Cloudflare targets 2029 for full post-quantum security

Posted by ilreb 7 hours ago

Cloudflare targets 2029 for full post-quantum security(blog.cloudflare.com)

201 points | 65 commentspage 2

Sattyamjjain 3 hours ago|

[dead]

heliumtera 6 hours ago||

And that changes what?

bwesterb 5 hours ago||

If we do our job, it changes nothing. Problem with security generally: no spectacle if it's all correct. :)

ljhsiung 3 hours ago|||

"Nothing happened for y2k" energy

ezfe 6 hours ago||

It would mean that they're future-proofing their security

ls612 6 hours ago|

The secrecy around this is precisely the opposite of what we saw in the 90s when it started to become clear DES needed to go. Yet another sign that the global powers are preparing for war.

tptacek 6 hours ago||

What do you mean? For as long as I remember (back to late 1994) people understood DES to be inadequate; we used DES-EDE and IDEA (and later RC4) instead. What "secrecy" would there have been? The feasibility of breaking DES given a plausible budget goes all the way back to the late 1970s. The first prize given for demonstrating a DES break was only $10,000.

adrian_b 5 hours ago|||

Triple-key DES (DES-EDE) had already been proposed by IBM in 1979, in response to the criticism that the 56-bit keys of DES are far too short.

So practically immediately after DES was standardized, people realized that NSA had crippled it by limiting the key length to 56 bits, and they started to use workarounds.

Before introducing RC2 and RC4 in 1987, Ronald Rivest had used since 1984 another method of extending the key length of DES, named DESX, which was cheaper than DES-EDE as it used a single block cipher function invocation. However, like also RC4, DESX was kept as a RSA trade secret, until it was leaked, also like RC4, during the mid nineties.

IDEA (1992, after a preliminary version was published in 1991) was the first block cipher function that was more secure than DES and which was also publicly described.

ls612 4 hours ago|||

People were willing to explicitly explain why it was inadequate rather than keep it secret. That is the difference.

tptacek 4 hours ago||

What was to explain? It had a 56-bit key.

ls612 2 hours ago||

Was that the only thing wrong with it? The 90s was definitely before my time but I was under the impression reading about it that there were also fundamental flaws with DES which lead to the competition which ultimately produced AES.

tptacek 2 hours ago||

Yes, that was what was wrong with DES. I mean, it also had an 8-byte block size, which turns out to be inadequate as well, but that's true of IDEA and Blowfish as well.

NitpickLawyer 6 hours ago||

My read of the recent google blog post is that they framed it as cryptocurrency related stuff just so they don't say the silent thing out loud. But lots of people "in the know" / working on this are taking it much more seriously than just cryptobros go broke. So my hunch is that there's more to it and they didn't want to say it / couldn't / weren't allowed to.

adrian_b 6 hours ago|||

It should be noted that quantum computers are a threat mainly for interactions between unrelated parties which perform legal activities, e.g. online shopping, online banking, notarized legal documents that use long-term digital signatures.

Quantum computers are not a threat for spies or for communications within private organizations where security is considered very important, where the use of public-key cryptography can easily be completely avoided and authentication and session key exchanges can be handled with pre-shared secret keys used only for that purpose.

dadrian 3 hours ago||||

I will bring this up at the next meeting of the secret cryptographer cabal where we decide what information to reveal to non-cryptographers.

IncreasePosts 6 hours ago|||

What is "it" that you're referring to?

wil421 5 hours ago||

> mitigating harvest-now/decrypt-later attacks.

Most likely the NSA or someone else is ahead of the game and already has a quantum computer. If the tech news rumors are to true the NSA has a facility in Utah that can gather large swaths of the internet and process the data.

bookofjoe 3 hours ago||

This?: https://nsa.gov1.info/utah-data-center/

tonfa 3 hours ago||

FYI this is a parody website. (in case it's not obvious)

bookofjoe 1 hour ago||

It wasn't obvious to me!