[pkix] Applied Quantum Resistant Crypto
"Dr. Pala" <director@openca.org> Tue, 17 July 2018 19:35 UTC
Return-Path: <director@openca.org>
X-Original-To: pkix@ietfa.amsl.com
Delivered-To: pkix@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 65363130E21; Tue, 17 Jul 2018 12:35:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.89
X-Spam-Level:
X-Spam-Status: No, score=-1.89 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, SPF_PASS=-0.001, T_HK_NAME_DR=0.01] autolearn=unavailable autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sBSDTfy_Erls; Tue, 17 Jul 2018 12:35:21 -0700 (PDT)
Received: from mail.katezarealty.com (mail.katezarealty.com [104.168.158.213]) by ietfa.amsl.com (Postfix) with ESMTP id B5A2C12F295; Tue, 17 Jul 2018 12:35:20 -0700 (PDT)
Received: from localhost (unknown [127.0.0.1]) by mail.katezarealty.com (Postfix) with ESMTP id 6DC393741029; Tue, 17 Jul 2018 19:35:20 +0000 (UTC)
X-Virus-Scanned: amavisd-new at katezarealty.com
Received: from mail.katezarealty.com ([127.0.0.1]) by localhost (mail.katezarealty.com [127.0.0.1]) (amavisd-new, port 10024) with LMTP id 4EXKXxUMFHuY; Tue, 17 Jul 2018 15:35:06 -0400 (EDT)
Received: from dhcp-8f30.meeting.ietf.org (dhcp-8f30.meeting.ietf.org [31.133.143.48]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.katezarealty.com (Postfix) with ESMTPSA id 442B93740FF1; Tue, 17 Jul 2018 15:35:06 -0400 (EDT)
To: "saag@ietf.org" <saag@ietf.org>, PKIX <pkix@ietf.org>, "cfrg@irtf.org" <cfrg@irtf.org>
From: "Dr. Pala" <director@openca.org>
Organization: OpenCA Labs
Message-ID: <42efe1a4-0532-dbb0-a21a-10120f6656b3@openca.org>
Date: Tue, 17 Jul 2018 15:35:05 -0400
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:52.0) Gecko/20100101 Thunderbird/52.9.1
MIME-Version: 1.0
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg="sha-256"; boundary="------------ms010402040602000007050205"
Archived-At: <https://mailarchive.ietf.org/arch/msg/pkix/ofTRcZ_Ue7W7R3NVN98qT5M4-H8>
Subject: [pkix] Applied Quantum Resistant Crypto
X-BeenThere: pkix@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: PKIX Working Group <pkix.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pkix>, <mailto:pkix-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/pkix/>
List-Post: <mailto:pkix@ietf.org>
List-Help: <mailto:pkix-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pkix>, <mailto:pkix-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 17 Jul 2018 19:35:26 -0000
Hi all, I was wondering if there are people interested in setting up some sort of discussion forum where to discuss the deployment (from a practical point of view) for QRC in their systems. The intent here would be to share the experiences, provide feedback, and possibly even share implementations/references/etc. Moreover, being this quite a new field when it comes to real-world applications, it would be interesting to understand the new requirements so that we can plan for algorithm agility correctly and not having to go through what we suffered in the past (and in some cases with current protocols) to upgrade/switch among different schemes/algorithms. For example, some of the topics might include: * How to deploy PKI services * Mixed environments considerations (QRC and "Traditional" Crypto) * Mixed environments (stateful vs. stateless) * Encryption and Key-Exchange for QRC - what are the options there (it seems auth is well understood, but other problems are still open)? * Are there implications for the deployment of PKIs we need to be aware of and are not currently mentioned/addressed? * Any real-world deployment out there (or plans for it)? * Algorithm Agility, what to plan for? * Applicability to Revocation Services Most of the activities to standardize QRC in CMS/SecFirmware/etc. that I can see are related to the use of Stateful HASHSIG and I have not seen any "standardization" activities around stateless schemes (e.g., SPHINCS), but if I am wrong, please let me know (and if you could provide some interesting links, that would be great). I think it would be useful to understand how to practically deploy these new schemes and how to refine / provide the building blocks required for their implementation and deployment. Here's some references: Merkle Tree Signatures (Stateful): * https://datatracker.ietf.org/doc/draft-mcgrew-hash-sigs/ * https://datatracker.ietf.org/doc/draft-housley-cms-mts-hash-sig/ * https://www.ietf.org/id/draft-housley-suit-cose-hash-sig-04.txt * https://datatracker.ietf.org/doc/rfc8391/ (XMSS) * https://eprint.iacr.org/2018/063 (Viability of Post Quantum X.509 Certs Paper) * Implementations: o https://github.com/cisco/hash-sigs SPHINCS Related (Stateless): * https://sphincs.org/ * Implementations: o https://sphincs.org/data/sphincs+-reference-implementation-20180313.tar.bz2 Other Relevant Links: * https://datatracker.ietf.org/doc/draft-truskovsky-lamps-pq-hybrid-x509/ * https://csrc.nist.gov/Projects/Post-Quantum-Cryptography * http://test-pqpki.com/ I guess this is all for now - you can reply privately at the following addresses: director@openca.org m.pala@cablelabs.com Thanks, Max -- Best Regards, Massimiliano Pala, Ph.D. OpenCA Labs Director OpenCA Logo
- [pkix] Applied Quantum Resistant Crypto Dr. Pala
- Re: [pkix] [Cfrg] Applied Quantum Resistant Crypto CJ Tjhai
- Re: [pkix] [saag] Applied Quantum Resistant Crypto Diego R. Lopez
- Re: [pkix] Applied Quantum Resistant Crypto Wirth, Klaus-Dieter