Last year, my position was that we still had time to design PQ authentication mechanisms.
-
Last year, my position was that we still had time to design PQ authentication mechanisms.
Now, based on the pace of progress and on statements like Google's, I believe:
1. we need to finish rolling out PQ key exchange yesterday
2. we need to start rolling out PQ auth now
3. it's too late to ship any new non-PQ design or systemhttps://blog.google/innovation-and-ai/technology/safety-security/cryptography-migration-timeline/
-
Last year, my position was that we still had time to design PQ authentication mechanisms.
Now, based on the pace of progress and on statements like Google's, I believe:
1. we need to finish rolling out PQ key exchange yesterday
2. we need to start rolling out PQ auth now
3. it's too late to ship any new non-PQ design or systemhttps://blog.google/innovation-and-ai/technology/safety-security/cryptography-migration-timeline/
@filippo I like their aggressive timeline, but I'm not sure there's any specific argument or reason that explains why it should be expedited. Am I missing something?
-
Last year, my position was that we still had time to design PQ authentication mechanisms.
Now, based on the pace of progress and on statements like Google's, I believe:
1. we need to finish rolling out PQ key exchange yesterday
2. we need to start rolling out PQ auth now
3. it's too late to ship any new non-PQ design or systemhttps://blog.google/innovation-and-ai/technology/safety-security/cryptography-migration-timeline/
@filippo Interesting, I just cam across https://infosec.exchange/@mttaggart/116163107290977793 the other day, basically saying that it won't be feasible any time soon.
-
@filippo I like their aggressive timeline, but I'm not sure there's any specific argument or reason that explains why it should be expedited. Am I missing something?
-
Last year, my position was that we still had time to design PQ authentication mechanisms.
Now, based on the pace of progress and on statements like Google's, I believe:
1. we need to finish rolling out PQ key exchange yesterday
2. we need to start rolling out PQ auth now
3. it's too late to ship any new non-PQ design or systemhttps://blog.google/innovation-and-ai/technology/safety-security/cryptography-migration-timeline/
@filippo You got me interested to know what it would look like in authorized_keys, and can it be this short! Looks neat.
ssh-mldsa44-ed25519 434f4d505349472d4d4c44534134342d456432353531392d534841353132
https://datatracker.ietf.org/doc/draft-sun-ssh-composite-sigs/02/
-
@filippo I like their aggressive timeline, but I'm not sure there's any specific argument or reason that explains why it should be expedited. Am I missing something?
Scott Aaronson writes:
"I’m going to close this post with a warning. When Frisch and Peierls wrote their now-famous memo in March 1940, estimating the mass of Uranium-235 that would be needed for a fission bomb, they didn’t publish it in a journal, but communicated the result through military channels only. As recently as February 1939, Frisch and Meitner had published in Nature their theoretical explanation of recent experiments, showing that the uranium nucleus could fission when bombarded by neutrons. But by 1940, Frisch and Peierls realized that the time for open publication of these matters had passed.
"Similarly, at some point, the people doing detailed estimates of how many physical qubits and gates it’ll take to break actually deployed cryptosystems using Shor’s algorithm are going to stop publishing those estimates, if for no other reason than the risk of giving too much information to adversaries. Indeed, for all we know, that point may have been passed already. This is the clearest warning that I can offer in public right now about the urgency of migrating to post-quantum cryptosystems, a process that I’m grateful is already underway."
-
Last year, my position was that we still had time to design PQ authentication mechanisms.
Now, based on the pace of progress and on statements like Google's, I believe:
1. we need to finish rolling out PQ key exchange yesterday
2. we need to start rolling out PQ auth now
3. it's too late to ship any new non-PQ design or systemhttps://blog.google/innovation-and-ai/technology/safety-security/cryptography-migration-timeline/
@filippo @cryptohagen are you following this?
-
R relay@relay.mycrowd.ca shared this topic
