Re: [cryptography] Do quantum attacks/algos also lead to compromise of PFS?
Den 24 jan 2015 22:06 skrev Greg g...@kinostudios.com: So, I understand that QM algos can pretty much dismantle all popular asymmetric encryption algos with enough q-bits, but I haven't thought hard enough to see if they also can be used to compromise communications that used DH to do PFS underneath the initial handshake. Side question: is this the right list to ask this on, or is there other ones I should try? (Is CFRG appropriate? Metzdowd is annoying with its long moderation times...) Key exchange like DH simplifies PFS but isn't strictly necessary. A mechanism with temporary public keys where your main keys only sign the temporary keys, and the temporary keys are used for exchange of nonces to generate session keys (there are presumed quantum secure public key algorithms!), would be sufficient as well if you delete the temporary public keys the way DH secrets in regular PFS key exchanges are deleted afterwards. There are many hash based signature algorithms, and other types of public key algorithms like lattice based and many others. ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] Do quantum attacks/algos also lead to compromise of PFS?
Thanks Natanael! What I'm gathering from here and [messaging] is that yes, OTR doesn't seem seem to be future-secure, and PFS isn't perfect (with the way it's usually implemented today), *but* there do seem to be possible solutions to this problem, if we can trust what the math/physics folks are saying. -g -- Please do not email me anything that you are not comfortable also sharing with the NSA. On Jan 24, 2015, at 1:13 PM, Natanael natanae...@gmail.com wrote: Den 24 jan 2015 22:06 skrev Greg g...@kinostudios.com: So, I understand that QM algos can pretty much dismantle all popular asymmetric encryption algos with enough q-bits, but I haven't thought hard enough to see if they also can be used to compromise communications that used DH to do PFS underneath the initial handshake. Side question: is this the right list to ask this on, or is there other ones I should try? (Is CFRG appropriate? Metzdowd is annoying with its long moderation times...) Key exchange like DH simplifies PFS but isn't strictly necessary. A mechanism with temporary public keys where your main keys only sign the temporary keys, and the temporary keys are used for exchange of nonces to generate session keys (there are presumed quantum secure public key algorithms!), would be sufficient as well if you delete the temporary public keys the way DH secrets in regular PFS key exchanges are deleted afterwards. There are many hash based signature algorithms, and other types of public key algorithms like lattice based and many others. signature.asc Description: Message signed with OpenPGP using GPGMail ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] Do quantum attacks/algos also lead to compromise of PFS?
On 1/24/2015 3:56 PM, Greg wrote: So, I understand that QM algos can pretty much dismantle all popular asymmetric encryption algos with enough q-bits, but I haven't thought hard enough to see if they also can be used to compromise communications that used DH to do PFS underneath the initial handshake. Side question: is this the right list to ask this on, or is there other ones I should try? (Is CFRG appropriate? Metzdowd is annoying with its long moderation times...) Thanks, Greg -- Please do not email me anything that you are not comfortable also sharing with the NSA. ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography I believe Grover's algorithm is the quickist at doing what you are talking about. -- Kevin --- This email is free from viruses and malware because avast! Antivirus protection is active. http://www.avast.com ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
