[IPsec] New Liaison Statement, "LS on ITU-T SG17 work on quantum-safe PKI"

Wed, 13 Sep 2017 08:26:11 -0700 

Title: LS on ITU-T SG17 work on quantum-safe PKI
Submission Date: 2017-09-13
URL of the IETF Web page: https://datatracker.ietf.org/liaison/1541/

From: Jean-Paul Lemaire <jean-paul.lema...@univ-paris-diderot.fr>
To: David Waltermire <david.walterm...@nist.gov>,Tero Kivinen 
<kivi...@iki.fi>,Russ Housley <hous...@vigilsec.com>
Cc: David Waltermire <david.walterm...@nist.gov>,IP Security Maintenance and 
Extensions Discussion List <ipsec@ietf.org>,itu-t-liai...@iab.org,Limited 
Additional Mechanisms for PKIX and SMIME Discussion List <sp...@ietf.org>,Russ 
Housley <hous...@vigilsec.com>,Scott Mansfield 
<scott.mansfi...@ericsson.com>,Kathleen Moriarty 
<kathleen.moriarty.i...@gmail.com>,Tero Kivinen <kivi...@iki.fi>,Eric Rescorla 
<e...@rtfm.com>
Response Contacts: jean-paul.lema...@univ-paris-diderot.fr
Technical Contacts: 
Purpose: For information

Body: ITU-T Study Group 17 is pleased to inform you that in our 
August/September 2017 meeting we agreed to start work on the inclusion of a 
proposal to include optional support for multiple public-key algorithms in 
Recommendation ITU-T X509 | ISO/IEC 9594-8.

The industry is preparing ICT systems to be resistant to attacks by large-scale 
quantum computers in addition to more sophisticated attacks by conventional 
computing resources. Proposed was an optional feature to the X.509 certificate 
that provides a seamless migration capability to existing PKI systems, and is 
completely backwardly compatible with existing systems.

While public-key key establishment algorithms are typically negotiated between 
peers and are generally fairly simple to update, the authentication systems 
typically rely on a single digital signature algorithm which are more difficult 
to update. This is because of the circular dependency between PKI-based 
identity systems and the dependent communication protocols. In order to update 
a PKI system, one would typically need to create a duplicate PKI system that 
utilizes a new digital signature algorithm and then migrate all the dependent 
systems one by one.

This proposal eliminates the need to create such duplicate PKI systems by 
adding optional extensions to contain alternate public key and alternate 
signature, and a method for the CA to sign certificates using a layered 
approach to ensure that every attribute is authenticated by both signatures. 
The resulting certificate, while containing new quantum safe public key and 
signature, can still be used by existing systems relying on the classic public 
key and signature.
Attachments:

    sp16-sg17-oLS-00068
    
https://www.ietf.org/lib/dt/documents/LIAISON/liaison-2017-09-13-itu-t-sg-17-ipsecme-lamps-ls-on-itu-t-sg17-work-on-quantum-safe-pki-attachment-1.pdf

_______________________________________________
IPsec mailing list
IPsec@ietf.org
https://www.ietf.org/mailman/listinfo/ipsec

Reply via email to