Re: [tor-talk] Post Quantum Tor

[Kevin Burress]

Right well I suppose I can see this as a system of routing anonymously to a
key. I was just wondering about using tor ostensibly as a network interface
module and I suppose it could be compiled as a library elf and other
applications can be made for working with certain aspects of tor and
passing structures through ipc.

On Tue, May 29, 2018, 1:51 PM grarpamp  wrote:

> >> was just looking at BGP routing over tor. I'm not sure how to do that
> with
> >> the current implementation over hidden service. I'm having a hard time
> >> working out how to use it as layer 2 and encapsulate things over the
> >> network from one hidden service to another.
> >
> > This is because Tor only provides proxying and exit services at the
> > transit layer.  You can't route arbitrary IP packets over Tor, and
> > so you can't, for example, ping or traceroute over Tor.
> >
> > https://www.torproject.org/docs/faq.html.en#TransportIPnotTCP
> >
> > Hidden services, for their part, don't even identify destinations with
> > IP addresses, so there's no prospect of using IP routing protocols to
> > describe routes to them.
>
> There are ways to do that...
>
> https://www.onioncat.org/
> https://github.com/david415/onionvpn
>
> https://www.youtube.com/watch?v=Zj4hSx6cW80
> https://itsecx.fhstp.ac.at/wp-content/uploads/2014/11/FischerOnionCat.pdf
>
> https://trac.torproject.org/projects/tor/search?q=onioncat=1=on=on
>
> https://trac.torproject.org/projects/tor/search?q=onionvpn=1=on=on
> https://www.youtube.com/watch?v=rx4rS1gvp7Y
> https://www.youtube.com/watch?v=ByRkUowW7UY
> https://www.youtube.com/watch?v=RFHD6rKX3LI
>
> Yes if you changed the /48, played with NAT, and/or added router
> services...
> you could also interface onions end to end with clearnet and things
> like CJDNS / Hyperboria if you wanted to.
>
> > There have been projects to try to make a router that would automatically
> > proxy all TCP traffic to send it through Tor by default.
>
> Packet filters, tails, whonix, tor-ramdisk, etc do essentially this
> all the time.
>
> > that they were supposed to remove linkable identifiers and behaviors.
>
> > send cookies from non-Tor sessions
>
> > continue to be highly fingerprintable.
>
> Then don't do those things.
> They're user issues, not issues of whatever anonymous overlay.
> --
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsubscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Post Quantum Tor

[grarpamp]

>> was just looking at BGP routing over tor. I'm not sure how to do that with
>> the current implementation over hidden service. I'm having a hard time
>> working out how to use it as layer 2 and encapsulate things over the
>> network from one hidden service to another.
>
> This is because Tor only provides proxying and exit services at the
> transit layer.  You can't route arbitrary IP packets over Tor, and
> so you can't, for example, ping or traceroute over Tor.
>
> https://www.torproject.org/docs/faq.html.en#TransportIPnotTCP
>
> Hidden services, for their part, don't even identify destinations with
> IP addresses, so there's no prospect of using IP routing protocols to
> describe routes to them.

There are ways to do that...

https://www.onioncat.org/
https://github.com/david415/onionvpn

https://www.youtube.com/watch?v=Zj4hSx6cW80
https://itsecx.fhstp.ac.at/wp-content/uploads/2014/11/FischerOnionCat.pdf
https://trac.torproject.org/projects/tor/search?q=onioncat=1=on=on
https://trac.torproject.org/projects/tor/search?q=onionvpn=1=on=on
https://www.youtube.com/watch?v=rx4rS1gvp7Y
https://www.youtube.com/watch?v=ByRkUowW7UY
https://www.youtube.com/watch?v=RFHD6rKX3LI

Yes if you changed the /48, played with NAT, and/or added router services...
you could also interface onions end to end with clearnet and things
like CJDNS / Hyperboria if you wanted to.

> There have been projects to try to make a router that would automatically
> proxy all TCP traffic to send it through Tor by default.

Packet filters, tails, whonix, tor-ramdisk, etc do essentially this
all the time.

> that they were supposed to remove linkable identifiers and behaviors.

> send cookies from non-Tor sessions

> continue to be highly fingerprintable.

Then don't do those things.
They're user issues, not issues of whatever anonymous overlay.
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Post Quantum Tor

[Seth David Schoen]

Kevin Burress writes:

> honestly, ideally it would be a lot easier to do things with tor if it
> actually internally followed the unix philosophy and the layers of service
> could be used as a part of the linux system and modular use of the parts. I
> was just looking at BGP routing over tor. I'm not sure how to do that with
> the current implementation over hidden service. I'm having a hard time
> working out how to use it as layer 2 and encapsulate things over the
> network from one hidden service to another.

