crypto.html

<!DOCTYPE html>
<html lang="en">
<head>
<!-- 2024-01-01 Mon 22:48 -->
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>Post-Quantum Crypto/Cryptanalysis</title>
<meta name="generator" content="Org mode">
<meta name="author" content="jbh">
<style type="text/css">
 <!--/*--><![CDATA[/*><!--*/
  .title  { text-align: center;
             margin-bottom: .2em; }
  .subtitle { text-align: center;
              font-size: medium;
              font-weight: bold;
              margin-top:0; }
  .todo   { font-family: monospace; color: red; }
  .done   { font-family: monospace; color: green; }
  .priority { font-family: monospace; color: orange; }
  .tag    { background-color: #eee; font-family: monospace;
            padding: 2px; font-size: 80%; font-weight: normal; }
  .timestamp { color: #bebebe; }
  .timestamp-kwd { color: #5f9ea0; }
  .org-right  { margin-left: auto; margin-right: 0px;  text-align: right; }
  .org-left   { margin-left: 0px;  margin-right: auto; text-align: left; }
  .org-center { margin-left: auto; margin-right: auto; text-align: center; }
  .underline { text-decoration: underline; }
  #postamble p, #preamble p { font-size: 90%; margin: .2em; }
  p.verse { margin-left: 3%; }
  pre {
    border: 1px solid #ccc;
    box-shadow: 3px 3px 3px #eee;
    padding: 8pt;
    font-family: monospace;
    overflow: auto;
    margin: 1.2em;
  }
  pre.src {
    position: relative;
    overflow: visible;
    padding-top: 1.2em;
  }
  pre.src:before {
    display: none;
    position: absolute;
    background-color: white;
    top: -10px;
    right: 10px;
    padding: 3px;
    border: 1px solid black;
  }
  pre.src:hover:before { display: inline;}
  /* Languages per Org manual */
  pre.src-asymptote:before { content: 'Asymptote'; }
  pre.src-awk:before { content: 'Awk'; }
  pre.src-C:before { content: 'C'; }
  /* pre.src-C++ doesn't work in CSS */
  pre.src-clojure:before { content: 'Clojure'; }
  pre.src-css:before { content: 'CSS'; }
  pre.src-D:before { content: 'D'; }
  pre.src-ditaa:before { content: 'ditaa'; }
  pre.src-dot:before { content: 'Graphviz'; }
  pre.src-calc:before { content: 'Emacs Calc'; }
  pre.src-emacs-lisp:before { content: 'Emacs Lisp'; }
  pre.src-fortran:before { content: 'Fortran'; }
  pre.src-gnuplot:before { content: 'gnuplot'; }
  pre.src-haskell:before { content: 'Haskell'; }
  pre.src-hledger:before { content: 'hledger'; }
  pre.src-java:before { content: 'Java'; }
  pre.src-js:before { content: 'Javascript'; }
  pre.src-latex:before { content: 'LaTeX'; }
  pre.src-ledger:before { content: 'Ledger'; }
  pre.src-lisp:before { content: 'Lisp'; }
  pre.src-lilypond:before { content: 'Lilypond'; }
  pre.src-lua:before { content: 'Lua'; }
  pre.src-matlab:before { content: 'MATLAB'; }
  pre.src-mscgen:before { content: 'Mscgen'; }
  pre.src-ocaml:before { content: 'Objective Caml'; }
  pre.src-octave:before { content: 'Octave'; }
  pre.src-org:before { content: 'Org mode'; }
  pre.src-oz:before { content: 'OZ'; }
  pre.src-plantuml:before { content: 'Plantuml'; }
  pre.src-processing:before { content: 'Processing.js'; }
  pre.src-python:before { content: 'Python'; }
  pre.src-R:before { content: 'R'; }
  pre.src-ruby:before { content: 'Ruby'; }
  pre.src-sass:before { content: 'Sass'; }
  pre.src-scheme:before { content: 'Scheme'; }
  pre.src-screen:before { content: 'Gnu Screen'; }
  pre.src-sed:before { content: 'Sed'; }
  pre.src-sh:before { content: 'shell'; }
  pre.src-sql:before { content: 'SQL'; }
  pre.src-sqlite:before { content: 'SQLite'; }
  /* additional languages in org.el's org-babel-load-languages alist */
  pre.src-forth:before { content: 'Forth'; }
  pre.src-io:before { content: 'IO'; }
  pre.src-J:before { content: 'J'; }
  pre.src-makefile:before { content: 'Makefile'; }
  pre.src-maxima:before { content: 'Maxima'; }
  pre.src-perl:before { content: 'Perl'; }
  pre.src-picolisp:before { content: 'Pico Lisp'; }
  pre.src-scala:before { content: 'Scala'; }
  pre.src-shell:before { content: 'Shell Script'; }
  pre.src-ebnf2ps:before { content: 'ebfn2ps'; }
  /* additional language identifiers per "defun org-babel-execute"
       in ob-*.el */
  pre.src-cpp:before  { content: 'C++'; }
  pre.src-abc:before  { content: 'ABC'; }
  pre.src-coq:before  { content: 'Coq'; }
  pre.src-groovy:before  { content: 'Groovy'; }
  /* additional language identifiers from org-babel-shell-names in
     ob-shell.el: ob-shell is the only babel language using a lambda to put
     the execution function name together. */
  pre.src-bash:before  { content: 'bash'; }
  pre.src-csh:before  { content: 'csh'; }
  pre.src-ash:before  { content: 'ash'; }
  pre.src-dash:before  { content: 'dash'; }
  pre.src-ksh:before  { content: 'ksh'; }
  pre.src-mksh:before  { content: 'mksh'; }
  pre.src-posh:before  { content: 'posh'; }
  /* Additional Emacs modes also supported by the LaTeX listings package */
  pre.src-ada:before { content: 'Ada'; }
  pre.src-asm:before { content: 'Assembler'; }
  pre.src-caml:before { content: 'Caml'; }
  pre.src-delphi:before { content: 'Delphi'; }
  pre.src-html:before { content: 'HTML'; }
  pre.src-idl:before { content: 'IDL'; }
  pre.src-mercury:before { content: 'Mercury'; }
  pre.src-metapost:before { content: 'MetaPost'; }
  pre.src-modula-2:before { content: 'Modula-2'; }
  pre.src-pascal:before { content: 'Pascal'; }
  pre.src-ps:before { content: 'PostScript'; }
  pre.src-prolog:before { content: 'Prolog'; }
  pre.src-simula:before { content: 'Simula'; }
  pre.src-tcl:before { content: 'tcl'; }
  pre.src-tex:before { content: 'TeX'; }
  pre.src-plain-tex:before { content: 'Plain TeX'; }
  pre.src-verilog:before { content: 'Verilog'; }
  pre.src-vhdl:before { content: 'VHDL'; }
  pre.src-xml:before { content: 'XML'; }
  pre.src-nxml:before { content: 'XML'; }
  /* add a generic configuration mode; LaTeX export needs an additional
     (add-to-list 'org-latex-listings-langs '(conf " ")) in .emacs */
  pre.src-conf:before { content: 'Configuration File'; }

