Microsoft Adds Post-Quantum Cryptography To an OpenVPN Fork (bleepingcomputer.com) 44
An anonymous reader writes: Microsoft recently published an interesting open source project called "PQCrypto-VPN" that implements post-quantum cryptography (PQC) within OpenVPN. Being developed by the Microsoft Research Security and Cryptography group, as part of their research into post-quantum cryptography, this fork is being used to test PQC algorithms and their performance and functionality when used with VPNs.
Microsoft's PQCrypto-VPN is published on Github and allows anyone to build an OpenVPN implementation that can encrypt communications using three different post-quantum cryptography protocols, with more coming as they are developed. These protocols are: (1) Frodo: a key exchange protocol based on the learning with errors problem (2) SIKE: a key exchange protocol based on Supersingular Isogeny Diffie-Hellman and (3) Picnic: a signature algorithm using symmetric-key primitives and non-interactive zero-knowledge proofs.
Picnic is already broken. (Score:5, Funny)
Picnic might be secure from quantum computers.
But its basket structures are clearly vulnerable to bear based attacks where the attacker is mathematically proven to be smarter than average.
That's definitely a major boo-boo.
Microsoft? Security? Something doesn't seem quite right.
For me, security and Microsoft is not the issue. It's trust and Microsoft.
As in, "I trust Microsoft, as far as I can throw them."
Well, you can download the source code and examine it for back doors. I know not many will do this but it would be a huge breach of trust by Microsoft if anyone found anything like a back door. Because of this I believe it's far more likely that they created this tool to appease international customers and released it as an open source project to prove it.
Well, you can download the source code and examine it for back doors.
Well, google on "ken thompson compiler backdoor"
:-)
You can put some source code in that looks innocuous, but the compiler adds a backdoor when it sees that code:
In 1984 KenThompson was presented with the ACM TuringAward. Ken's acceptance speech Reflections On Trusting Trust (http://cm.bell-labs.com/who/ken/trust.html) describes a hack (in every sense), the most subversive ever perpetrated, nothing less than the root password of all evil.
Ken describes how he injected a virus into a compiler. Not only did his compiler know it was compiling the login function and inject a backdoor, but it also knew when it was compiling itself and injected the backdoor generator into the compiler it was creating. The source code for the compiler thereafter contains no evidence of either virus.
Hur hur - Micro$haft am I right?
Recall "... newsletter entry stated that NSA already had pre-encryption access to Outlook email"
MS likes to help with tricky new crypto. Help the NSA.
So where's the quantum hardware to making this all work?
I was confused by this point too, till I did some reading. "Post-quantum cryptography" is NOT the same thing as "Quantum cryptography". The former merely refers to cryptographic algorithms for which there are no known algorithms for quantum computers which can break them. So, RSA would not be considered post-quantum, because Shore's algorithm can break it.
So where's the quantum hardware to making this all work?
I was confused by this point too, till I did some reading. "Post-quantum cryptography" is NOT the same thing as "Quantum cryptography". The former merely refers to cryptographic algorithms for which there are no known algorithms for quantum computers which can break them. So, RSA would not be considered post-quantum, because Shore's algorithm can break it.
All of our current asymmetric algorithms are vulnerable to Shor's (note spelling) algorithm, assuming a sufficiently-large quantum computer. Grover's algorithm can solve any problem that requires searching a solution space of size N in sqrt(N) time. The first means we need new asymmetric algorithms (public/private key algorithms, like RSA and ECC) that are quantum resistant. The second means that our symmetric algorithms and hashes (like AES and SHA-256) have effectively half the bits of security that we th
We need a lot of independent researchers opinion on that.
Everyone remember Dual EC DRBG [wikipedia.org]?
what a stupid pandering meaningless sound-bite.
it is not known that any current crypto is unbreakable by quantum computing.