Re: [Secdispatch] [EXTERNAL]Re: Can Composite sigs move back to LAMPS?

John Gray <John.Gray@entrustdatacard.com> Fri, 17 January 2020 18:16 UTC

Return-Path: <prvs=2786bdd61=John.Gray@entrustdatacard.com>
X-Original-To: secdispatch@ietfa.amsl.com
Delivered-To: secdispatch@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 68B8A12007C for <secdispatch@ietfa.amsl.com>; Fri, 17 Jan 2020 10:16:01 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=entrustdatacardcorp.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7j0CG-XbAMC4 for <secdispatch@ietfa.amsl.com>; Fri, 17 Jan 2020 10:15:56 -0800 (PST)
Received: from mx2.entrustdatacard.com (mx2.entrustdatacard.com [204.124.80.222]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9EF53120043 for <secdispatch@ietf.org>; Fri, 17 Jan 2020 10:15:56 -0800 (PST)
IronPort-SDR: 9lsvcMyI/2kLghPLNzLRU/r2r4X2BV3VIf7fcP9K4459dIOgPrH7Ne3cPR39ZNXT/6YyLrFDau aSjZlOvzNJRA==
X-IronPort-AV: E=Sophos;i="5.70,331,1574143200"; d="scan'208";a="7754814"
Received: from pmspex01.corporate.datacard.com (HELO owa.entrustdatacard.com) ([192.168.211.29]) by pmspesa04inside.corporate.datacard.com with ESMTP/TLS/ECDHE-RSA-AES256-SHA384; 17 Jan 2020 12:15:56 -0600
Received: from pmspex02.corporate.datacard.com (192.168.211.30) by pmspex01.corporate.datacard.com (192.168.211.29) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Fri, 17 Jan 2020 12:15:55 -0600
Received: from NAM10-BN7-obe.outbound.protection.outlook.com (172.28.1.8) by pmspex02.corporate.datacard.com (192.168.211.30) with Microsoft SMTP Server (TLS) id 15.0.1497.2 via Frontend Transport; Fri, 17 Jan 2020 12:15:55 -0600
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=jdn9iUdsKRf+qdGBlVw7nF7hcDHvAU/FxeGDbL85/B6IMUCJ7zsDPJyTkIh5diiZBhtHxrU7iiVJ0RhAIfTbUdyUUfKDZHiedbahRChiZsupXWWBHQiSv47ksjiey3ZOqiDcuM/4eQdAE14EoEwvC86M03bJv3KHt8f0wUTpDo8rfXPKkqRs6Gd6j/wi27HF5lGPqc3S73yNkXHE+QxSRoSWJ/LPZosgQJJP23+3f3MwDNXV/Nry5keLRNh0E1GYsmszqgsLwitfX4ibSN5cuB/sBa8h73hm6RKzD6mr7CR3mVKJUmcdv1oDXGvNvtRVvikjyYrFKt6x0SB2+RUpIQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=GmlcVG6QFopnN83YVPFzyM9+DzxWD9E7gOjnE+iUCnk=; b=PrMCApxODrf/kJ/Er2l1wzX7/ahbbj67zDbVG9C+GKdtKzH27pGnfjGLfAICElQVPOUF+ZTSRerJ3Vl2t83UcbBvnJXIYGDtFPVKcHMyxc2qOiG2c8xdsXc+v5WxpuHtoLBpcuNu81RowRNp7jVerpvE8oJcPjopxvFnvFod97nEgyxqU8R0gQaPk6v5ls+6QxKN1T058sRubG/9veSJtr02mKdlIluGE0iVmygil3nBIzT2evbJwFe+POQJvdyxEtUkjv71HjC+Om6mJBieoGGe+kBsnBIG0fsI4RM0ssjj9pq9qx3hJL2XlZPew28gVPp62YBGR2iUnUrDNdhSNw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=entrustdatacard.com; dmarc=pass action=none header.from=entrustdatacard.com; dkim=pass header.d=entrustdatacard.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=entrustdatacardcorp.onmicrosoft.com; s=selector1-entrustdatacardcorp-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=GmlcVG6QFopnN83YVPFzyM9+DzxWD9E7gOjnE+iUCnk=; b=HsW8NE+VZQ5Q0uAdZWivP0nx2CTZbKYvy5QbBU/Tk0aj1E5xYtIDhAz9wdkLbVNokiwvJPft/n7EvVBbiGT4d/VJ/3Z9oZlRjEfLSQUwSCs4eIiUE8s6o1KSbZSMB6BESwdcbPRcQFAt4RfJ5Gqc4HjbuK2tdgkwUFuuXHlPiBw=
Received: from BYAPR11MB3478.namprd11.prod.outlook.com (20.177.184.84) by BYAPR11MB3606.namprd11.prod.outlook.com (20.178.206.217) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2644.20; Fri, 17 Jan 2020 18:15:53 +0000
Received: from BYAPR11MB3478.namprd11.prod.outlook.com ([fe80::21d5:97a8:95ea:3182]) by BYAPR11MB3478.namprd11.prod.outlook.com ([fe80::21d5:97a8:95ea:3182%7]) with mapi id 15.20.2623.017; Fri, 17 Jan 2020 18:15:53 +0000
