IETF Logo Mail Archive

[Qirg] Other Security-Related Activities related to Quantum Computing...

"Dr. Pala" <madwolf@openca.org> Tue, 26 March 2019 18:16 UTC

Return-Path: <madwolf@openca.org>
X-Original-To: qirg@ietfa.amsl.com
Delivered-To: qirg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 250D0120843 for <qirg@ietfa.amsl.com>; Tue, 26 Mar 2019 11:16:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.889
X-Spam-Level:
X-Spam-Status: No, score=-1.889 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, SPF_PASS=-0.001, T_HK_NAME_DR=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sZFqSgvHOO2B for <qirg@ietfa.amsl.com>; Tue, 26 Mar 2019 11:16:50 -0700 (PDT)
Received: from mail.katezarealty.com (mail.katezarealty.com [104.168.158.213]) by ietfa.amsl.com (Postfix) with ESMTP id 62B60120838 for <qirg@irtf.org>; Tue, 26 Mar 2019 11:16:50 -0700 (PDT)
Received: from localhost (unknown [127.0.0.1]) by mail.katezarealty.com (Postfix) with ESMTP id 0EBD8374128E for <qirg@irtf.org>; Tue, 26 Mar 2019 18:16:50 +0000 (UTC)
X-Virus-Scanned: amavisd-new at katezarealty.com
Received: from mail.katezarealty.com ([127.0.0.1]) by localhost (mail.katezarealty.com [127.0.0.1]) (amavisd-new, port 10024) with LMTP id IQ4-nnfH38cH for <qirg@irtf.org>; Tue, 26 Mar 2019 14:16:49 -0400 (EDT)
Received: from Maxs-MacBook-Pro.local (unknown [62.168.35.67]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.katezarealty.com (Postfix) with ESMTPSA id 80DBA3740F7B for <qirg@irtf.org>; Tue, 26 Mar 2019 14:16:48 -0400 (EDT)
From: "Dr. Pala" <madwolf@openca.org>
To: qirg@irtf.org
Message-ID: <d67821a9-6125-e562-ba7a-829a8ef091bf@openca.org>
Date: Tue, 26 Mar 2019 19:16:46 +0100
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:60.0) Gecko/20100101 Thunderbird/60.5.3
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="------------1C048C6580C2D4F34A55E1F9"
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/qirg/9f6qCSzPkz3fp8Gw-uvTSX6Odgo>
Subject: [Qirg] Other Security-Related Activities related to Quantum Computing...
X-BeenThere: qirg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Quantum Internet \(proposed\) RG" <qirg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/qirg>, <mailto:qirg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/qirg/>
List-Post: <mailto:qirg@irtf.org>
List-Help: <mailto:qirg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/qirg>, <mailto:qirg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Tue, 26 Mar 2019 18:16:53 -0000

Hi QIRG,

I just wanted to provide a very short summary of some of the efforts 
that are going on, today, and that are aimed at mitigating the 
(possible) factorization threats for "classic" algorithms in 
cryptography. The work is not focused on the use of Quantum-Based 
techniques, but to provide a way to protect our trust infrastructures 
(PKIs) today and in the long run. In a nutshell, we are working on two 
different time-horizons.

*For short-term solution*, the use of PSKs mixed with PublicKey 
cryptography provides the possibility to secure data today that is 
"quantum-resistant". This leaves the distribution of the PSK quite an 
open problem that might be solved with QKD where possible/available.

*For the long term*, there are two different activities going on right now.

/The first activity/ is about selecting the set of algorithms that can 
be proven to be secure in a post quantum-computing world. Hash-based 
signatures have already been standardized, however other schemes that 
can provide different characteristics (e.g., encryption, key exchange, 
etc.). Although the process has been going on for a while, it will take 
several more years to identify the best ones.

/The second activity/ (for the long run) is how to provide hybrid 
infrastructures that can use "traditional" and "quantum-resistant" 
cryptography together. The approach is meant to provide (a) backward 
compatibility (as much as possible) for devices that, today, do not 
understand the new algorithms, (b) provide protection for high-value 
target (e.g., Root and Intermediate CAs), and (c) integrate the use of 
the hybrid approach to protect all parts of a PKI: /not only 
certificates but also revocation information and provisioning services/.

I know this is orthogonal with the work that the group has focused on so 
far (nothing to do with transmitting (q)-bits on the fiber or 
networking), however I think it might be useful for people on the list 
to have an overview of other quantum-related activities from the 
security area.

/*Last but not least, I want to thank again for the organization of the 
workshop - unfortunately I could attend only the first half because of 
conflicts, but I really liked the lecture and I wanted to thank again 
everybody!*/

Cheers,
Max

-- 
Best Regards,
Massimiliano Pala, Ph.D.
OpenCA Labs Director
OpenCA Logo

v2.23.0 | Report a Bug | By Email