IETF Logo Mail Archive

Re: [lamps] Proposed re-charter text for hybrid and dual crypto modes

Russ Housley <housley@vigilsec.com> Sat, 30 January 2021 21:14 UTC

Return-Path: <housley@vigilsec.com>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5EA8C3A1163 for <spasm@ietfa.amsl.com>; Sat, 30 Jan 2021 13:14:03 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4tBInG_L59lr for <spasm@ietfa.amsl.com>; Sat, 30 Jan 2021 13:13:59 -0800 (PST)
Received: from mail.smeinc.net (mail.smeinc.net [209.135.209.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EAAE83A1164 for <spasm@ietf.org>; Sat, 30 Jan 2021 13:13:58 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by mail.smeinc.net (Postfix) with ESMTP id 55F22300B89 for <spasm@ietf.org>; Sat, 30 Jan 2021 16:13:56 -0500 (EST)
X-Virus-Scanned: amavisd-new at mail.smeinc.net
Received: from mail.smeinc.net ([127.0.0.1]) by localhost (mail.smeinc.net [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id MJGucp40z58C for <spasm@ietf.org>; Sat, 30 Jan 2021 16:13:55 -0500 (EST)
Received: from a860b60074bd.fios-router.home (pool-141-156-161-153.washdc.fios.verizon.net [141.156.161.153]) by mail.smeinc.net (Postfix) with ESMTPSA id ED025300A4B for <spasm@ietf.org>; Sat, 30 Jan 2021 16:13:54 -0500 (EST)
From: Russ Housley <housley@vigilsec.com>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.17\))
Date: Sat, 30 Jan 2021 16:13:56 -0500
References: <DM6PR11MB43808FA7D74229A5997965649FBA9@DM6PR11MB4380.namprd11.prod.outlook.com>
To: LAMPS <spasm@ietf.org>
In-Reply-To: <DM6PR11MB43808FA7D74229A5997965649FBA9@DM6PR11MB4380.namprd11.prod.outlook.com>
Message-Id: <E64102E4-AA88-4B87-814A-6C79F6655102@vigilsec.com>
X-Mailer: Apple Mail (2.3445.104.17)
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/REVYUwBci717m7zVfbSIYpv7VKA>
Subject: Re: [lamps] Proposed re-charter text for hybrid and dual crypto modes
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 30 Jan 2021 21:14:03 -0000

Building on the text proposed by Mike, I want to address a point raised by Max and a point raised by Sean.

First, Max observed that PQC algorithms will be used in both the one certificate and the two certificate models.  So, I propose charter text that has a place for each of them.

Second, Sean observed that the charter will need some background text to explain what we are doing to the IESG.  So, I propose some charter text for additional context.

Third, the charter is structured as a list of deliverables for the LAMPS WG.  So, I structured the proposed charter text as a new numbered item "X".

~~~

X. Recent progress in the development of quantum computers pose a threat
to widely deployed public key algorithms.  As a result, there is a need
to prepare for a day when cryptosystems such as RSA, Diffie-Hellman,
ECDSA, ECDH, and EdDSA cannot be depended upon.  As a result, there are
efforts to develop standards for post-quantum cryptosystem (PQC)
algorithms that that will be secure if large-scale quantum computers
are ever developed.

a. Specify the use of PQC public key algorithms with the PKIX
certificates and the Cryptographic Message Syntax (CMS).

b. Develop specifications to facilitate a lengthy transition from
today's public key algorithms to PQC public key algorithms.  Unlike
previous algorithm transitions, time will be needed before there is
full confidence in the PQC public key algorithms.  Therefore,
transition mechanisms that combine traditional algorithms with PQC
algorithms will be needed for "hybrid key establishment" and "dual
signatures".  NIST defines "hybrid key establishment" as any key
establishment scheme that is a combination of two or more components
that are themselves cryptographic key-establishment schemes.  NIST
defines "dual signatures" as any signature scheme that consists of
two or more signatures on a common message.  The specifications
developed will enable PKIX and S/MIME protocols to support hybrid key
establishment and dual signature mechanisms.

~~~

Review and comments welcome.

Russ


> On Jan 28, 2021, at 2:27 PM, Mike Ounsworth <Mike.Ounsworth=40entrust.com@dmarc.ietf.org> wrote:
> 
> Proposed charter text:
> 
> Post-quantum cryptography (PQC) will require a transition period in some ways similar to previous crypto migrations, but unique in that timelines require deployment of PQC before cryptographers have full confidence in the replacement algorithms. NIST has called for transition mechanisms that "layer" traditional and PQ crypto together, referred to as "hybrid key establishment" and "dual signatures". The LAMPS working group will update documents produced by the PKIX and S/MIME WG to support hybrid key establishment, encryption, and dual signature mechanisms.
> 
> ---
> Mike Ounsworth
> Software Security Architect, Entrust

v2.23.0 | Report a Bug | By Email