[saag] A way to bootstrap post Quantum key distribution.
Phillip Hallam-Baker <phill@hallambaker.com> Tue, 05 March 2019 15:57 UTC
Return-Path: <hallam@gmail.com>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 02027130F97; Tue, 5 Mar 2019 07:57:14 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.879
X-Spam-Level:
X-Spam-Status: No, score=-1.879 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FORGED_FROMDOMAIN=0.018, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id I6Abn_DC4g2C; Tue, 5 Mar 2019 07:57:10 -0800 (PST)
Received: from mail-ot1-f44.google.com (mail-ot1-f44.google.com [209.85.210.44]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 88E33130F70; Tue, 5 Mar 2019 07:57:10 -0800 (PST)
Received: by mail-ot1-f44.google.com with SMTP id m1so7827793otf.5; Tue, 05 Mar 2019 07:57:10 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=GdfHS9xwZOtBFRPCZAhX2Uu6gwt07uCPT2f8Tcd7XkE=; b=Xz79b9tNfwBre0ZSmwkKKxpf6HvU/9PNDGrE9EQgUSmeZQ1cofJHmVm1Lp1KYyidn1 lukW8ALYnqoWkz0j100sJmgDygMbVddZO6J6ONKZxiduloFmav07zu3hue3cK/06ljmB zTmOsOx5rK1lyNY57XyIR8m5JFac0M1Vx+Owyf8bol2iBmiyptGOJaT/bOXh7wlQVw1a +8v0DptYU6u5OeJ2TFG1id0eNaxFQvJaz4EkvlYxbatkO5lUk9wJDyI+jk7c8nv2zjwW XD+NdrNmYHEm4619YUG7oFfHjdpiUcY6qHVM1J+T/ksjLwO4YbqYkEBMvJTGWcclM/8F q+8w==
X-Gm-Message-State: APjAAAW7WvG4+8a8nAmMV+dU3GQaC9lM3nqOGSzNkZgTmn6TzUQudrbC jPSxACLRrmQqiqDQvCjodsF3DpYolAVVHSZRAxt2LuHb
X-Google-Smtp-Source: APXvYqxblFjsCrMykdEjLZDZklxkuiU2GL0Qnp921TfkyZgheOtXo+vCBOLlA01AlOEzR9Zl0rdi3hS80PiCjavxK8I=
X-Received: by 2002:a9d:12cb:: with SMTP id g69mr1387959otg.150.1551801428668; Tue, 05 Mar 2019 07:57:08 -0800 (PST)
MIME-Version: 1.0
From: Phillip Hallam-Baker <phill@hallambaker.com>
Date: Tue, 05 Mar 2019 10:57:00 -0500
Message-ID: <CAMm+LwhVk8pUNF6jjavbhceGc3CD0c_-Sq-RzoW7PTKgzQ+YMQ@mail.gmail.com>
To: saag@ietf.org, secdispatch@ietf.org
Content-Type: multipart/alternative; boundary="000000000000eaf76b05835aece8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/saag/3oDDKoqKTX6DzCYxobqkuaLxyoE>
Subject: [saag] A way to bootstrap post Quantum key distribution.
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 05 Mar 2019 15:57:14 -0000
Let us say for the sake of argument someone managed to build a working computer capable of breaking RSA and released it this week. What would we do? As things stand, we have no post quantum public key algorithm for encryption. We have hash signatures of course but the only scheme we need for encryption is Kerberos. And we would need some means of bootstrap. [Yes, CAs become KDCs, uggggly. If you have a better plan, put it on the table.] One of the schemes I have developed as part of my UDF project is an encryption key presented as a QR code that is used to form a locator. It occurred to me that this scheme could be used to bootstrap a kerberos scheme by using the postal mail as out of band key distribution. The spec is submitted as an internet draft of course but it is much easier to read in the HTML format as the superscripts and such are preserved in the math: http://mathmesh.com/Documents/draft-hallambaker-mesh-udf.html This is not what I designed the scheme for of course. The original application was to enable people to pay bills by putting a QR code on the paper invoice. The real point of electronic bill payment being to encourage prompt payment rather than to save the postage (though the QR code version could bootstrap that as well). It seems to me that it is more likely governments will fund research into disaster preparation schemes lest quantum happen than the bill payment application. But encouraging use of the Encrypted QR Codes would serve disaster prep as well as payment. The scheme is unencumbered as far as I am aware. I discussed the idea with people as far back as when I was with W3C. It wasn't interesting then as we didn't all carry barcode scanners with us all the time in those days.
- [saag] A way to bootstrap post Quantum key distri… Phillip Hallam-Baker
- Re: [saag] A way to bootstrap post Quantum key di… Vadym Fedyukovych