lee/hpr-knowledge-base
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
931ef0335ff6979edafa3614789907cd7fe91d12
hpr-knowledge-base/hpr_transcripts/hpr3147.txt
Lee Hanken 7c8efd2228 Initial commit: HPR Knowledge Base MCP Server 
- MCP server with stdio transport for local use
- Search episodes, transcripts, hosts, and series
- 4,511 episodes with metadata and transcripts
- Data loader with in-memory JSON storage

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-10-26 10:54:13 +00:00

131 lines
12 KiB
Plaintext
Raw Blame History

Episode: 3147
Title: HPR3147: NIST's Quantum Cryptography Update
Source: https://hub.hackerpublicradio.org/ccdn.php?filename=/eps/hpr3147/hpr3147.mp3
Transcribed: 2025-10-24 17:46:51
---
This is Hacker Public Radio Episode 3147 for Tuesday, 25 August 2020. Today's show is entitled
NIST's Quantum Cryptography Update,
and is part of the series' Privacy and Security. It is the 200th anniversary show of Ahuka,
and is about 14 minutes long
and carries a clean flag. The summary is.
NIST has concluded round two of the quantum encryption search and moved around three.
This episode of HPR is brought to you by archive.org.
Support universal access to all knowledge by heading over to archive.org forward slash donate.
.
.
.
Hello, this is Ahuka, welcoming you to Hacker Public Radio and another exciting episode.
And this time I'm going to do something from the security series.
And that is going to be an update on NIST Quantum Cryptography competition that is going on.
And I'm recording this on August the 15th, based on July news.
So what is the news here? The National Institute of Standards and Technology, which is NIST,
has been engaged in a program to find ways to securely encrypt messages in a world where there is quantum computing.
Now, I previously wrote about it and recorded a HPR show.
The HPR show was one that I did in August of 2019 to report on progress at that point, but there's some more progress.
So I'm basing this on a release from NIST that came out in July of 2020.
So a little background on the issue, encryption, as I'm sure many of you know, is central to how the internet operates.
Websites that take credit card transactions have to create secure encrypted connections to keep your credit card number safe.
In 2020, it is now rare to find any website that does not offer a secure connection, also known as HTTPS, by default.
And one of the big reasons for that is that search engines have downgraded ordinary HTTP connections in their search results, either not showing them at all or showing them at the very end of all of the other options.
Let's encrypt, which you may have heard of, that's a program by Electronic Frontier Foundation, has come through with free TLS certificates that anyone can use, and hosting companies are now offering this type of encryption to customers.
My websites, for instance, have this simply by me checking a box on my control panel, so it couldn't be more easy.
And by the way, I've got a link to the Let's Encrypt site in the show notes. I put links to lots of things in the show notes.
So if you have any questions, that would be the first place to go. Now, businesses, of course, need to have secure connections to suppliers and other business partners.
And in these days of the COVID-19 pandemic, when so many people are working from home, secure VPN connections are a necessity to link employees with their companies and their work assets like email and file access with identity theft and spoofing ordinary users need protection as well.
And of course, the many people fighting against repressive governments have an obvious need.
Now, for most of the last few decades, the answer was public key cryptography, which we've discussed previously, based on the work of people like Whitfield, Diffie, Martin Helman, and Ralph Merkel, and made easily available by Phil Zimmerman's Pretty Good Privacy, or PGP.
This technology enabled encryption that could not easily be broken if implemented correctly.
The term of art used for this is that breaking such encryption was computationally infeasible. And for the last few decades, this has been true.
The only changes needed were increasing the key length from time to time to keep up with improvements in computing.
Then along came quantum computing, which seemed to usher in an age where encryption would be useless because what had been infeasible with classical computing would suddenly be feasible with quantum computing.
For example, quantum computers can easily factor very large numbers into their component primes, and that's the background of the RSA algorithm.
But it is a poor sort indeed that cannot cut both ways. It soon became clear that in the arms race between encryption and decryption, there would be a new form of quantum encryption that would make quantum decryption infeasible.
Now, just a note, I use this term infeasible, computationally infeasible, and what that generally means is something along the lines of requiring every computer on Earth operating together for millions of years to decrypt the message.
You can do the math on that one, and I have done it previously.
Now, the NIST challenge enters into this because NIST was following this, they are the government agency charged with setting standards for encryption.
And they have in general done a good job, although they did get burned in the elliptical curve standard when some folks from NSA in all likelihood got them to approve a standard that had a back door vulnerability in it.
This experience does seem to have gotten them to be more careful, though, and I'm not aware of any better candidate for stewardship of the standards at this point.
So what NIST did, they set up a competition for various teams primarily from industry and academia to submit proposed encryption methods for review.
This process began in December of 2016 with a call for submissions, again linking the show notes, and within a year 69 submissions that met all the requirements and the minimum acceptance criteria were received.
These submissions could then be tested by researchers, and some vulnerabilities could be found.
Now, it would be nice to say that all vulnerabilities would be found, but it doesn't work that way.
Even approved standards can have vulnerabilities that get discovered later, which is why ongoing testing and research is necessary, and why standards will change over time.
