This is a followup on infrastructure support for PQ-PGP keys.
On Wed, 1 Jan 2025 23:57:25 +0000, h...@anonymous.sex wrote:
I attempted to upload a post-quantum key created with GnuPG v2.5.1 to keys.openpgp.org. [...] I promptly reached out to supp...@keys.openpgp.org to ask when the infrastructure will support distribution of these keys to help users protect their long-term security.
The reply 13 hours later made it clear that rejection of my key was intentional, due to v5 packets being “nonstandard” and GnuPG being not “cooperative”.
I won’t ambush a volunteer answering support@ for a free keyserver, but I will publicly quote my own reply below. There has been no further response in the past 25 hours.
In any discussion of this issue, *please* be cogent and courteous, and focus on user security. I’m not married to GnuPG—but insofar as I can tell, GnuPG with its “nonstandard” v5 packets is currently the only free software option for post-quantum encrypted mail. What’s really important?
### Date: Thu, 2 Jan 2025 17:29:20 +0000 From: h...@anonymous.sex To: [REDACTED] Subject: Re: GnuPG post-quantum key upload failed. Message-ID: <69f5aa5e-0378-8956-bdcc-32c9949ed...@anonymous.sex> Thanks for your reply.
When will the keyserver support distribution of these keys to assist users in protecting their long-term security?[REDACTED]
If your org doesn’t want to distribute my v5 packet key with post-quantum subkey, would you please recommend a v6 packet implementation with not less than ky1024_cv448 security, which I can use *right now* and recommend to others? (Does keys.openpgp.org support v6 packet keys?)
I don’t know Werner Koch or any of the other involved personalities. I’ve sometimes casually read IETF WG mail. I have not yet formally reviewed the differences between LibrePGP (packet v5) and IETF OpenPGP (packet v6), which is more difficult because the IETF committee rewrote the standard instead of revising it. I presume that all parties on both sides are basically competent at the design of cryptographic protocols.
My perspective is that of an advanced user who practically has RFC 4880 memorized, who has tutored individuals gratis in PGP/GnuPG usage for >25 years, and who is very worried about the potential long-term security threat of quantum computing. Now a very frustrated user, being pushed to one side by default:
2025-01-01: Betamax v. VHS, and the future of PQ-PGP https://lists.gnupg.org/pipermail/gnupg-users/2025-January/067441.htmlThis is not a nice wishlist feature that can wait. I sometimes try to remember what messages I sent with RSA4096 decades ago, and wonder if the keys will be factored by any QC attacker with covert interception and long-term data retention; you?
https://www.technologyreview.com/2021/11/03/1039171/hackers-quantum-computers-us-homeland-security-cryptography/ https://en.wikipedia.org/wiki/Massive_Data_Repository https://microblog.cr.yp.to/1544456469038645248/index.html#1544469614133800960Nor should it wait. The NIST PQC process was so slow that when the final standard was published in August, everyone had had almost two years to get ready for what everyone pretty much knew would be Kyber. I take it as “we care about user security” that GnuPG v2.5.1 release notes claimed final standard support exactly 30 days after NIST published the standard, based on draft standard code that was in active testing for months before this. https://lists.gnupg.org/pipermail/gnupg-announce/2024q3/000485.html As it is, the NIST process was so tied up in red tape and personality conflicts that I’m *ashamed* that no one (including myself) was even less “cooperative” than WK; after all, “cypherpunks write code” and do not wait for interminable committees.
That is the perspective of a user who is resolved aggressively to stop using non-PQ encryption in 2025, but also does not want to cease communicating with other human beings.
With all due apologies for the long message: This is too important an issue to continue being quiet about.
-- # Remember these on Wednesday, January 15, 2025: https://web.archive.org/web/19971024171609/http://www.eff.org/blueribbon.html https://web.archive.org/web/19971114041230/http://www.eff.org/pub/Legal/Cases/ACLU_v_Reno/19970626_eff_cda.announce https://www.supremecourt.gov/search.aspx?filename=/docket/docketfiles/html/public/23-1122.html
signature.asc
Description: PGP signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
