be useful to > understand how to practically deploy these new schemes and how to refine / > provide the building blocks required for their implementation and > deployment. > > Here's some references: > > Merkle Tree Signatures (Stateful): > > - https://datatracker.ietf.org/doc/draft-mcgrew-hash-sigs/ > - https://datatracker.ietf.org/doc/draft-housley-cms-mts-hash-sig/ > - https://www.ietf.org/id/draft-housley-suit-cose-hash-sig-04.txt > - https://datatracker.ietf.org/doc/rfc8391/ (XMSS) > - https://eprint.iacr.org/2018/063 (Viability of Post Quantum X.509 > Certs Paper) > > - Implementations: > - https://github.com/cisco/hash-sigs > > SPHINCS Related (Stateless): > > - https://sphincs.org/ > > - Implementations: > - https://sphincs.org/data/sphincs+-reference- > implementation-20180313.tar.bz2 > <https://sphincs.org/data/sphincs+-reference-implementation-20180313.tar.bz2> > > Other Relevant Links: > > - https://datatracker.ietf.org/doc/draft-truskovsky-lamps-pq- > hybrid-x509/ > - https://csrc.nist.gov/Projects/Post-Quantum-Cryptography > - http://test-pqpki.com/ > > I guess this is all for now - you can reply privately at the following > addresses: > > director@openca.org > m.pala@cablelabs.com > > Thanks, > Max > -- > Best Regards, > Massimiliano Pala, Ph.D. > OpenCA Labs Director > [image: OpenCA Logo] > > _______________________________________________ > Cfrg mailing list > Cfrg@irtf.org > https://www.irtf.org/mailman/listinfo/cfrg > >
- [pkix] Applied Quantum Resistant Crypto Dr. Pala
- Re: [pkix] [Cfrg] Applied Quantum Resistant Crypto CJ Tjhai
- Re: [pkix] [saag] Applied Quantum Resistant Crypto Diego R. Lopez
- Re: [pkix] Applied Quantum Resistant Crypto Wirth, Klaus-Dieter