This is because Tor only provides proxying and exit services at the
transit layer.  You can't route arbitrary IP packets over Tor, and
so you can't, for example, ping or traceroute over Tor.

https://www.torproject.org/docs/faq.html.en#TransportIPnotTCP

Hidden services, for their part, don't even identify destinations with
IP addresses, so there's no prospect of using IP routing protocols to
describe routes to them.

There have been projects to try to make a router that would automatically
proxy all TCP traffic to send it through Tor by default.  (This would
require writing custom code, not just using existing routing tools, again
because Tor only operates at the TCP layer.)  I was excited about this
idea several years ago until the Tor maintainers reminded me that it would
expose lots of linkable traffic from applications that didn't realize
that they were supposed to remove linkable identifiers and behaviors.
For example, browsers that didn't realize they were running over Tor
would continue to send cookies from non-Tor sessions, and they would
continue to be highly fingerprintable.

-- 
Seth Schoen  
Senior Staff Technologist   https://www.eff.org/
Electronic Frontier Foundation  https://www.eff.org/join
815 Eddy Street, San Francisco, CA  94109   +1 415 436 9333 x107
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Post Quantum Tor

[Lara]

On May 28, 2018 10:06:05 PM UTC, Kevin Burress  wrote:
>Now whether or not all of this power consumption is a coverup for the
>quantum capibilities of the NSA is a matter of speculation, but the
>fact of the matter is they are breaking encryption and they did spend
>$2 billion on a datacenter for that sole purpose.

And B Gates is known to spend millions in Africa. Because he is a
heterosexual male he must have a brothel and certainly has a brown skin
fetish. Sadly, medical research seems to be going in the same direction,
at least the popular magazine information.
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Post Quantum Tor

[Kevin Burress]

Okay, a little more grounded, about the Utah datacenter in 2012:

"The NSA project now aims to break the "exaflop barrier" by building a
supercomputer a hundred times faster than the fastest existing today, the
Japanese "K Computer." That code-breaking system is projected to use 200
megawatts of power, about as much as would power 200,000 homes."

https://www.forbes.com/sites/andygreenberg/2012/03/16/nsas-new-data-center-and-ultra-fast-supercomputer-aim-to-crack-worlds-strongest-crypto/#3d46c8f332e0

On Mon, May 28, 2018 at 8:53 PM, grarpamp  wrote:

> https://www.zdnet.com/article/ibm-warns-of-instant-breaking-
> of-encryption-by-quantum-computers-move-your-data-today/
>
> https://csrc.nist.gov/projects/post-quantum-cryptography
> https://wikipedia.org/wiki/Post-quantum_cryptography
> http://www.etsi.org/news-events/news/947-2015-03-news-
> etsi-launches-quantum-safe-cryptography-specification-group
> http://www.pqcrypto.org/
> https://ianix.com/pqcrypto/pqcrypto-deployment.html
> https://pqcrypto.eu.org/
> https://media.ccc.de/v/32c3-7210-pqchacks
> https://github.com/zcash/zcash/issues/805
> --
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsubscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Post Quantum Tor

[Kevin Burress]

Now whether or not all of this power consumption is a coverup for the
quantum capibilities of the NSA is a matter of speculation, but the fact of
the matter is they are breaking encryption and they did spend $2 billion on
a datacenter for that sole purpose.

On Mon, May 28, 2018 at 11:04 PM, Kevin Burress 
wrote:

> Okay, a little more grounded, about the Utah datacenter in 2012:
>
> "The NSA project now aims to break the "exaflop barrier" by building a
> supercomputer a hundred times faster than the fastest existing today, the
> Japanese "K Computer." That code-breaking system is projected to use 200
> megawatts of power, about as much as would power 200,000 homes."
>
> https://www.forbes.com/sites/andygreenberg/2012/03/16/nsas-
> new-data-center-and-ultra-fast-supercomputer-aim-to-
> crack-worlds-strongest-crypto/#3d46c8f332e0
>
> On Mon, May 28, 2018 at 8:53 PM, grarpamp  wrote:
>
>> https://www.zdnet.com/article/ibm-warns-of-instant-breaking-
>> of-encryption-by-quantum-computers-move-your-data-today/
>>
>> https://csrc.nist.gov/projects/post-quantum-cryptography
>> https://wikipedia.org/wiki/Post-quantum_cryptography
>> http://www.etsi.org/news-events/news/947-2015-03-news-etsi-
>> launches-quantum-safe-cryptography-specification-group
>> http://www.pqcrypto.org/
>> https://ianix.com/pqcrypto/pqcrypto-deployment.html
>> https://pqcrypto.eu.org/
>> https://media.ccc.de/v/32c3-7210-pqchacks
>> https://github.com/zcash/zcash/issues/805
>> --
>> tor-talk mailing list - tor-talk@lists.torproject.org
>> To unsubscribe or change other settings go to
>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>>
>
>
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Post Quantum Tor

[grarpamp]

https://www.zdnet.com/article/ibm-warns-of-instant-breaking-of-encryption-by-quantum-computers-move-your-data-today/

https://csrc.nist.gov/projects/post-quantum-cryptography
https://wikipedia.org/wiki/Post-quantum_cryptography
http://www.etsi.org/news-events/news/947-2015-03-news-etsi-launches-quantum-safe-cryptography-specification-group
http://www.pqcrypto.org/
https://ianix.com/pqcrypto/pqcrypto-deployment.html
https://pqcrypto.eu.org/
https://media.ccc.de/v/32c3-7210-pqchacks
https://github.com/zcash/zcash/issues/805
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Post Quantum Tor

[s7r]

Kevin Burress wrote:
> 
> We know that ecdsa is weak against a quantum computer, as well as rsa. The
> only evidence I can provide is publicly available:
> https://cointelegraph.com/news/nsa-will-not-use-quantum-computers-to-crack-bitcoin-antonopoulos
> 

Well, with all due respect, Andreas Antonopoulos point of view and
personal opinion cannot be counted as evidence. cointelegraph.com uses
to quote twitter people and technology activists and stuff like this,
but when I say evidence I am thinking of technical or academical papers
describing and proving it exactly. This website is nothing like that.

In this article:
“...Do they use that to break Bitcoin? The simple answer is ‘no.’”

Hmm. Okay. Sounds like a real oracle. So we should just take that quote
and nail it to our bedroom wall and stare at it every day. But this is
worth 0 honestly.

The problem is that if the NSA could break it, so could others that have
enough incentive. Bitcoin price could be an incentive to many less
transparent governments that have funds for research and do not need to
publicly state what they are doing. So I am guessing that if it could be
done, we would see its effect.

> The NSA stating they could break crypto with their current tools
> (specifically the weak ecdsa used for wallets) and that they won't and use
> the tools for "other things" which immediately makes me think of Tor.
> 

Where did they state this exactly publicly and officially? I am just
asking, they could have stated it but I am just not aware of it and
would like to see if possible. I mean they stating it, not someone
saying hey it's me, and I know for sure the NSA can break current crypto.

> The only other evidence I can submit as a need to upgrade encryption in
> general is the government issued that they will no longer use key lengths
> below 3k rsa, and require at least 4096 for top secret information.
> 

Right. Agreed. Encryption should always be upgraded to a point that is
considered sufficient for the forseeable future. Requiring at least rsa
4096 for top secret information means that people are taking extra
security measures and raising standards, which is very very good.
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Post Quantum Tor

[Kevin Burress]

S7r I generally agree with you there. There is no evidence that it has been
broken. Thus we can only go by what these agencies are saying or hinting
about their capabilities. I certainly don't think that in this case it is
required and must negotiate with post quantum cryptography, only that as a
feature a client may require that for all of their tunnels unless it is
found to be flawed.


We know that ecdsa is weak against a quantum computer, as well as rsa. The
only evidence I can provide is publicly available:
https://cointelegraph.com/news/nsa-will-not-use-quantum-computers-to-crack-bitcoin-antonopoulos

The NSA stating they could break crypto with their current tools
(specifically the weak ecdsa used for wallets) and that they won't and use
the tools for "other things" which immediately makes me think of Tor.

The only other evidence I can submit as a need to upgrade encryption in
general is the government issued that they will no longer use key lengths
below 3k rsa, and require at least 4096 for top secret information.



