Den 24 jan 2015 22:06 skrev "Greg" <g...@kinostudios.com>: > > So, I understand that QM algos can pretty much dismantle all popular asymmetric encryption algos with enough q-bits, but I haven't thought hard enough to see if they also can be used to compromise communications that used DH to do PFS underneath the initial handshake. > > Side question: is this the right list to ask this on, or is there other ones I should try? (Is CFRG appropriate? Metzdowd is annoying with its long moderation times...)
Key exchange like DH simplifies PFS but isn't strictly necessary. A mechanism with temporary public keys where your main keys only sign the temporary keys, and the temporary keys are used for exchange of nonces to generate session keys (there are presumed quantum secure public key algorithms!), would be sufficient as well if you delete the temporary public keys the way DH secrets in regular PFS key exchanges are deleted afterwards. There are many hash based signature algorithms, and other types of public key algorithms like lattice based and many others.
_______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography