Post-Quantum Use In Protocols (pquip) Internet Drafts

      
 Terminology for Post-Quantum Traditional Hybrid Schemes
 
 draft-ietf-pquip-pqt-hybrid-terminology-02.txt
 Date: 02/02/2024
 Authors: Florence D
 Working Group: Post-Quantum Use In Protocols (pquip)
 One aspect of the transition to post-quantum algorithms in cryptographic protocols is the development of hybrid schemes that incorporate both post-quantum and traditional asymmetric algorithms. This document defines terminology for such schemes. It is intended to be used as a reference and, hopefully, to ensure consistency and clarity across different protocols, standards, and organisations.
 Post-Quantum Cryptography for Engineers
 
 draft-ietf-pquip-pqc-engineers-03.txt
 Date: 22/02/2024
 Authors: Aritra Banerjee, Tirumaleswar Reddy.K, Dimitrios Schoinianakis, Tim Hollebeek
 Working Group: Post-Quantum Use In Protocols (pquip)
 The presence of a Cryptographically Relevant Quantum Computer (CRQC) would render state-of-the-art, traditional public-key algorithms deployed today obsolete, since the assumptions about the intractability of the mathematical problems for these algorithms that offer confident levels of security today no longer apply in the presence of a CRQC. This means there is a requirement to update protocols and infrastructure to use post-quantum algorithms, which are public-key algorithms designed to be secure against CRQCs as well as classical computers. These new public-key algorithms behave similarly to previous public key algorithms, however the intractable mathematical problems have been carefully chosen so they are hard for CRQCs as well as classical computers. This document explains why engineers need to be aware of and understand post-quantum cryptography. It emphasizes the potential impact of CRQCs on current cryptographic systems and the need to transition to post-quantum algorithms to ensure long-term security. The most important thing to understand is that this transition is not like previous transitions from DES to AES or from SHA-1 to SHA-2. While drop-in replacement may be possible in some cases, others will require protocol re-design to accommodate significant differences in behavior between the new post-quantum algorithms and the classical algorithms that they are replacing.

data-group-menu-data-url="/group/groupmenu.json">

Post-Quantum Use In Protocols (pquip)

WG Name Post-Quantum Use In Protocols
Acronym pquip
Area Security Area (sec)
State Active
Charter charter-ietf-pquip-01 Approved
Document dependencies
Additional resources GitHub Organization
Grand list of WGs and protocols looking at PQC algorithms
Personnel Chairs Paul E. Hoffman, Sofia Celi
Area Director Paul Wouters
Mailing list Address pqc@ietf.org
To subscribe https://www.ietf.org/mailman/listinfo/pqc
Archive https://mailarchive.ietf.org/arch/browse/pqc/
Chat Room address https://zulip.ietf.org/#narrow/stream/pquip

Charter for Working Group

Some IETF protocols rely upon cryptographic mechanisms that are considered secure given today’s “classical computers” but would be vulnerable to attacks by a Cryptographically Relevant Quantum Computer (CRQC). These mechanisms rely upon algorithms based on integer factorization or the discrete logarithm problem. Outside of the IETF, active work is underway to develop and validate Post-Quantum Cryptography (PQC) mechanisms that are expected to be resilient to the cryptanalysis capabilities of future CRQCs (e.g., CFRG, US NIST). Select IETF WGs (e.g., LAMPS, TLS, IPSECME, COSE) have already begun standardizing revised protocol behaviors. The focus of Post-Quantum Use in Protocols (PQUIP) WG is to support this growing body of work in the IETF to facilitate the evolution of IETF protocols and document associated operational guidance with respect to PQC.

The WG will provide a standing venue to discuss PQC (operational and engineering) transition issues and experiences to date relevant to work in the IETF. The WG will also provide a venue of last resort to discuss PQC-related issues in IETF protocols that have no associated maintenance WGs. This WG will not update existing protocols, specify new protocols, define new cryptographic mechanisms, or assess whether a given cryptographic mechanism is quantum-resistant.

The WG will document operational and design guidance which supports PQC transition. The general process of elaboration through documentation will be for issues to be identified and discussed on the mailing list, and presentations made at WG meetings. When topics merit more coherent documentation, the WG will adopt documents to capture the information in Internet-Drafts. If the working group consensus is that the material of the Internet-Draft is generally useful for archival purposes, the WG will seek publication of the work items as Informational or Best Current Practices RFCs. At any point, from early discussion of topics through later documentation stages, the WG may identify a more appropriate WG for the matter, and with coordination, dispatch it there.

The output of this WG is expended to inform protocol work and guidance developed by other WGs in the IETF. Consistent with other IETF WGs, this WG will also rely on outside entities (e.g., CFRG) to define and assess new PQC mechanisms.

The IESG is establishing this working group on an experimental basis, and in 2 years, the IESG intends to review it for rechartering to continue or else closure.

Milestones

Date Milestone Associated documents
May 2023 WG Adoption of an Informational document on ‘PQC for engineers’ draft-ietf-pquip-pqc-engineers
Apr 2023 WG Adoption of an Informational document that defines terminology for (hybrid) PQC schemes draft-ietf-pquip-pqt-hybrid-terminology