  table { border-collapse:collapse; }
  caption.t-above { caption-side: top; }
  caption.t-bottom { caption-side: bottom; }
  td, th { vertical-align:top;  }
  th.org-right  { text-align: center;  }
  th.org-left   { text-align: center;   }
  th.org-center { text-align: center; }
  td.org-right  { text-align: right;  }
  td.org-left   { text-align: left;   }
  td.org-center { text-align: center; }
  dt { font-weight: bold; }
  .footpara { display: inline; }
  .footdef  { margin-bottom: 1em; }
  .figure { padding: 1em; }
  .figure p { text-align: center; }
  .equation-container {
    display: table;
    text-align: center;
    width: 100%;
  }
  .equation {
    vertical-align: middle;
  }
  .equation-label {
    display: table-cell;
    text-align: right;
    vertical-align: middle;
  }
  .inlinetask {
    padding: 10px;
    border: 2px solid gray;
    margin: 10px;
    background: #ffffcc;
  }
  #org-div-home-and-up
   { text-align: right; font-size: 70%; white-space: nowrap; }
  textarea { overflow-x: auto; }
  .linenr { font-size: smaller }
  .code-highlighted { background-color: #ffff00; }
  .org-info-js_info-navigation { border-style: none; }
  #org-info-js_console-label
    { font-size: 10px; font-weight: bold; white-space: nowrap; }
  .org-info-js_search-highlight
    { background-color: #ffff00; color: #000000; font-weight: bold; }
  .org-svg { width: 90%; }
  /*]]>*/-->
</style>
<style> body {background-color: #fafad2} </style>
<script type="text/javascript">
/*
@licstart  The following is the entire license notice for the
JavaScript code in this tag.

Copyright (C) 2012-2020 Free Software Foundation, Inc.

The JavaScript code in this tag is free software: you can
redistribute it and/or modify it under the terms of the GNU
General Public License (GNU GPL) as published by the Free Software
Foundation, either version 3 of the License, or (at your option)
any later version.  The code is distributed WITHOUT ANY WARRANTY;
without even the implied warranty of MERCHANTABILITY or FITNESS
FOR A PARTICULAR PURPOSE.  See the GNU GPL for more details.

As additional permission under GNU GPL version 3 section 7, you
may distribute non-source (e.g., minimized or compacted) forms of
that code without the copy of the GNU GPL normally required by
section 4, provided you include this license notice and a URL
through which recipients can access the Corresponding Source.