From: John Gray <John.Gray@entrustdatacard.com>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>, "Markku-Juhani O. Saarinen" <mjos@pqshield.com>, IETF SecDispatch <secdispatch@ietf.org>
CC: Daniel Van Geest <Daniel.VanGeest@isara.com>, Mike Ounsworth <Mike.Ounsworth@entrustdatacard.com>
Thread-Topic: [EXTERNAL]Re: [Secdispatch] Can Composite sigs move back to LAMPS?
Thread-Index: AdXMlh5Ba3U4rdZGTG6zfD9kbyUHDgADO5QAAASPDwAAHnjCAAAAaCmAAABGooAACxnO0A==
Date: Fri, 17 Jan 2020 18:15:53 +0000
Message-ID: <BYAPR11MB3478E8F964A34EDD232CFB03EE310@BYAPR11MB3478.namprd11.prod.outlook.com>
References: <DM6PR11MB388377406A1AAEDCA397749C9B360@DM6PR11MB3883.namprd11.prod.outlook.com> <70b221bb-bc39-52cc-f9e0-a84261afe473@cs.tcd.ie> <09B0CA53-BAAF-4139-8179-2A70ADE58632@isara.com> <c0f620d7-4e22-18a5-c168-f66b737cae86@cs.tcd.ie> <CAPwdP4PG3i5-_BuVMdH0iMcJCT40xejoM=J3dH=pPO61T-F4Aw@mail.gmail.com> <3f9de00e-85ad-48ed-ba97-e1b5418e3867@cs.tcd.ie>
In-Reply-To: <3f9de00e-85ad-48ed-ba97-e1b5418e3867@cs.tcd.ie>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=John.Gray@entrustdatacard.com;
x-originating-ip: [216.191.252.67]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 23036bd0-2b1c-44a1-be57-08d79b794a35
x-ms-traffictypediagnostic: BYAPR11MB3606:
x-ms-exchange-transport-forked: True
x-microsoft-antispam-prvs: <BYAPR11MB3606672B7120700D93D043D0EE310@BYAPR11MB3606.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-forefront-prvs: 0285201563
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(376002)(396003)(346002)(39850400004)(136003)(366004)(189003)(199004)(478600001)(966005)(54906003)(316002)(296002)(110136005)(2906002)(86362001)(71200400001)(33656002)(9686003)(55016002)(76116006)(81156014)(81166006)(66446008)(52536014)(66556008)(186003)(64756008)(8676002)(4326008)(8936002)(66946007)(66476007)(26005)(6506007)(5660300002)(53546011)(7696005)(107886003); DIR:OUT; SFP:1102; SCL:1; SRVR:BYAPR11MB3606; H:BYAPR11MB3478.namprd11.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: nAplrqII0suafXchfNkNbtsz8hBfMbGqvel9xDck8sXvWRffTRPAyuie18YJyLi0RkvtLJqd9VswuIzb7o4aUawLoamgT0qEdPzJAKvumvoYGUsrZ9KQrGLu+/MJ2I4dl+nEmM81WD7F9JNyzV7Q6IOEm1a9j65HHdJf4Il2vTksyINXCFpnpjD3GnjDt5InEsirFil/ZL2cD1uMoP8HF7RpW3IreEl8wCJZlwe9YoUMjn2WwwAFCIu1kurluO7PNS6mr09JWqYCVgYiSuOT0WJZLpcsQhF/i4deM7lBOD2JVx8y0eFyXv6P1hHXuSLbUvZidziEjsmmUh7BwqT5JFkM+mdmo9CIi47OaNf94BDVGfoMNaGUsRzy3xl5OYMdy6hwrVuG/+7XqUT3umlFnP2jj1pSRizMy2pWyBwfVH/k8WVpNB0cM1nGBcNEe2Fz7b7MltrkqH+veKb+XpBDyPxnlL1esTfehIIKtBrEVFA=
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 23036bd0-2b1c-44a1-be57-08d79b794a35
X-MS-Exchange-CrossTenant-originalarrivaltime: 17 Jan 2020 18:15:53.2369 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: f46cf439-27ef-4acf-a800-15072bb7ddc1
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: gwK1dMDouhkPzhU3CVlmlVcJa/BHs/+E9MfvDOBOaC2bhGkdSpEfZlTaYUfWPiatGmO6lNAPcBJW3TiXI4cwiADSUcRb5szBruJ0yMzCoWs=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BYAPR11MB3606
X-OriginatorOrg: entrustdatacard.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdispatch/6Ux3w2k5hB6sz88PQz62ZeMmGe8>
Subject: Re: [Secdispatch] [EXTERNAL]Re: Can Composite sigs move back to LAMPS?
X-BeenThere: secdispatch@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Dispatch <secdispatch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdispatch/>
List-Post: <mailto:secdispatch@ietf.org>
List-Help: <mailto:secdispatch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 17 Jan 2020 18:16:01 -0000