This is also why someone who claims that their encryption algorithm is a trade secret is telling you you should never use that algorithm.
Secrets don't work in this oddly enough.
Now, in January of 2019, that group of 69 was windowed down to 26.
And because the future capabilities of quantum computers were unclear, this group reflected a variety of approaches.
Now, as I said it then, quoting he, and I'm referring to Matthew Scholl, Chief of Computer Security Division at NIST,
did make clear that NIST is not looking for a single algorithm, or even a specific number of algorithms, which may be a good thing.
One thing we know from experience is that monocultures can fall to a single vulnerability.
And it looks like they expect that different needs will lead to different algorithms being used.
Now, quoting Matthew Scholl, this is to ensure that we have some resilience, so that when a quantum machine actually comes around,
not being able to fully understand the capability or effect of those machines, at this point,
having more than one algorithm with some different genetic mathematical foundations,
will ensure that we have a little more resiliency in that kit going forward.
Again, link in the show notes.
Now, NIST has concluded that second round of testing, and put a notice out in July of 2020 called Status Report,
on the second round of the NIST post-quantum cryptography standardization process.
And this officially kicks off round three with what are now 15 candidates to be standards.
Now, of these 15, seven are far enough along that if they survive this round of testing, they will become approved standards.
The other eight will continue the process, but it is not anticipated that they will receive approval after round three.
Now, of the seven that are pretty far along, four of them are proposed standards for public key encryption and key establishment.
And they are classic mechalice, crystals chiber, NTRU, and saber.
Then there are three proposed standards for digital signatures, crystals dash dilithium, falcon, and rainbow.
Now, what the seven proposals have in common is that they are more general purpose and could find wide adoption fairly easily on that account,
so it made sense to push them into the high priority group.
The other eight algorithms are ones that either need more work or are targeted to more specific applications,
so their participation in round three is expected to be additional development and not leading to final approval.
Now, these eight are bike, Frodochem, HQC, NTRU Prime, psych, GMSS, picnic, and Sphinx Plus.
Now, the goal, according to NIST mathematician Dustin Moody, is, and I quote,
the likely outcome is that at the end of this third round, we will standardize one or two algorithms for encryption and key establishment,
and one or two others for digital signatures, he said.
But by the time we are finished, the review process will have been going on for five or six years, and someone may have had a good idea in the interim.
So we'll find a way to look at newer approaches too.
Again, link in the show notes. So this research is ongoing as it should be.
I consistently refer to this as an arms race because that is the most accurate description,
and I'm going to go to Bruce Schneyer and quote him, and he said,
there's an old saying inside the NSA, attacks always get better, they never get worse.
So whenever clever hackers find ways to break encryption, other clever hackers find ways to prevent the exploits.
But this leads to a few conclusions worth pointing out.
First, encryption is never eternal.
Just because it was secure when you first encrypted something does not mean it is secure 20 years later when the technology has changed.
If you need to keep something secure for long time periods, you should not rely on encryption alone.
You got to do the Belton suspenders thing.
Now there's an NSA facility in Utah called Utah Data Center that's been storing up messages, we're pretty sure.
The NSA does not put out press releases announcing what they're doing, if you know what I mean.
But we're pretty sure they've been storing up a whole bunch of messages for a number of years now.
They will eventually be able to decrypt all of those messages.
In fact, they've probably decrypted a good many already.
So that's just that's reality. It used to it.
Now, second thing.
For most purposes, digital signatures are perfectly safe.
Needing to verify the sender 20 years later is a very rare case.
Mostly you are verifying the sender and message at the time.
And for that purpose, the current state of the art encryption is always going to be good enough.
Similarly, for most purposes, encryption for TLS and VPN are fine.
Again, you are trying to achieve security at the moment.
I'm using TLS to log into a website to maybe make a purchase.
Now, or I'm using VPN to tunnel into my work network now.
So the current state of the art is going to be fine for things like that.
If someone wants to hack my login to Amazon in 20 years, I doubt it will matter much.
I'm not saying that you can't imagine some scenario or maybe this stuff does matter,
but at least understand you're probably having to strain yourself coming up with something.
Now, the final conclusion.
If someone tries to tell you quantum computing will kill encryption for all of us,
you can confidently assure them it is not true.
We are building the tools to assure encryption in the post-clantum world.
And with that, this is Ahuka for Hacker Public Radio signing off and reminding you to support FreeSoftware.
Bye-bye.
You've been listening to Hacker Public Radio at Hacker Public Radio.org.
We are a community podcast network that releases shows every weekday Monday through Friday.
Today's show, like all our shows, was contributed by an HBR listener like yourself.
If you ever thought of recording a podcast, then click on our contributing to find out how easy it really is.
Hacker Public Radio was founded by the digital dog pound and the Infonomicon Computer Club
and is part of the binary revolution at binrev.com.
If you have comments on today's show, please email the host directly.
Leave a comment on the website or record a follow-up episode yourself.
Unless otherwise status, today's show is released on the create of comments,
attribution, share a life, free.or license.
Reference in New Issue View Git Blame Copy Permalink