Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <41532875.k1hQz0ZxHK@x2>
Date: Fri, 22 Jan 2016 11:57:42 -0500
From: Steve Grubb <sgrubb@...hat.com>
To: oss-security@...ts.openwall.com
Cc: Andrew Gallagher <andrewg@...rewg.com>
Subject: Re: Re: Prime example of a can of worms

On Thursday, January 21, 2016 06:43:16 PM Andrew Gallagher wrote:
> On Thu, 21 Jan 2016 10:15:55 -0500 Steve Grubb wrote:
> > Hallway discussions mentioned that ECC is dead due to trust issues
> > and fuzzy IP issues which slowed vendor uptake. There was a mention
> > of RSA officially being allowed to go to 16k key sizes.
> 
> Was there any mention of the relative ease of quantum attacks against
> ECC compared to classically-equivalent RSA? 

Yes. At one time ECC looked good because it offered comparable strength with 
fewer operations so it was faster in the age of slower CPUs. Now, the threat 
has changed and people are looking over the not too distant future at how best 
to provide some resistance in the face of a very different landscape. Things 
that are computationally expensive start looking better. The slide on page 9 
kind of shows the concern. The leftover part of rectangle X not covered by 
rectangle Z means spilled secrets.

To my mind, one of the things that we as an open source community need to 
think hard about is how we are going to protect data in the Quantum computing 
age. If many of the new QR algorithms get patented, where does that leave us? 
Its kinda like ECC all over again except this time the consequences are much 
more dire because there may not be any IP unencumbered algorithm to jump to. I 
certainly hope that won't be the case.

-Steve


> [1] That was suggested on a couple of discussion groups as a possible
> motivation for the newly rekindled RSA love.
> 
> [1] http://arxiv.org/abs/quant-ph/0301141

Download attachment "signature.asc" of type "application/pgp-signature" (182 bytes)

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.