On Mon, May 28, 2018, 11:48 AM s7r  wrote:

> Lodewijk andré de la porte wrote:
> > RSA/ECDSA are both screwed.
> >
> > SPHINCS seems good.
> >
> > Post quantum asymcrypt doesn't seem generally ready yet, but hashes work.
> >
>
> You claim this based upon what evidence? Do you have any technical
> document or citation in order to sustain your claim? I am not talking
> about something you read on an anonymous blog here. Also, which RSA?
> There is limited evidence that RSA 1024 might not be sufficient with
> current existing computing power (not even evidence, more like an
> assumption), but RSA 2048 / 4096 should be sufficient. Even  for RSA
> 1024 you might need to be a real threat in order to be worth the
> resources to be spent on you.
>
> There is no evidence of ECDSA and ECDH being screwed (regardless of the
> curve used, NIST ones, cv25519, secp256k1, etc.).
>
> I understand that some might be inclined to think that everything is
> screwed, and that the NSA/CIA have the power to do anything, but there
> is no evidence to sustain such a claim. To be frank, I am very happy to
> have people like this in the community because problems might get fixed
> even before they become real problems.
>
> Everyone who correctly used encryption tools with up to date recommended
> standards were safe, the cases where it failed relied purely on human
> error, social engineering or other kind of side channel attacks. If I am
> able to spy on the passphrase of your private key (or if you have a weak
> dictionary passphrase that I can break with brute force in like 1 year)
> this does not mean I have the power to break the algorithm of your
> encryption key (RSA, ECC). Unfortunately way too many people use small,
> easy to remember passphrases (even related to their names, dates of
> birth, spouse names, pet names, etc.). A good brute force tool will take
> for example 2 years to break a relatively simple passphrase, but if fed
> with hints (names, dobs, friends, pets, places) that can be narrowed
> down exponentially to 2 months.
>
> Let's keep this discussion productive. Tor _needs_ post quantum
> resistant crypto as a _feature_, so that current traffic if captured and
> stored cannot be decrypted within reasonable time in the future. The
> time frame is variable an dependent on each case and threat model, but
> let's say like one or two decades. So, this is just an extra security
> measure Tor takes as the number one privacy tool, one that can be relied
> on.
>
> There is no evidence that quantum computers will be strong enough in 5
> or 10 years to break the current NON QUANTUM RESISTANT crypto used. At
> current moment quantum computers barely can do a square root of a two
> digit number. Also, I think it's safe to assume this type of threat is
> irrelevant if the current crypto in Tor might be broken in 100 years
> from now, because even if the subject is still alive at that moment, it
> might not matter at all.
>
> Taking the discussion just a little further, quantum computers face a
> physics problems related to time and space. A proven physics assumption
> tells us that something can only be in one place/position at a time.
> Like bits in normal computers nowadays, that can be either 0 either 1.
> Qbits have to be both at the same time. So, being a true lover of
> technology and believer, I am not stating it's impossible and it will
> never happen, but it is surely not knocking on our doors, from my opinion.
>
> Before experts struggle to answer this one, let us be productive and
> work on the proposals Nick quoted in a previous email to this thread, so
> we eliminate risk and don't have to worry if / when this becomes reality.
> --
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsubscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe 

Re: [tor-talk] Post Quantum Tor

[Lodewijk andré de la porte]

RSA/ECDSA are both screwed.

SPHINCS seems good.

Post quantum asymcrypt doesn't seem generally ready yet, but hashes work.

2018-05-26 9:04 GMT+02:00 Jacki M :

> Here is the parent trac ticket for PQ 
> https://trac.torproject.org/projects/tor/ticket/24985
> 
>
> > On May 25, 2018, at 10:39 PM, Kevin Burress 
> wrote:
> >
> > Hi,
> >
> > I was just wondering since the NSA has quantum computers that can break
> > ECDSA (As they have stated they could break bitcoin in an interview, and
> > telecomix unlocked Cameron's hard drive.) When is Tor going to be
> upgraded
> > to post quantum?
> >
> > Can we at least hack together an interleaving of RSA and ECDSA with some
> > secure number of rounds in the interim?
> > --
> > tor-talk mailing list - tor-talk@lists.torproject.org
> > To unsubscribe or change other settings go to
> > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
> --
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsubscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Post Quantum Tor

[Kevin Burress]

honestly, ideally it would be a lot easier to do things with tor if it
actually internally followed the unix philosophy and the layers of service
could be used as a part of the linux system and modular use of the parts. I
was just looking at BGP routing over tor. I'm not sure how to do that with
the current implementation over hidden service. I'm having a hard time
working out how to use it as layer 2 and encapsulate things over the
network from one hidden service to another. But i also understand the whole
system is not well funded. I'm glad it has progressed as far as it has
since I had first looked at all of the various deepwebs in 2007. At least
we no longer have to set up privoxy and worry about dns leakage.

