Re: [openssl-users] Lattice Ciphers

2017-12-17 Thread Colony.three via openssl-users 
> - I find that Firefox refuses to do any ephemeral ciphers whatsoever.  What 
> the heck?  Why am I surprised.  Somebody paid them.
>
> I don’t know what server you are testing against, but FF does ECDHE all the 
> time with no problems.

I should have said, "I find that Firefox refuses to do any ephemeral ciphers 
whatsoever, which are not elliptic curve. (referring to DHE, EDH, et al)  What 
the heck?  Why am I surprised.  Somebody paid them.   Firefox insists on EC."

> - If you follow Schnieder, elliptic curve is not an option.
>
> That’s interesting, you have a reference for that?

Certainly.  Below.

> - I know you guys are severely underfunded, but is there any chance that 
> lattice encryption will be coming soon?  I've searched until my face turned 
> blue.
>
> We will most likely follow the IETF recommendation and see what the NIST 
> post-quantum work comes up with.  That’s my personal opinion, not necessarily 
> that of the whole time.

In August 2015, the NSA announced that it is planning to introduce a list of 
approved crypto methods that would resist quantum computers.  In April 2017, 
NIST naturally followed suit, starting a public vetting process which will last 
4 to 6 years.  Needless to say, I am hoping that there will be lattice 
open-source alternatives which are not based on NIST algos.  I do enterprise 
infosec, and if the NSA can do it, KGB probably has similar methods, not to 
mention Russian, Israeli, & Chinese haqxors, the Norks, corporate operations, 
and so on.  Any crypto weakening, whether through flaw or Intent, is the wrong 
thing.

G**gle's [Eric Schmidt 
says](https://en.wikipedia.org/wiki/Eric_Schmidt#Privacy), "If you have 
something that you don't want anyone to know, maybe you shouldn't be doing it 
in the first place.  This is a profoundly undemocratic attitude.  What would 
Thomas Paine, or Ben Franklin, or Patrick Henry say to this?

> On Sun, Dec 17, 2017 at 3:58 PM, Salz, Rich via openssl-users
>
> openssl-users@openssl.org wrote:
>
>>> If you follow Schnieder, elliptic curve is not an option.
>>
>> That’s interesting, you have a reference for that?
>>
>> I'm guessing OP's referring to "Applied Cryptography, 2nd Edition".
>> There was one page on elliptical curve cryptography, and it didn't
>> give any real information on what it was, what problem it uses (the
>> discrete logarithm problem), how it's used, or how DH is adapted to
>> use it. The book was pretty much entirely against software patents,
>> and because ECC had been freshly patented it seemed to be much more
>> scary about the topic than it should have been.

No:  
https://www.theguardian.com/world/2013/sep/05/nsa-how-to-remain-secure-surveillance
 ... and many more Schnier articles.  He puts out a monthly newsletter.

The NSA actually provided the elliptic curves for NIST's standards.  And the 
Snowden docs now show that those curves are related.

(Unfortunately Schnier's own website doesn't take his advice for some reason -- 
he's busy)

Also Apache is not actually enforcing server-ordering of ciphers BTW, but NginX 
does.

PS - does OpenSSL get funding from the DoD?-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Lattice Ciphers

2017-12-17 Thread Kyle Hamilton 
On Sun, Dec 17, 2017 at 3:58 PM, Salz, Rich via openssl-users
 wrote:

>> If you follow Schnieder, elliptic curve is not an option.
>
> That’s interesting, you have a reference for that?

I'm guessing OP's referring to "Applied Cryptography, 2nd Edition".
There was one page on elliptical curve cryptography, and it didn't
give any real information on what it was, what problem it uses (the
discrete logarithm problem), how it's used, or how DH is adapted to
use it.  The book was pretty much entirely against software patents,
and because ECC had been freshly patented it seemed to be much more
scary about the topic than it should have been.

-Kyle H
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Lattice Ciphers

2017-12-17 Thread Salz, Rich via openssl-users 
  *   I find that Firefox refuses to do any ephemeral ciphers whatsoever.  What 
the heck?  Why am I surprised.  Somebody paid them.

I don’t know what server you are testing against, but FF does ECDHE all the 
time with no problems.



  *   If you follow Schnieder, elliptic curve is not an option.

That’s interesting, you have a reference for that?



  *   I know you guys are severely underfunded, but is there any chance that 
lattice encryption will be coming soon?  I've searched until my face turned 
blue.

We will most likely follow the IETF recommendation and see what the NIST 
post-quantum work comes up with.  That’s my personal opinion, not necessarily 
that of the whole time.
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

[openssl-users] Lattice Ciphers

2017-12-17 Thread Colony.three via openssl-users 
I find that Firefox refuses to do any ephemeral ciphers whatsoever.  What the 
heck?  Why am I surprised.  Somebody paid them.

If you follow Schnieder, elliptic curve is not an option.

I know you guys are severely underfunded, but is there any chance that lattice 
encryption will be coming soon?  I've searched until my face turned blue.-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users