On 2019-10-26 12:03, Frank Beuth wrote:
On Sat, Oct 26, 2019 at 02:53:42PM +0800, Jyri Hovila [Turvamies.fi]
wrote:
Maybe OpenBSD could profile itself as *the* OS with all crypto
related stuff is handled using post-quantum cryptography?
I don't think OpenBSD wants to "profile itself" as anything.
Are post-quantum algorithms well reviewed and stable enough to be worth
using as defaults for OpenBSD full disk encryption, OpenSSH,
LibreSSL...?
Do you or anyone else have the expertise to implement them?
In no way I'm an authority on the subject. I have been interested by
this though and have bought two books on post-quantum cryptography (one
is not delivered yet, it will be published in November). The one book
written by DJB has a table on page 16 which I'd like to share:
RSA->broken, Diffie Helman->broken, Elliptic curve->broken,
Buchman-Williams->broken,Algebraic Homomorphic->broken by quantum systems
This leaves McEliece public key, NTRU public key and Lattice based
public keys as unbroken by quantum systems.
All in theory as this book was written in 2010. I'm opening my eyes
though to the quantum threat.
The unbroken systems may have behaviour much different from RSA (as an
example) and the OpenSSH code would perhaps need huge refactoring in
protocol exchange than before.
Maybe someone should be sponsored to do the grunt work with some of the
donation money that OpenBSD is showered with, or maybe someone will do
it for free. Good luck to all the programmers involved! One day it
will have to be done, let's hope before the break-ins to important hosts.
Regards,
-peter
