Re: [Pqc] Mapping the state of PQC and IETF - ssh
"Kampanakis, Panos" <kpanos@amazon.com> Wed, 01 March 2023 16:24 UTC
Return-Path: <prvs=41718d255=kpanos@amazon.com>
X-Original-To: pqc@ietfa.amsl.com
Delivered-To: pqc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 52792C151545 for <pqc@ietfa.amsl.com>; Wed, 1 Mar 2023 08:24:58 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -11.9
X-Spam-Level:
X-Spam-Status: No, score=-11.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, USER_IN_DEF_SPF_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=amazon.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xQw9zhzhwO3y for <pqc@ietfa.amsl.com>; Wed, 1 Mar 2023 08:24:57 -0800 (PST)
Received: from smtp-fw-6001.amazon.com (smtp-fw-6001.amazon.com [52.95.48.154]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 77B61C14CEFC for <pqc@ietf.org>; Wed, 1 Mar 2023 08:24:57 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amazon.com; i=@amazon.com; q=dns/txt; s=amazon201209; t=1677687898; x=1709223898; h=from:to:cc:date:message-id:references:in-reply-to: mime-version:subject; bh=9hfh453l9+O77vLGQ1uXWR4bsWOYTciWrVCUvLPwPko=; b=m406I5do61Po7sYsZCHmDvLR3o0/0VU+AtpWiktssmJbizyJLlRNbI/0 wLGlYFFt5oaG/YNG8Elx5LISl6i/075IiCnF6R3JU8nYGNpXWgjuMeHDI m0uxUZwAd1PihsWLPOSNIgOVm3NDqFGSGPBgWXuFgheT1rJExCgFIgY8I k=;
X-IronPort-AV: E=Sophos;i="5.98,225,1673913600"; d="scan'208,217";a="304357439"
Thread-Topic: [Pqc] Mapping the state of PQC and IETF - ssh
Received: from iad12-co-svc-p1-lb1-vlan2.amazon.com (HELO email-inbound-relay-pdx-2a-m6i4x-21d8d9f4.us-west-2.amazon.com) ([10.43.8.2]) by smtp-border-fw-6001.iad6.amazon.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Mar 2023 16:24:54 +0000
Received: from EX13MTAUWB002.ant.amazon.com (pdx1-ws-svc-p6-lb9-vlan2.pdx.amazon.com [10.236.137.194]) by email-inbound-relay-pdx-2a-m6i4x-21d8d9f4.us-west-2.amazon.com (Postfix) with ESMTPS id D5BA581CEF; Wed, 1 Mar 2023 16:24:52 +0000 (UTC)
Received: from EX19D001ANA001.ant.amazon.com (10.37.240.156) by EX13MTAUWB002.ant.amazon.com (10.43.161.202) with Microsoft SMTP Server (TLS) id 15.0.1497.45; Wed, 1 Mar 2023 16:24:52 +0000
Received: from EX19D001ANA001.ant.amazon.com (10.37.240.156) by EX19D001ANA001.ant.amazon.com (10.37.240.156) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1118.24; Wed, 1 Mar 2023 16:24:51 +0000
Received: from EX19D001ANA001.ant.amazon.com ([fe80::4f78:75cd:3117:8055]) by EX19D001ANA001.ant.amazon.com ([fe80::4f78:75cd:3117:8055%5]) with mapi id 15.02.1118.024; Wed, 1 Mar 2023 16:24:51 +0000
From: "Kampanakis, Panos" <kpanos@amazon.com>
To: Bas Westerbaan <bas=40cloudflare.com@dmarc.ietf.org>
CC: "pqc@ietf.org" <pqc@ietf.org>
Thread-Index: AQHZTFEM5QFZ+qtCCkuhKdBAufrIy67mDtNg
Date: Wed, 01 Mar 2023 16:24:50 +0000
Message-ID: <0001a8f270d044788a84bae1e31c6262@amazon.com>
References: <667bd090-1a3e-82d0-f663-8950fcd6dd38@riseup.net> <CH0PR11MB5739F3AA7FB5C3E808B1699A9FAC9@CH0PR11MB5739.namprd11.prod.outlook.com> <CH0PR11MB5739D19B472801B58D70900B9FAC9@CH0PR11MB5739.namprd11.prod.outlook.com> <dcbfda5a-3bda-ce06-129e-93b9a164bd86@gmail.com> <28c503bff662497381ac87063106ce96@amazon.com> <CAMjbhoWT2Xf_+FCE8cPsHT80+D=AzFgWXLJUanQuuJYuMPqD_A@mail.gmail.com>
In-Reply-To: <CAMjbhoWT2Xf_+FCE8cPsHT80+D=AzFgWXLJUanQuuJYuMPqD_A@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.37.240.172]
Content-Type: multipart/alternative; boundary="_000_0001a8f270d044788a84bae1e31c6262amazoncom_"
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/pqc/5vkNRrOXtaam_TXqC4-x3TJnBpc>
Subject: Re: [Pqc] Mapping the state of PQC and IETF - ssh