@licend  The above is the entire license notice
for the JavaScript code in this tag.
*/
<!--/*--><![CDATA[/*><!--*/
 function CodeHighlightOn(elem, id)
 {
   var target = document.getElementById(id);
   if(null != target) {
     elem.cacheClassElem = elem.className;
     elem.cacheClassTarget = target.className;
     target.className = "code-highlighted";
     elem.className   = "code-highlighted";
   }
 }
 function CodeHighlightOff(elem, id)
 {
   var target = document.getElementById(id);
   if(elem.cacheClassElem)
     elem.className = elem.cacheClassElem;
   if(elem.cacheClassTarget)
     target.className = elem.cacheClassTarget;
 }
/*]]>*///-->
</script>
</head>
<body>
<div id="content">
<header>
<h1 class="title">Post-Quantum Crypto/Cryptanalysis</h1>
</header><nav id="table-of-contents">
<h2>Table of Contents</h2>
<div id="text-table-of-contents">
<ul>
<li><a href="#org9459222">Moved</a></li>
<li><a href="#org577bfca">Begin</a>
<ul>
<li><a href="#orga89d49c">Basic concepts and intro</a></li>
<li><a href="#org0e71e35">Public-key &amp; Symmetric crypto</a></li>
<li><a href="#orga585a5f">Counter-strategies against surveillance</a></li>
</ul>
</li>
</ul>
</div>
</nav>

<div id="outline-container-org9459222" class="outline-2">
<h2 id="org9459222">Moved</h2>
<div class="outline-text-2" id="text-org9459222">
<p>
I had to move this to <a href="https://learnaifromscratch.github.io/theabsolutestateofsoftware.html">here</a> 
</p>

<p>
where I'll go through Tanja Lange's PQ crypto course. Originally I was going to do all the courses but out of nowhere TU/e locked up all the lectures and assignments. 
</p>


<hr>
<p>
OLD TEXT
</p>

<p>
There is a variety of <a href="http://www.hyperelliptic.org/tanja/teaching.html">courses</a> we can take by Tanja Lange at TU/e who with Daniel Bernstein (also now at TU/e) are the premiere researchers in post-quantum cryptography and cryptanalysis. If you're wondering why this is all done out of countries like the Netherlands now it's because it is impossible to build crypto in many other countries due to crazy export laws and standards body <a href="https://blog.cr.yp.to/20220805-nsa.html">sabotage</a>.
</p>

<p>
Let's try <i>Selected Areas in Cryptology</i> mixing the 2023/2021 versions. 
</p>

<ul class="org-ul">
<li>The <a href="http://hyperelliptic.org/tanja/teaching/pqcrypto23/">first part</a> Tanja teaches a crash course on existing crypto and the new post-quantum crypto research going on. Most of the exercises are breaking things.</li>
<li>The <a href="https://homepages.cwi.nl/~stevens/mastermath/2023/">second part</a> covers cryptanalysis techniques. We can try some <a href="https://cryptopals.com/">Cryptopals</a> and <a href="https://mysterytwister.org/home/welcome/">MysteryTwister</a> challenges too.</li>
</ul>
</div>
</div>

<div id="outline-container-org577bfca" class="outline-2">
<h2 id="org577bfca">Begin</h2>
<div class="outline-text-2" id="text-org577bfca">
<p>
I'm starting with the recommended 2022 <a href="http://hyperelliptic.org/tanja/teaching/pqcrypto22/">videos</a> as prereqs. 
</p>

<ul class="org-ul">
<li><a href="https://www.youtube.com/watch?v=dEpk4ZxceeY">Motivation and Intro</a> - Prof Tanja Lange</li>
</ul>

<p>
They already have quantum virtual machines to design and simulate running quantum algorithms and <a href="https://www.ibm.com/quantum">quantum cloud</a> services where IBM has 433-qubit 'premium plan' available to the general public to run algorithms. Google/IBM are promising a 4000 qbit machine in 2025 while it's generally agreed you only need 300 qubits for 'quantum <a href="https://spectrum.ieee.org/qubit-supremacy">supremacy</a>'.
</p>

<p>
Is any of these qubit claims by IBM/Google true or just marketing? Who knows but this motivation lecture explains that we should be ready anyway and start using post-quantum crypto now as all our countries are storing network data on a massive scale in order to break it years later for various illicit political purposes. She actually shows the NSA Utah data station that vacuums up and holds the world's data in football field sized buildings and notes the problems with existing software update signatures because they are never going to tell the public when they've achieved the ability to forge software update keys. 
</p>
</div>

