Hi! the aes256-ctr is secure iff the exchange of keys is secure. the exchange keys need use a post-quantum algorithm for this, that in turn return to need for a post-quantum crypto. The nist list is a good list to find someone bind or pure go version. :-)
Thanks! :-) Em sábado, 8 de junho de 2019 03:37:54 UTC-3, Marcin Romaszewicz escreveu: > > The NIST publishes some recommendations for applied cryptography, and > they've amended their recommendations recently away from some quantum-weak > algorithms. Here's a good starting point for reading. > <https://csrc.nist.gov/Projects/Cryptographic-Standards-and-Guidelines> > > Your biggest cryptography problems for the next decade or two will be how > to actually properly apply cryptography. The algorithms aren't your weak > point, operational security around them is the weak point. I spent the > last few years in this domain. > > No mainstream cyphers are currently quantum resistant, but there is work > with elliptic curves which looks promising. Put another way, Shor's and > Grover's algorithms break all mainstream public key cryptography, however, > lots of symmetric algorithms are not currently known to be quantum weak, > but the difficulty is now key exchange (swapping USB sticks under a bridge > is quantum resistant :) ). Also, I wrote that carefully - "not known" to be > quantum weak, meaning that we don't know if an algorithm exists yet which > could break it, but it could in the future. The super short version: use > AES 256 and you'll be fine for a long time. Be careful with how you > exchange keys. > > -- Marcin > > > > On Fri, Jun 7, 2019 at 5:23 PM Michael Jones <michae...@gmail.com > <javascript:>> wrote: > >> Your question is maybe a decade premature. Post-quantum cryptography, as >> in, “now that quantum encryption is here and understood, we have tools to >> build public key mechanisms provably safe for 50+ years in this >> post-quantum environment,” is mostly a sentence from the future. >> >> I have patents pending in related areas, have investments in a working >> satellite-based quantum entanglement key distribution and security service, >> and have had conversations with S&T leaders in a certain three letter >> agency — but even so, it still feels like baby steps into a vast and not >> yet understood frontier. Relatedly but different, I keep a database of >> numbers factored publicly by quantum computers and keep tabs on the >> subject...as of today, even the biggest of these are numbers Fermat could >> have done by hand. >> >> So, it will be interesting to see what kind of answers you get to your >> question. If anyone has a solid, “yes I know just what to do” then bravo! >> the world will beat a path to their door. (Beat here is in the metaphorical >> sense of “blaze a trail through the jungle to reach you” as well as the >> ominous “beat the answer out of you in the name of national security” >> sense.) >> >> On Fri, Jun 7, 2019 at 4:35 PM Daniel Norte Moraes <daniel...@gmail.com >> <javascript:>> wrote: >> >>> HI! >>> >>> There are post-quantum public key cryptograph in Go ? or binds to Go? >>> >>> My need is just keys creation, encryption and decryption. >>> >>> >>> Many Thanks in Advance! >>> >>> >>> -- >>> You received this message because you are subscribed to the Google >>> Groups "golang-nuts" group. >>> To unsubscribe from this group and stop receiving emails from it, send >>> an email to golan...@googlegroups.com <javascript:>. >>> To view this discussion on the web visit >>> https://groups.google.com/d/msgid/golang-nuts/40279401-f23c-4960-a46a-95a0c6732049%40googlegroups.com >>> >>> <https://groups.google.com/d/msgid/golang-nuts/40279401-f23c-4960-a46a-95a0c6732049%40googlegroups.com?utm_medium=email&utm_source=footer> >>> . >>> For more options, visit https://groups.google.com/d/optout. >>> >> -- >> >> *Michael T. jonesmichae...@gmail.com <javascript:>* >> >> -- >> You received this message because you are subscribed to the Google Groups >> "golang-nuts" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to golan...@googlegroups.com <javascript:>. >> To view this discussion on the web visit >> https://groups.google.com/d/msgid/golang-nuts/CALoEmQw2iRK8%2BjKMstM%3DvU7CGA27LMt11tYu_pa%2BPohSc2VK%3Dg%40mail.gmail.com >> >> <https://groups.google.com/d/msgid/golang-nuts/CALoEmQw2iRK8%2BjKMstM%3DvU7CGA27LMt11tYu_pa%2BPohSc2VK%3Dg%40mail.gmail.com?utm_medium=email&utm_source=footer> >> . >> For more options, visit https://groups.google.com/d/optout. >> > -- You received this message because you are subscribed to the Google Groups "golang-nuts" group. To unsubscribe from this group and stop receiving emails from it, send an email to golang-nuts+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/golang-nuts/3649b8f8-b473-4db8-b79c-51244633cc64%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