X-BeenThere: pqc@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Post Quantum Cryptography discussion list <pqc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pqc>, <mailto:pqc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/pqc/>
List-Post: <mailto:pqc@ietf.org>
List-Help: <mailto:pqc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pqc>, <mailto:pqc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 01 Mar 2023 16:24:58 -0000
Hi Bas, True, but we need a few years until a module will be able to validate its Kyber implementation. Someone needing quantum-safe FIPS compliance today could just do P256+Kyber. From: Pqc <pqc-bounces@ietf.org> On Behalf Of Bas Westerbaan Sent: Wednesday, March 1, 2023 10:17 AM To: Kampanakis, Panos <kpanos=40amazon.com@dmarc.ietf.org> Cc: Alexandre Petrescu <alexandre.petrescu@gmail.com>; pqc@ietf.org Subject: RE: [EXTERNAL][Pqc] Mapping the state of PQC and IETF - ssh CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you can confirm the sender and know the content is safe. OpenSSH currently does not support ECDH+PQ for "quantum-safe FIPS" compliance. Once NIST puts the bow on Kyber, Kyber+Anything, eg, Kyber+x25519 will be FIPS. Best, Bas
- [Pqc] Mapping the state of PQC and IETF Sofía Celi
- Re: [Pqc] [Ext] Mapping the state of PQC and IETF Paul Hoffman
- Re: [Pqc] [Ext] Mapping the state of PQC and IETF Alexandre Petrescu
- Re: [Pqc] [Ext] Mapping the state of PQC and IETF Behcet Sarikaya
- Re: [Pqc] Mapping the state of PQC and IETF Rebecca Guthrie
- Re: [Pqc] [Ext] Mapping the state of PQC and IETF Paul Hoffman
- Re: [Pqc] Mapping the state of PQC and IETF John Gray
- Re: [Pqc] [EXTERNAL] Mapping the state of PQC and… Mike Ounsworth
- Re: [Pqc] [EXTERNAL] Mapping the state of PQC and… Mike Ounsworth
- Re: [Pqc] [Ext] [EXTERNAL] Mapping the state of P… Paul Hoffman
- Re: [Pqc] [EXTERNAL] Mapping the state of PQC and… Hannes Tschofenig
- Re: [Pqc] Mapping the state of PQC and IETF Kampanakis, Panos
- Re: [Pqc] Mapping the state of PQC and IETF Hannes Tschofenig
- Re: [Pqc] [EXTERNAL] Mapping the state of PQC and… Alexandre Petrescu
- Re: [Pqc] Mapping the state of PQC and IETF - ssh Kampanakis, Panos
- Re: [Pqc] Mapping the state of PQC and IETF - ssh Bas Westerbaan
- Re: [Pqc] Mapping the state of PQC and IETF - ssh Kampanakis, Panos
- Re: [Pqc] Mapping the state of PQC and IETF - ssh Behcet Sarikaya
- Re: [Pqc] Mapping the state of PQC and IETF - ssh Bas Westerbaan
- Re: [Pqc] Mapping the state of PQC and IETF Sofía Celi
- Re: [Pqc] [Ext] [EXTERNAL] Mapping the state of P… Sofía Celi
- Re: [Pqc] Mapping the state of PQC and IETF Sofía Celi
- Re: [Pqc] [Ext] [EXTERNAL] Mapping the state of P… Mike Ounsworth
- Re: [Pqc] Mapping the state of PQC and IETF - ssh D. J. Bernstein
- Re: [Pqc] Mapping the state of PQC and IETF - ssh Eric Rescorla
- Re: [Pqc] Mapping the state of PQC and IETF - ssh Alexandre Petrescu
- Re: [Pqc] Mapping the state of PQC and IETF - ssh D. J. Bernstein
- Re: [Pqc] Mapping the state of PQC and IETF - ssh Alexandre Petrescu
- Re: [Pqc] Mapping the state of PQC and IETF - ssh D. J. Bernstein
- Re: [Pqc] Mapping the state of PQC and IETF - ssh Blumenthal, Uri - 0553 - MITLL
- Re: [Pqc] Mapping the state of PQC and IETF - ssh Alexandre Petrescu
- Re: [Pqc] Mapping the state of PQC and IETF - ssh Thom Wiggers
- Re: [Pqc] Mapping the state of PQC and IETF - ssh Alexandre Petrescu
- Re: [Pqc] Mapping the state of PQC and IETF - ssh Thom Wiggers
- Re: [Pqc] Mapping the state of PQC and IETF - ssh Behcet Sarikaya
- Re: [Pqc] Mapping the state of PQC and IETF - ssh Alexandre Petrescu