Hi,
I meant "vpndialer" part first :)
as for PQ crypto - I played with it, however, it is currently far from
worldwide adoption (if that would have been implemented as openssl loadable
engine, it would be more luck....)
ср, 4 июл. 2018 г. в 5:17, Kevin Kane <kk...@microsoft.com>:
> Hello all,
>
> Thanks to Jon for making the introduction. My team works on post-quantum
> (PQ) cryptography, which is algorithms used by regular computers but which
> are resistant to attack by a sufficiently powerful quantum computer. This
> OpenVPN fork is an example application we released so the public could
> experiment with it.
>
> The following sites have information on what we're doing:
>
> Our openvpn, openvpn-build, and openvpn-gui forks are subprojects of the
> following repo: https://github.com/Microsoft/PQCrypto-VPN
>
> I just realized there are no back-pointers from the subprojects back to
> the main repo. I've just corrected that.
>
> On this site are scripts and instructions for doing our custom build of
> OpenVPN for Windows and Linux, to use the PQ crypto-enabled fork of OpenSSL
> we use, and how to properly configure it for PQ crypto. We also provide
> instructions for building an image for a Raspberry Pi to be used as a wifi
> access point that tunnels all traffic to a remote server protected by PQ
> key exchange. We also have released pre-built Linux x64 and Windows
> binaries. Our current build process works but there is plenty of room for
> improvement.
>
> A more in-depth description of the PQ VPN is here:
> https://www.microsoft.com/en-us/research/project/post-quantum-crypto-vpn/
>
> And our introduction to post-quantum cryptography overall is here:
> https://www.microsoft.com/en-us/research/project/post-quantum-cryptography/
>
> As Jon said, these algorithms are experimental and so it would be
> inappropriate to introduce them into production code until the
> standardization and thorough analysis by the cryptographic community are
> completed. When that happens, we want to be ready to quickly integrate
> these algorithms into existing software. My colleagues are already
> contributing to a PQ crypto-enabled fork of OpenSSL (
> https://github.com/open-quantum-safe/openssl), and similarly we believe
> there is value in maintaining a PQ-enabled fork of OpenVPN, so that both
> are ready when there is consensus on a standard.
>
> I will be updating the fork to track the forward progress of both the
> PQ-enabled OpenSSL fork and OpenVPN as time allows, but I welcome the
> participation of anyone who's interested in helping with the updates or
> making other improvements, as well as any suggestions you may have on
> future directions for this work.
>
> -----Original Message-----
> From: Jon Kunkee
> Sent: Tuesday, July 3, 2018 4:20 PM
> To: Samuli Seppänen <sam...@openvpn.net>; Илья Шипицин <
> chipits...@gmail.com>; Kevin Kane <kk...@microsoft.com>
> Cc: openvpn-devel <openvpn-devel@lists.sourceforge.net>
> Subject: Upstreaming pqcrypto changes from microsoft/openvpn
>
> Hi,
>
> (Retitling thread from RE: [Openvpn-devel] Topics for the community
> meeting (Wed, 13th June 2018))
>
> > do you know this activity https://github.com/Microsoft/openvpn/ ?
> > there are interesting things
>
> There are *very* interesting things there!
>
> > Do you know if Kevin (or his manager/team) plans to push his work
> upstream (i.e. to us) at some point?
>
> Samuli and Илья, I'd like to introduce you to Kevin Kane. He is the
> current maintainer of the Microsoft\openvpn pqcrypto branch on Github.
>
> He is working on developing encryption standards that are resistant to
> quantum-mechanics-based attacks. This includes taking existing products and
> adding experimental implementations of the experimental standards to
> them—including OpenVPN and OpenSSL. Over time these new techniques will be
> studied, refined, tested, and otherwise hammered on in the furnace of
> open-source cryptography until they gain some measure of trust.
>
> Both the experimental and untested nature of his work mean that no, his
> code isn’t ready to be merged into OpenVPN/master…yet!
>
> In the meantime, he would love to work with someone from the OpenVPN
> community—or even the organization itself—to make the connection official
> and to refine his additions. Some of the needed refinement requires
> familiarity with the overall build system, while a forward-looking
> cryptographer or protocol guru might take interest in what's developing
> under the hood.
>
> I don't know much about the current status of the project, but Kevin is
> happy to answer questions and would love to hear from you.
>
> Thanks,
> Jon
>
>
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
