[messaging] Do quantum attacks/algos also lead to compromise of PFS?
Hanno Böck
hanno at hboeck.de
Sun Jan 25 17:37:57 PST 2015
On Sat, 24 Jan 2015 23:02:50 -0800
Tao Effect <contact at taoeffect.com> wrote:
> Does SPHINCS also allow for encryption, or is it for generating
> secure signatures only?
SPHINCS is signatures only.
When you're looking for post quantum encryption you may want to have a
look at ring learning with errors. It's one of the more practical pq
encryption schemes out there. There was a talk at rwc recently:
http://files.douglas.stebila.ca/files/research/presentations/20150108-RWC.pdf
And they even have some TLS cipher suites and code:
https://github.com/dstebila
https://github.com/dstebila/openssl-rlwekex
However it should be considered that they choose pre-quantum security
levels. That means their 128 bit security can not be compared to the
128 bit security of sphincs. It's only 64 bit post-quantum security
taking grovers algorithm into account.
Also: Don't trust it too much. This is an area where the only safe
advice is: more research is needed to know what's secure.
cu,
--
Hanno Böck
http://hboeck.de/
mail/jabber: hanno at hboeck.de
GPG: BBB51E42
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://moderncrypto.org/mail-archive/messaging/attachments/20150126/eac9d617/attachment.sig>
More information about the Messaging
mailing list