On Sun, May 27, 2018 at 3:20 PM, Nick Mathewson 
wrote:

> For current work on postquantum handshake support in Tor, see
> proposals 263, 269, 270, and ticket #24985.
>
> A digression:
>
> Personally, I don't agree that the evidence is so convincing about the
> NSA being able to break 256-bit ECDSA today: if they have it, then
> they'd treat it as a big secret, and not go around cagily implying
> that they had it.  When they brag publicly about their capabilities,
> they're usually not doing so on order to advertise secret advances
> that the world doesn't know about.
>
> Of course, by the same argument, we don't have much evidence that
> there *aren't* scalable quantum computers today.  If somebody has one,
> it makes sense that they would be keeping quiet about it.
>
> And even if there aren't large-scale quantum computers today, we need
> to keep in mind that any future such quantum computer would be able to
> decrypt today's traffic.
>
> So I think the sensible thing to do is to be cautious, and work under
> the assumption that we'll need to move our key exchange to a PQ
> handshake, according to something like the proposals above.
>
> cheers,
> --
> Nick
> --
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsubscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Post Quantum Tor

[Nick Mathewson]

For current work on postquantum handshake support in Tor, see
proposals 263, 269, 270, and ticket #24985.

A digression:

Personally, I don't agree that the evidence is so convincing about the
NSA being able to break 256-bit ECDSA today: if they have it, then
they'd treat it as a big secret, and not go around cagily implying
that they had it.  When they brag publicly about their capabilities,
they're usually not doing so on order to advertise secret advances
that the world doesn't know about.

Of course, by the same argument, we don't have much evidence that
there *aren't* scalable quantum computers today.  If somebody has one,
it makes sense that they would be keeping quiet about it.

And even if there aren't large-scale quantum computers today, we need
to keep in mind that any future such quantum computer would be able to
decrypt today's traffic.

So I think the sensible thing to do is to be cautious, and work under
the assumption that we'll need to move our key exchange to a PQ
handshake, according to something like the proposals above.

cheers,
-- 
Nick
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Post Quantum Tor

[Kevin]

This is worth looking at and I'd fully support such a project.



On 5/26/2018 1:39 AM, Kevin Burress wrote:

Hi,

I was just wondering since the NSA has quantum computers that can break
ECDSA (As they have stated they could break bitcoin in an interview, and
telecomix unlocked Cameron's hard drive.) When is Tor going to be upgraded
to post quantum?

Can we at least hack together an interleaving of RSA and ECDSA with some
secure number of rounds in the interim?



---
This email has been checked for viruses by Avast antivirus software.
https://www.avast.com/antivirus

--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Post Quantum Tor

[Jacki M]

Here is the parent trac ticket for PQ 
https://trac.torproject.org/projects/tor/ticket/24985 


> On May 25, 2018, at 10:39 PM, Kevin Burress  wrote:
> 
> Hi,
> 
> I was just wondering since the NSA has quantum computers that can break
> ECDSA (As they have stated they could break bitcoin in an interview, and
> telecomix unlocked Cameron's hard drive.) When is Tor going to be upgraded
> to post quantum?
> 
> Can we at least hack together an interleaving of RSA and ECDSA with some
> secure number of rounds in the interim?
> -- 
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsubscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Post Quantum Tor

[flipchan]

I think someone wanted to implement supersingular isogeny(misspelled i guess ?) 
diffie hellman but then someone pointed out that it had some flads, i guess 
what we could do is update to curve 448 , i think dont think  they can break 
all kinds of ec doe , and ofc Curve25519 got a big target on its head. I would 
wait for the crypto ppl to wake up and answer this.

On May 26, 2018 5:39:41 AM UTC, Kevin Burress  wrote:
>Hi,
>
>I was just wondering since the NSA has quantum computers that can break
>ECDSA (As they have stated they could break bitcoin in an interview,
>and
>telecomix unlocked Cameron's hard drive.) When is Tor going to be
>upgraded
>to post quantum?
>
>Can we at least hack together an interleaving of RSA and ECDSA with
>some
>secure number of rounds in the interim?
>-- 
>tor-talk mailing list - tor-talk@lists.torproject.org
>To unsubscribe or change other settings go to
>https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

-- 
Take Care Sincerely flipchan layerprox dev
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Post Quantum Tor

[Matthew Kaufman]

This is what I've been wondering as well :) (and with Bitcoin)

On Sat, May 26, 2018 at 12:39 AM, Kevin Burress 
wrote:

> Hi,
>
> I was just wondering since the NSA has quantum computers that can break
> ECDSA (As they have stated they could break bitcoin in an interview, and
> telecomix unlocked Cameron's hard drive.) When is Tor going to be upgraded
> to post quantum?
>
> Can we at least hack together an interleaving of RSA and ECDSA with some
> secure number of rounds in the interim?
> --
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsubscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk