[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [gnueval-security] [Richard Stallman] evaluating an encryption progr
From: |
Brandon Invergo |
Subject: |
Re: [gnueval-security] [Richard Stallman] evaluating an encryption program |
Date: |
Tue, 26 Nov 2013 00:17:04 +0100 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/24.3 (gnu/linux) |
Hi Christian,
Thanks for your input.
Could you or Stephen send a quick report to rms once you guys have
reached a conclusion?
Thanks!
Brandon
Christian Grothoff <address@hidden> writes:
> Hi!
>
> Aside from the usual caveats (NTRU is peer-reviewed, but still rather
> new and comparatively untested; there is also the probabilistic
> decryption mentioned already by Stephen), and some obvious disadvantages
> (huge key size, limited availability), I don't know that there is a
> clear security reason for -not- using it. However, as long as quantum
> cryptoanalysis (not quantum computing with a handful of bits) is not
> real, it is unclear if NTRU is actually going to be stronger than say a
> good curve. NTRU is better against a system that is hypothetical today.
> Experts I talked to said that there is a 10% chance that they are real
> in 10-30 years --- and a 89% chance that they won't ever be real.
>
> So the real question is if the GNU packages using NTRU should be trying
> to prepare for the 10% chance in 10-30 years. MOST should probably not
> do this. A few crypto libraries (libgcrypt, nettle, GnuPG) may (!) put
> this on their medium-term feature list, but any "normal" package should
> not touch this IMO -- they're much more likely to have security issues
> elsewhere.
>
> My 2 cents
>
> Christian
>
>
> On 11/24/13 21:07, Brandon Invergo wrote:
>> Hi guys,
>>
>> From rms:
>>
>>> Could you please ask people to look at
>>> https://github.com/NTRUOpenSourceProject/ntru-crypto/ and judge
>>> whether it is good for us to use?
>>
>>> They are not considering making it a GNU package, and I doubt that
>>> they ever will; but we might want GNU packages to use it, and that's
>>> the question I'd like people to study.
>>> Please report back to me after you've come to some conclusion.
>>
>> Can someone look into it for us?
>>
>> Thanks!
>> Brandon
>>
>
>
--
Brandon Invergo
http://brandon.invergo.net
pgpQGq05eiAhk.pgp
Description: PGP signature