Date: Fri, 22 Jan 2016 11:57:42 -0500 From: Steve Grubb <sgrubb@...hat.com> To: oss-security@...ts.openwall.com Cc: Andrew Gallagher <andrewg@...rewg.com> Subject: Re: Re: Prime example of a can of worms On Thursday, January 21, 2016 06:43:16 PM Andrew Gallagher wrote: > On Thu, 21 Jan 2016 10:15:55 -0500 Steve Grubb wrote: > > Hallway discussions mentioned that ECC is dead due to trust issues > > and fuzzy IP issues which slowed vendor uptake. There was a mention > > of RSA officially being allowed to go to 16k key sizes. > > Was there any mention of the relative ease of quantum attacks against > ECC compared to classically-equivalent RSA? Yes. At one time ECC looked good because it offered comparable strength with fewer operations so it was faster in the age of slower CPUs. Now, the threat has changed and people are looking over the not too distant future at how best to provide some resistance in the face of a very different landscape. Things that are computationally expensive start looking better. The slide on page 9 kind of shows the concern. The leftover part of rectangle X not covered by rectangle Z means spilled secrets. To my mind, one of the things that we as an open source community need to think hard about is how we are going to protect data in the Quantum computing age. If many of the new QR algorithms get patented, where does that leave us? Its kinda like ECC all over again except this time the consequences are much more dire because there may not be any IP unencumbered algorithm to jump to. I certainly hope that won't be the case. -Steve >  That was suggested on a couple of discussion groups as a possible > motivation for the newly rekindled RSA love. > >  http://arxiv.org/abs/quant-ph/0301141 Download attachment "signature.asc" of type "application/pgp-signature" (182 bytes)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