From 135990cf9cb894066565cbf56755d8d211d9593f Mon Sep 17 00:00:00 2001 From: Paul Hoffman Date: Fri, 25 Oct 2024 11:59:31 -0700 Subject: [PATCH] Got rid of all links --- draft-ietf-pquip-pqc-engineers.md | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) diff --git a/draft-ietf-pquip-pqc-engineers.md b/draft-ietf-pquip-pqc-engineers.md index 4756694..52beec1 100644 --- a/draft-ietf-pquip-pqc-engineers.md +++ b/draft-ietf-pquip-pqc-engineers.md @@ -220,6 +220,15 @@ informative: SIKE: title: "SIKE – Supersingular Isogeny Key Encapsulation" target: https://sike.org/ + SIDH-Attack: + title: "An efficient key recovery attack on SIDH" + target: https://eprint.iacr.org/2022/975.pdf + PQUIP-WG: + title: Post-Quantum Use In Protocols (pquip) Working Group + target: https://datatracker.ietf.org/group/pquip/documents/ + OQS: + title: Open Quantum Safe Project + target: https://openquantumsafe.org/ --- abstract @@ -325,7 +334,7 @@ The candidates still advancing for standardization are: * {{ClassicMcEliece}}: Based on the hardness of syndrome decoding of Goppa codes. Goppa codes are a class of error-correcting codes that can correct a certain number of errors in a transmitted message. The decoding problem involves recovering the original message from the received noisy codeword. * {{BIKE}}: Based on the the hardness of syndrome decoding of QC-MDPC codes. Quasi-Cyclic Moderate Density Parity Check (QC-MDPC) code are a class of error correcting codes that leverages bit flipping technique to efficiently correct errors. * {{HQC}}: Based on the hardness of syndrome decoding of Quasi-cyclic concatenated Reed Muller Reed Solomon (RMRS) codes in the Hamming metric. Reed Muller (RM) codes are a class of block error correcting codes used especially in wireless and deep space communications. Reed Solomon (RS) are a class of block error correcting codes that are used to detect and correct multiple bit errors. -* {{SIKE}} (Broken): Supersingular Isogeny Key Encapsulation (SIKE) is a specific realization of the SIDH (Supersingular Isogeny Diffie-Hellman) protocol. Recently, a mathematical attack () based on the "glue-and-split" theorem from 1997 from Ernst Kani was found against the underlying chosen starting curve and torsion information. In practical terms, this attack allows for the efficient recovery of the private key. NIST announced that SIKE was no longer under consideration, but the authors of SIKE had asked for it to remain in the list so that people are aware that it is broken. While SIKE is broken, isogenies in general remain an active area of cryptographic research due to their very attractive bandwidth usage, and yet more cryptographic primitives in the future may appear from this research area. +* {{SIKE}} (Broken): Supersingular Isogeny Key Encapsulation (SIKE) is a specific realization of the SIDH (Supersingular Isogeny Diffie-Hellman) protocol. Recently, a mathematical attack {{SIDH-Attack}} based on the "glue-and-split" theorem from 1997 from Ernst Kani was found against the underlying chosen starting curve and torsion information. In practical terms, this attack allows for the efficient recovery of the private key. NIST announced that SIKE was no longer under consideration, but the authors of SIKE had asked for it to remain in the list so that people are aware that it is broken. While SIKE is broken, isogenies in general remain an active area of cryptographic research due to their very attractive bandwidth usage, and yet more cryptographic primitives in the future may appear from this research area. # Timeline for Transition {#timeline} @@ -770,9 +779,9 @@ The ciphertext generated by a KEM is not necessarily directly linked to the shar A good book on modern cryptography is Serious Cryptography, 2nd Edition, by Jean-Philippe Aumasson, ISBN 9781718503847. -The Open Quantum Safe (OQS) project () is an open-source project that aims to support the transition to quantum-resistant cryptography. +The Open Quantum Safe (OQS) Project {{OQS}} is an open-source project that aims to support the transition to quantum-resistant cryptography. -The IETF's PQUIP Working group maintains a list of PQC-related protocol work within the IETF (). +The IETF's PQUIP Working Group {{PQUIP-WG}} maintains a list of PQC-related protocol work within the IETF. --- back