Re: A promotional idea (related to quantum computing / hacking)
> I don't think OpenBSD wants to "profile itself" as anything. Really? "Our efforts emphasize portability, standardization, correctness, proactive security and integrated cryptography." Don't you think the above statement signifies profiling? IMHO, proactive security could very well include the idea of implementing post-quantum cryptography, in order to make the OS immune to quantum computing era we're soon about to enter. > Are post-quantum algorithms well reviewed and stable enough to be worth > using as defaults for OpenBSD full disk encryption, OpenSSH, > LibreSSL...? Did you read the Wikipedia article I linked in my original e-mail? "In contrast to the threat quantum computing poses to current public-key algorithms, most current symmetric cryptographic algorithms and hash functions are considered to be relatively secure against attacks by quantum computers.[2][7] While the quantum Grover's algorithm does speed up attacks against symmetric ciphers, doubling the key size can effectively block these attacks.[8] Thus post-quantum symmetric cryptography does not need to differ significantly from current symmetric cryptography." In other words, since Grover's algorithm (https://en.wikipedia.org/wiki/Grover%27s_algorithm) mostly affects asymmetric cryptography, in many areas the only change / enhancement needed is to use long enough encryption keys. This would apply to, for example, OpenBSD hard drive encryption. > Do you or anyone else have the expertise to implement them? Yes, I have: by simply choosing to use longer keys than before in symmetric cryptography. It seems to me you assume post-quantum cryptography means jumping to using some new, fringe algorithms. As explained in the Wikipedia article, that is not the case at least when it comes to symmetric encryption. And when it comes to asymmetric algorithms used, for example, by TLS, even there many people and some rather influential organizations are already working to find solutions -- for example: "Initially, NIST selected 82 candidates for further consideration from all submitted algorithms. At the beginning of 2019, this process entered its second stage. Today, there are 26 algorithms still in contention" https://blog.cloudflare.com/towards-post-quantum-cryptography-in-tls/ "The Transport Layer Security (TLS) protocol is one of the most widely-used security protocols in use today; it protects the information exchanged between web clients and servers all around the world. TLS is secure against today’s classical computers, however as its security relies in part on asymmetric cryptography, TLS is unfortunately vulnerable to attacks in the future from quantum computers." https://www.microsoft.com/en-us/research/project/post-quantum-tls/ Use Google. https://scholar.google.com.ph/scholar?hl=en=post+quantum+cryptography+algorithms -j. -- +358-404-177133 (WhatsApp) jyri.hov...@turvamies.fi
Re: A promotional idea (related to quantum computing / hacking)
On Sat, Oct 26, 2019 at 12:29:41PM +0200, Peter J. Philipp wrote: > > On 2019-10-26 12:03, Frank Beuth wrote: > > On Sat, Oct 26, 2019 at 02:53:42PM +0800, Jyri Hovila [Turvamies.fi] > > wrote: > > > Maybe OpenBSD could profile itself as *the* OS with all crypto > > > related stuff is handled using post-quantum cryptography? > > > > I don't think OpenBSD wants to "profile itself" as anything. > > > > Are post-quantum algorithms well reviewed and stable enough to be worth > > using as defaults for OpenBSD full disk encryption, OpenSSH, > > LibreSSL...? > > > > Do you or anyone else have the expertise to implement them? > > > In no way I'm an authority on the subject. I have been interested by this > though and have bought two books on post-quantum cryptography (one is not > delivered yet, it will be published in November). The one book written by > DJB has a table on page 16 which I'd like to share: > > RSA->broken, Diffie Helman->broken, Elliptic curve->broken, > Buchman-Williams->broken,Algebraic Homomorphic->broken by quantum systems > > This leaves McEliece public key, NTRU public key and Lattice based public > keys as unbroken by quantum systems. > > All in theory as this book was written in 2010. I'm opening my eyes though > to the quantum threat. > > The unbroken systems may have behaviour much different from RSA (as an > example) and the OpenSSH code would perhaps need huge refactoring in > protocol exchange than before. > > Maybe someone should be sponsored to do the grunt work with some of the > donation money that OpenBSD is showered with, or maybe someone will do it > for free. Good luck to all the programmers involved! One day it will have > to be done, let's hope before the break-ins to important hosts. > I see a whole lot of assumptions here. First, mathmeticians have recently solved with "ordinary" computers one of the "only a quantum computer" can solve proposed computations. Perhaps they will keep solving such problems as more mathematical theories develop. The ideas behind quantum computing itself may serve as inspirations. Second, that we will actually be able to get an actual functioning quantum computer that works. So far the need to deal with errors is a major obstacle. Even this may prove to be an unsolvable downfall. We keep discovering new physics. Maybe this is a dead end idea? Too much vinegar and not enough honey to catch the flies? Third, that such a computer proves far to expensive to actually build at a usable level. A 300 trillion dollar unit. Who would fork over that much? Fourth, that perhaps we may find ways to vastly empower regular computers far beyond today's level. A quantum computer itself may become seen as a waste of time and never leave the laboratories. Science, math, physics, etc. are an always moving target. I have a hunch that things are not going to end up where we are guessing they will. We have "phasers", we don't have transporters. We do have the Internet. Nobody saw that one coming except as a vague sorta weak idea. For now, no hardware = no software = no developers. Tomorrow, who knows? Could be pretty cool. Today, genuine work needs to get done. Please help. Best regards, Chris Bennett
Re: A promotional idea (related to quantum computing / hacking)
On 2019-10-26 12:03, Frank Beuth wrote: On Sat, Oct 26, 2019 at 02:53:42PM +0800, Jyri Hovila [Turvamies.fi] wrote: Maybe OpenBSD could profile itself as *the* OS with all crypto related stuff is handled using post-quantum cryptography? I don't think OpenBSD wants to "profile itself" as anything. Are post-quantum algorithms well reviewed and stable enough to be worth using as defaults for OpenBSD full disk encryption, OpenSSH, LibreSSL...? Do you or anyone else have the expertise to implement them? In no way I'm an authority on the subject. I have been interested by this though and have bought two books on post-quantum cryptography (one is not delivered yet, it will be published in November). The one book written by DJB has a table on page 16 which I'd like to share: RSA->broken, Diffie Helman->broken, Elliptic curve->broken, Buchman-Williams->broken,Algebraic Homomorphic->broken by quantum systems This leaves McEliece public key, NTRU public key and Lattice based public keys as unbroken by quantum systems. All in theory as this book was written in 2010. I'm opening my eyes though to the quantum threat. The unbroken systems may have behaviour much different from RSA (as an example) and the OpenSSH code would perhaps need huge refactoring in protocol exchange than before. Maybe someone should be sponsored to do the grunt work with some of the donation money that OpenBSD is showered with, or maybe someone will do it for free. Good luck to all the programmers involved! One day it will have to be done, let's hope before the break-ins to important hosts. Regards, -peter
Re: A promotional idea (related to quantum computing / hacking)
On Sat, Oct 26, 2019 at 02:53:42PM +0800, Jyri Hovila [Turvamies.fi] wrote: Maybe OpenBSD could profile itself as *the* OS with all crypto related stuff is handled using post-quantum cryptography? I don't think OpenBSD wants to "profile itself" as anything. Are post-quantum algorithms well reviewed and stable enough to be worth using as defaults for OpenBSD full disk encryption, OpenSSH, LibreSSL...? Do you or anyone else have the expertise to implement them?
A promotional idea (related to quantum computing / hacking)
Hi everyone! The world is talking about Google's claimed break-through in quantum computing. Even if their achievement is real or not, the fact is, that some day relatively soon "we" (starting from mega corporations and government agencies) will have a functional quantum computer in their hands. Many are, for a good reason, worried about the near-future reliability of current encryption algorithms. Maybe OpenBSD could profile itself as *the* OS with all crypto related stuff is handled using post-quantum cryptography? https://en.wikipedia.org/wiki/Post-quantum_cryptography -j. -- +358-404-177133 (WhatsApp) jyri.hov...@turvamies.fi