Re: [saag] A way to bootstrap post Quantum key distribution.
Vadym Fedyukovych <vf@unity.net> Tue, 12 March 2019 17:19 UTC
Return-Path: <vf@unity.net>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 946051311B7 for <saag@ietfa.amsl.com>; Tue, 12 Mar 2019 10:19:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xZGFAzgyOp_i for <saag@ietfa.amsl.com>; Tue, 12 Mar 2019 10:19:42 -0700 (PDT)
Received: from vc.unity.net (tr.unity.net [195.24.140.242]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4F1991311B2 for <saag@ietf.org>; Tue, 12 Mar 2019 10:19:42 -0700 (PDT)
Received: from vf by vc.unity.net with local (Exim 4.80) (envelope-from <vf@unity.net>) id 1h3l3z-0006s1-7b; Tue, 12 Mar 2019 19:19:39 +0200
Date: Tue, 12 Mar 2019 19:19:39 +0200
From: Vadym Fedyukovych <vf@unity.net>
To: saag@ietf.org
Message-ID: <20190312171939.GA30403@vc.unity.net>
References: <CAMm+LwhVk8pUNF6jjavbhceGc3CD0c_-Sq-RzoW7PTKgzQ+YMQ@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="koi8-r"
Content-Disposition: inline
In-Reply-To: <CAMm+LwhVk8pUNF6jjavbhceGc3CD0c_-Sq-RzoW7PTKgzQ+YMQ@mail.gmail.com>
User-Agent: Mutt/1.5.21 (2010-09-15)
X-SA-Exim-Connect-IP: <locally generated>
X-SA-Exim-Mail-From: vf@unity.net
X-SA-Exim-Scanned: No (on vc.unity.net); SAEximRunCond expanded to false
Archived-At: <https://mailarchive.ietf.org/arch/msg/saag/m9JuqdZVbqyi2hK1iyYnHof8Nvk>
Subject: Re: [saag] A way to bootstrap post Quantum key distribution.
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 12 Mar 2019 17:19:45 -0000
> ..we have no post quantum public key algorithm for > encryption. .. This is a strong statement, and no argument was given in favor of it. ElGamal encryption is the well-known one that can be instantiated with modular multiplication and elliptic curve groups. Supersingular isogeny key exchange (sike.org) is a post-quantum candidate DH-like protocol, with no fast quantum attack known today. To connect the dots, ElGamal is essentially a key exchange with public key of the message recipient and one-time key of the sender. On Tue, Mar 05, 2019 at 10:57:00AM -0500, Phillip Hallam-Baker wrote: > Let us say for the sake of argument someone managed to build a working > computer capable of breaking RSA and released it this week. What would we > do? > > As things stand, we have no post quantum public key algorithm for > encryption. We have hash signatures of course but the only scheme we need > for encryption is Kerberos. And we would need some means of bootstrap. > > [Yes, CAs become KDCs, uggggly. If you have a better plan, put it on the > table.] > > One of the schemes I have developed as part of my UDF project is an > encryption key presented as a QR code that is used to form a locator. It > occurred to me that this scheme could be used to bootstrap a kerberos > scheme by using the postal mail as out of band key distribution. > > The spec is submitted as an internet draft of course but it is much easier > to read in the HTML format as the superscripts and such are preserved in > the math: > > http://mathmesh.com/Documents/draft-hallambaker-mesh-udf.html > > > This is not what I designed the scheme for of course. The original > application was to enable people to pay bills by putting a QR code on the > paper invoice. The real point of electronic bill payment being to encourage > prompt payment rather than to save the postage (though the QR code version > could bootstrap that as well). > > It seems to me that it is more likely governments will fund research into > disaster preparation schemes lest quantum happen than the bill payment > application. But encouraging use of the Encrypted QR Codes would serve > disaster prep as well as payment. > > The scheme is unencumbered as far as I am aware. I discussed the idea with > people as far back as when I was with W3C. It wasn't interesting then as we > didn't all carry barcode scanners with us all the time in those days. > _______________________________________________ > saag mailing list > saag@ietf.org > https://www.ietf.org/mailman/listinfo/saag
- [saag] A way to bootstrap post Quantum key distri… Phillip Hallam-Baker
- Re: [saag] A way to bootstrap post Quantum key di… Vadym Fedyukovych