<div id="outline-container-orga89d49c" class="outline-3">
<h3 id="orga89d49c">Basic concepts and intro</h3>
<div class="outline-text-3" id="text-orga89d49c">
<p>
Watching <a href="https://youtu.be/MyZLazQEkSk">this video</a>. Channels spying on our data, and modifying it.
</p>

<p>
Tails and Qubes OS is mentioned. Tails is one of those 'anonymous live CD' type distros where the idea used to be that you would insert a usb (once upon a time just a CD/DVD), boot the shadow system and it would only live in temporary RAM memory and (hopefully) never touch the disk. You'd do whatever you're doing and then shut it down and there was (again hopefully) no evidence you used that computer. I'm not up to date on h4xor meme OS's but last I heard a few years ago nobody could verify that Tails or it's many clones actually wiped the memory upon shutdown. The idea of Qubes is a modified Xen hypervisor where every application is running in it's own virtual space so your browser can't access your data or other applications because there is a hypervized separation. Does this work? Dj Bernstein seemed to think so and was an active contributor to Qubes mailing list when Joanna ran it like writing his own memory efficient VM command/status tool (because Qubes VM tool was trash). Joanna Rutkowska who was the chief security architect and founder is no longer involved and they literally scrubbed her identity from the Wikipedia page so I have no idea who's running it now.  
</p>
</div>
</div>

<div id="outline-container-org0e71e35" class="outline-3">
<h3 id="org0e71e35">Public-key &amp; Symmetric crypto</h3>
<div class="outline-text-3" id="text-org0e71e35">
<p>
Watching <a href="https://www.youtube.com/watch?v=t-LCkSr2m9c">this video</a> from the <a href="http://hyperelliptic.org/tanja/teaching/pqcrypto22/">prereqs</a>. You probably already know about GnuPG or how public keys work. They way this used to work is you would post your public key and people who actually knew you would sign it authenticating that indeed it's your key. Of course the problem is if your key gets compromised then all past messages can be decrypted you aren't generating a new key for each message. 
</p>
</div>
</div>

<div id="outline-container-orga585a5f" class="outline-3">
<h3 id="orga585a5f">Counter-strategies against surveillance</h3>
<div class="outline-text-3" id="text-orga585a5f">
<p>
Jacob Appelbaum disappeared after being cancelled and got his PhD under DJ Bernstein and Tanja Lange in the Netherlands studying post-quantum security. There is a very good recent interview <a href="https://www.youtube.com/watch?v=ujeUGAT5D-s">here</a>. Let's skim through his PhD dissertation <i>Communication in a world of pervasive surveillance: Sources and Methods: Counter-strategies against pervasive surveillance architecture</i> which you can get <a href="https://research.tue.nl/nl/publications/communication-in-a-world-of-pervasive-surveillance-sources-and-me">here</a>. Reading the intro he singles out the US but there is just a single country now called the <a href="https://en.wikipedia.org/wiki/Five_Eyes">Fourteen Eyes</a> who pool their resources for one gigantic intel budget sharing all the tech to spy on themselves and the rest of planet earth so US is just one piece of 13 other countries doing mass surveillance. 
</p>

<p>
The paper he talks about on page 5 <i>Another Look</i> is <a href="https://eprint.iacr.org/2019/1336.pdf">here</a> and is an interesting skim how 'provable security' is misleading and how if you extract the assumptions out of any proof and show they don't hold, you've invalidated the security proof and they give 14 recent examples where assumptions did not hold. The authors also point out that in 2018 over 24 new papers per week with 'security proofs' of protocols or 1251 per year were published by eprint.iacr.org and there just is no way to verify them all. 5.1.3 "If the IACR some day decides to give a special award to the most prolific flaw-spotter, our nomination for this honor would be <a href="https://www.isical.ac.in/~mridul/">Mridul Nandi</a> of the Indian Statistical Institute. Nandi and coauthors have found fallacies in security proofs for several types of protocols." they must be breaking them for class projects in the grad courses he teaches. This is definitely a paper to save and read during the cryptanalysis part of the course we're doing.  
</p>

<p>
Page 7 the clown show that is the Internet Engineering Task Force (IETF). Daniel J. Bernstein has a large posting history on the those working groups like the CFRG group exposing sabotage and writing very lengthy responses deconstructing protocols and proving they are are worthless. For example if you read his messages on mailarchive.ietf.org he repeatedly warns about the patents in many proposed lattice-based cryptosystems are a complete minefield waiting to be stepped on as the holder surely won't say anything until one those crypto systems is standardized then they can start suing. 
</p>

<p>
The rest of this chapter is teenage political activist tier and more like a blog post than a dissertation, skip to hapter 2 this is what we came here for, it's nice when papers give you a crash course. 
</p>


<p>
<a href="https://learnaifromscratch.github.io/theabsolutestateofsoftware.html">MOVED</a>
</p>
</div>
</div>
</div>
</div>
</body>
</html>