pie in sky suites - long lived public key pairs for persistent identity
coderman
coderman@gmail.com
Fri Jan 3 11:42:47 PST 2014
use case is long term (decade+) identity rather than privacy or
session authorization.
eternity key signs working keys tuned for speed with limited secret
life span (month+). working keys are used for secret exchange and any
other temporal purpose.
you may use any algorithms desired; what do you pick?
Curve3617+NTRU eternity key
Curve25519 working keys
ChaCha20+Poly1305-AES for sym./mac
?
this assumes key agility by signing working keys with all eternity
keys, and promoting un-broken suites to working suites as needed. you
cannot retro-actively add new suites to eternity keys; these must be
selected and generated extremely conservatively.
other questions:
- would you include another public key crypto system with the above?
(if so, why?)
- does GGH signature scheme avoid patent mine fields? (like NTRU patents)
- is it true that NSA does not use any public key scheme, nor AES, for
long term secrets?
- are you relieved NSA has only a modest effort aimed at keeping an
eye on quantum cryptanalysis efforts in academia and other nations?
best regards,
More information about the cypherpunks
mailing list