There are post-quantum public key cryptograph in Go ? or binds to Go? Thanks.
160 views
Skip to first unread message
Daniel Norte Moraes
Jun 7, 2019, 7:35:18 PM6/7/19
to golang-nuts
HI!
There are post-quantum public key cryptograph in Go ? or binds to Go?
My need is just keys creation, encryption and decryption.
Many Thanks in Advance!
Michael Jones
Jun 7, 2019, 8:23:19 PM6/7/19
to Daniel Norte Moraes, golang-nuts
Your question is maybe a decade premature. Post-quantum cryptography, as in, “now that quantum encryption is here and understood, we have tools to build public key mechanisms provably safe for 50+ years in this post-quantum environment,” is mostly a sentence from the future.
I have patents pending in related areas, have investments in a working satellite-based quantum entanglement key distribution and security service, and have had conversations with S&T leaders in a certain three letter agency — but even so, it still feels like baby steps into a vast and not yet understood frontier. Relatedly but different, I keep a database of numbers factored publicly by quantum computers and keep tabs on the subject...as of today, even the biggest of these are numbers Fermat could have done by hand.
So, it will be interesting to see what kind of answers you get to your question. If anyone has a solid, “yes I know just what to do” then bravo! the world will beat a path to their door. (Beat here is in the metaphorical sense of “blaze a trail through the jungle to reach you” as well as the ominous “beat the answer out of you in the name of national security” sense.)
--
You received this message because you are subscribed to the Google Groups "golang-nuts" group.
To unsubscribe from this group and stop receiving emails from it, send an email to golang-nuts...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/golang-nuts/40279401-f23c-4960-a46a-95a0c6732049%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Michael T. Jones
michae...@gmail.com
michae...@gmail.com
Marcin Romaszewicz
Jun 8, 2019, 2:37:54 AM6/8/19
to Michael Jones, Daniel Norte Moraes, golang-nuts
The NIST publishes some recommendations for applied cryptography, and they've amended their recommendations recently away from some quantum-weak algorithms. Here's a good starting point for reading.
Your biggest cryptography problems for the next decade or two will be how to actually properly apply cryptography. The algorithms aren't your weak point, operational security around them is the weak point. I spent the last few years in this domain.
No mainstream cyphers are currently quantum resistant, but there is work with elliptic curves which looks promising. Put another way, Shor's and Grover's algorithms break all mainstream public key cryptography, however, lots of symmetric algorithms are not currently known to be quantum weak, but the difficulty is now key exchange (swapping USB sticks under a bridge is quantum resistant :) ). Also, I wrote that carefully - "not known" to be quantum weak, meaning that we don't know if an algorithm exists yet which could break it, but it could in the future. The super short version: use AES 256 and you'll be fine for a long time. Be careful with how you exchange keys.
-- Marcin
Your biggest cryptography problems for the next decade or two will be how to actually properly apply cryptography. The algorithms aren't your weak point, operational security around them is the weak point. I spent the last few years in this domain.
No mainstream cyphers are currently quantum resistant, but there is work with elliptic curves which looks promising. Put another way, Shor's and Grover's algorithms break all mainstream public key cryptography, however, lots of symmetric algorithms are not currently known to be quantum weak, but the difficulty is now key exchange (swapping USB sticks under a bridge is quantum resistant :) ). Also, I wrote that carefully - "not known" to be quantum weak, meaning that we don't know if an algorithm exists yet which could break it, but it could in the future. The super short version: use AES 256 and you'll be fine for a long time. Be careful with how you exchange keys.
-- Marcin
To view this discussion on the web visit https://groups.google.com/d/msgid/golang-nuts/CALoEmQw2iRK8%2BjKMstM%3DvU7CGA27LMt11tYu_pa%2BPohSc2VK%3Dg%40mail.gmail.com.
Daniel Norte Moraes
Jun 8, 2019, 1:16:59 PM6/8/19
to golang-nuts
Nist have a second round for list post-quantum resistent cryptos, if someone dont't have a new one, a bind in go for this list is Wellcome. :-)
Em sexta-feira, 7 de junho de 2019 21:23:19 UTC-3, Michael Jones escreveu:
Your question is maybe a decade premature. Post-quantum cryptography, as in, “now that quantum encryption is here and understood, we have tools to build public key mechanisms provably safe for 50+ years in this post-quantum environment,” is mostly a sentence from the future.I have patents pending in related areas, have investments in a working satellite-based quantum entanglement key distribution and security service, and have had conversations with S&T leaders in a certain three letter agency — but even so, it still feels like baby steps into a vast and not yet understood frontier. Relatedly but different, I keep a database of numbers factored publicly by quantum computers and keep tabs on the subject...as of today, even the biggest of these are numbers Fermat could have done by hand.So, it will be interesting to see what kind of answers you get to your question. If anyone has a solid, “yes I know just what to do” then bravo! the world will beat a path to their door. (Beat here is in the metaphorical sense of “blaze a trail through the jungle to reach you” as well as the ominous “beat the answer out of you in the name of national security” sense.)
On Fri, Jun 7, 2019 at 4:35 PM Daniel Norte Moraes <daniel...@gmail.com> wrote:
HI!There are post-quantum public key cryptograph in Go ? or binds to Go?My need is just keys creation, encryption and decryption.Many Thanks in Advance!--
You received this message because you are subscribed to the Google Groups "golang-nuts" group.
To unsubscribe from this group and stop receiving emails from it, send an email to golan...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/golang-nuts/40279401-f23c-4960-a46a-95a0c6732049%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Daniel Norte Moraes
Jun 8, 2019, 1:21:25 PM6/8/19
to golang-nuts
Hi! the aes256-ctr is secure iff the exchange of keys is secure. the exchange keys need use a post-quantum algorithm for this,
that in turn return to need for a post-quantum crypto. The nist list is a good list to find someone bind or pure go version. :-)
Thanks! :-)
Em sábado, 8 de junho de 2019 03:37:54 UTC-3, Marcin Romaszewicz escreveu:
The NIST publishes some recommendations for applied cryptography, and they've amended their recommendations recently away from some quantum-weak algorithms. Here's a good starting point for reading.
Your biggest cryptography problems for the next decade or two will be how to actually properly apply cryptography. The algorithms aren't your weak point, operational security around them is the weak point. I spent the last few years in this domain.
No mainstream cyphers are currently quantum resistant, but there is work with elliptic curves which looks promising. Put another way, Shor's and Grover's algorithms break all mainstream public key cryptography, however, lots of symmetric algorithms are not currently known to be quantum weak, but the difficulty is now key exchange (swapping USB sticks under a bridge is quantum resistant :) ). Also, I wrote that carefully - "not known" to be quantum weak, meaning that we don't know if an algorithm exists yet which could break it, but it could in the future. The super short version: use AES 256 and you'll be fine for a long time. Be careful with how you exchange keys.
-- Marcin
On Fri, Jun 7, 2019 at 5:23 PM Michael Jones <michae...@gmail.com> wrote:
Your question is maybe a decade premature. Post-quantum cryptography, as in, “now that quantum encryption is here and understood, we have tools to build public key mechanisms provably safe for 50+ years in this post-quantum environment,” is mostly a sentence from the future.I have patents pending in related areas, have investments in a working satellite-based quantum entanglement key distribution and security service, and have had conversations with S&T leaders in a certain three letter agency — but even so, it still feels like baby steps into a vast and not yet understood frontier. Relatedly but different, I keep a database of numbers factored publicly by quantum computers and keep tabs on the subject...as of today, even the biggest of these are numbers Fermat could have done by hand.So, it will be interesting to see what kind of answers you get to your question. If anyone has a solid, “yes I know just what to do” then bravo! the world will beat a path to their door. (Beat here is in the metaphorical sense of “blaze a trail through the jungle to reach you” as well as the ominous “beat the answer out of you in the name of national security” sense.)
On Fri, Jun 7, 2019 at 4:35 PM Daniel Norte Moraes <daniel...@gmail.com> wrote:
HI!There are post-quantum public key cryptograph in Go ? or binds to Go?My need is just keys creation, encryption and decryption.Many Thanks in Advance!--
You received this message because you are subscribed to the Google Groups "golang-nuts" group.
To unsubscribe from this group and stop receiving emails from it, send an email to golan...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/golang-nuts/40279401-f23c-4960-a46a-95a0c6732049%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
----Michael T. Jones
michae...@gmail.com
You received this message because you are subscribed to the Google Groups "golang-nuts" group.
To unsubscribe from this group and stop receiving emails from it, send an email to golan...@googlegroups.com.
Reply all
Reply to author
Forward
0 new messages