Re: QC resistant algorithms?
> This is sort of what I'd gathered from the brief reading I've done > about the situation. I'm sure there's a lot of research going on in > the area and I certainly hope "we beat them to it". If I remember correctly, we definitely already have -- a while ago I saw some paper claiming to be a proof that McEliece was NP-HARD. If that's true, I'm willing to say McEliece is QC-immune, because a QC attack on an NP-HARD problem is currently pretty much unimaginable. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: QC resistant algorithms?
> Long story short, there exist algorithms that are hypothesised tho be > QC-resistant, though as far as I know nothing is proven in that > respect. The one-time pad is proven QC resistant. With respect to hypothesis, remember that *none* of the ciphers in OpenPGP are proven to be resistant against even classical computers, and we won't until there's a solid proof that P != NP. QC-resistant algorithms are in much the same state: a formal proof that an algorithm was QC-resistant would be breathtaking and shocking, and possibly on the level of a P != NP proof. > Those that do exist, there's still a substantial possibility > that they'll be broken. Some. Others look quite solid -- e.g., Lamport signatures. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: QC resistant algorithms?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 12/16/2015 2:14 PM, Lachlan Gunn wrote: > Long story short, there exist algorithms that are hypothesised tho > be QC-resistant, though as far as I know nothing is proven in that > respect. Those that do exist, there's still a substantial > possibility that they'll be broken. Key and signature sizes are > generally large, kilobytes to megabytes. > > Certainly nothing is standardised, let alone being ready to go into > OpenPGP. > > This is all outside of my area, so someone please correct me if I'm > way off. This is sort of what I'd gathered from the brief reading I've done about the situation. I'm sure there's a lot of research going on in the area and I certainly hope "we beat them to it". -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJWccf1AAoJEAKK33RTsEsV8dgP/03RIj2PId9g8WXMKlyC8ZtF uC2P+TKaNOJk+p3IkuGE7ot7+eqskyPfAemhpYERqsJksAUg834zrHDMwYVryARy HtZGopBRyBKrW9i9gP/CNU9vDSzXULW01C4x5nzotlwviK3JEXhln5MTr76Ll9w8 gzBaB362Qfu4gs35UY5tFr+c6G5mlNmDkPL94ihjw7aQdgp8bqZH1E56BUGIry9b jdzP5TiZcdlh6+aqL5p6wiQ/fiJJ+5pPd+mmlqFVIvDABHAjOTfdsPi2NRe/NnHl 1IG7Ooa16MmKWkycFqvlCZull/hQjMVrIquwLIMH0+rlt4w7WhweJGMZ22D0ebru Nq8P04v3WqgO+Teyur0/DvCIu/L6OBqOxUWnm+RYCQyDUtCpeYZ/lDdckFnqzQWt l1Ge0gbb9TLkv5waOxw0kaXKvUQyRisyJ+pM3nHu4rs36yFM+fMIiRoZl0zLIV0G ba1ucJziTiU307kkQD+pnQQSCHd8tcFt225EpXXNzjcqX9s+rnSQicoupFv+uy0C VX9AdFoWkX2evUPScYMOZdfBL+OFHVaOHDXrZNpHXXVLBp9hncsP1cg71y3fo3kd ff87wiz5/bbQ3/2UBtdAXqVwxdD2MGATrpKDLucJanR3XEnkVXjv4r7ixwjoxryp oNBWxSS+TynaZDHP+xbU =8Uxp -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: QC resistant algorithms?
On Wednesday 16 December 2015 13:41:00 Anthony Papillion wrote: > While I know it's not a big concern at the moment, we are well on the > way to a future that includes quantum computing. While some in the > computer science and crypto fields say we won't see a crypto breaking > quantum computer for another 30+ years, others are putting it closer > to 10 and even 5-6. > > Regardless of what the actual timeframe is, I'm wondering what work is > being done in GnuPG to implement QC resistant asymmetric algorithms? > Perhaps a better question, and I have done very little research into > this specifically I admit, /are/ there any QC resistant asymmetric > algorithms to implement or will we need to come up with something > completely different? Yes. You might want to continue your research at https://en.wikipedia.org/wiki/Post-quantum_cryptography Regards, Ingo signature.asc Description: This is a digitally signed message part. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: QC resistant algorithms?
Long story short, there exist algorithms that are hypothesised tho be QC-resistant, though as far as I know nothing is proven in that respect. Those that do exist, there's still a substantial possibility that they'll be broken. Key and signature sizes are generally large, kilobytes to megabytes. Certainly nothing is standardised, let alone being ready to go into OpenPGP. This is all outside of my area, so someone please correct me if I'm way off. Thanks, Lachlan ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
QC resistant algorithms?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 While I know it's not a big concern at the moment, we are well on the way to a future that includes quantum computing. While some in the computer science and crypto fields say we won't see a crypto breaking quantum computer for another 30+ years, others are putting it closer to 10 and even 5-6. Regardless of what the actual timeframe is, I'm wondering what work is being done in GnuPG to implement QC resistant asymmetric algorithms? Perhaps a better question, and I have done very little research into this specifically I admit, /are/ there any QC resistant asymmetric algorithms to implement or will we need to come up with something completely different? Anthony - -- Phone: 1.845.666.1114 Skype: cajuntechie PGP Key:0x028ADF7453B04B15 Fingerprint:C5CE E687 DDC2 D12B 9063 56EA 028A DF74 53B0 4B15 -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJWcb5LAAoJEAKK33RTsEsVplkP/RMkSuX5mPHJoetvkui/1scJ /g2VyHhZz7L2YMwOpXdDxmN40/6aFIopNcBt1DvnRqG9SFeVKIRFW9ndIhr2GhFk DSQPpQrunK5xSERgw+PKIvECsJoaEB2uG3wV/us7wuqd8d2iqnFVNtM8OFqiUp6e rz9T8XAgZg/2pKJDt3XFjRhq8E1rUbm1Sby3I0DwZwRefc+lDA+Iju19G5BYuUn1 oklCwLadpg/6+qngXzUaXSjGLNEl6UEK7NumBuDW68x1M9D4xBHXDuH1NbHTzEjB UuL2kzb5bLZpnQSYL1n259p+PWzQnX/V/HvwWahh/+wkcpPjMo3RMpt/Q2Z9Zm74 vn1Ob54rUaWqcl5b03Hy7mvXZW/ZHADwv2rKnjUEvxeKpF7yakgk9iK7U5J/iGFB O/9BEEkc834sZ/iZRwTUQPKurDZ+We4/kW8jNfCcZmDl7lIiCXGGr91leMRYflLR kc+8rS+7iRA9u4EH/hPWJ1iqERQt/0brfN4YvrEpUQWGtaXboRQJk3pTRV7WB4oH 367nJEEwPp0JnviFVD1PN4MoLYtIFkatEcIvku6s+gxWsVRkkEUqdNKRA5kKY/Sb 3zAKEjpcW03hc/h+0KvYSRGUOYCcB4y3PM+P/cwYRAU9lBcZJ5jEKbAkCJR7I11F ek76H2BMUuVqmxPVtGIN =eH5A -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users