Hi Stephen,

The reason why we are putting together this composite standard is because we believe we are in this position today.   If NIST  decides no Round 3 is needed, then we will know the PQ winners by June of this year.   Even if there is a Round 3, and no final set of PQ algorithms is declared until 2021 or 2022, we want to have a hybrid standard ready for us use.  We will need to implement, test, and interop and all these things take time and have to be done after there is a standard.  If we wait too long, it will be a free for all.   

There are already a small handful of stable PQ algorithms available to use today.   See RFC 8391 (XMSS) and RFC 8554 (LMS), so using a hybrid RSA or EC with XMSS or LMS in a composite form is already viable.  The choices are definitely few at this moment, but there are viable use-cases.   We want to give our customers peace of mind and transition to a post quantum world.  This standard will address customer anxiety and bridges the gap to a stable post quantum world.   It addresses the quantum threat verses algorithm scrutiny.  

Cheers,

John Gray
Software Architect, Entrust Datacard

-----Original Message-----
From: Secdispatch [mailto:secdispatch-bounces@ietf.org] On Behalf Of Stephen Farrell
Sent: Friday, January 17, 2020 7:30 AM
To: Markku-Juhani O. Saarinen <mjos@pqshield.com>
Cc: Daniel Van Geest <Daniel.VanGeest@isara.com>om>; IETF SecDispatch <secdispatch@ietf.org>rg>; Mike Ounsworth <Mike.Ounsworth@entrustdatacard.com>
Subject: [EXTERNAL]Re: [Secdispatch] Can Composite sigs move back to LAMPS?



On 17/01/2020 12:22, Markku-Juhani O. Saarinen wrote:
> On Fri, Jan 17, 2020 at 12:11 PM Stephen Farrell 
> <stephen.farrell@cs.tcd.ie>
> wrote:
> 
>>
> My conclusion is that this stuff could only really be useful
>> enough to justify the costs if we have PQ signature schemes that are 
>> considered stable enough to deploy but where we don't yet fully trust 
>> the algorithms to the point where we'd be happy to depend solely on 
>> those new algorithms.
> 
> 
> Thanks for your support. That is exactly where we are

I hope it's clear I disagree with you - IMO the conditions above are not satisfied today and I do not support adopting such work at this time. Were I to guess and be optimistic it might be worth re-considering the topic in a year or so.

S.

> and what the stated
> purpose of draft-ounsworth-pq-composite-sigs-02 is.
> 
> Cheers,
> - markku
> 
> Dr. Markku-Juhani O. Saarinen <mjos@pqshield.com> PQShield, Oxford UK.
> 
> 
> _______________________________________________
> Secdispatch mailing list
> Secdispatch@ietf.org
> https://www.ietf.org/mailman/listinfo/secdispatch
>