HackerTrans
TopNewTrendsCommentsPastAskShowJobs

thomasdeleeuw

52 karmajoined il y a 5 ans

comments

thomasdeleeuw
·il y a 5 jours·discuss
France and Germany propose hybrid schemes as well: The german position:

https://www.bsi.bund.de/SharedDocs/Downloads/EN/BSI/Publicat...

"The quantum-safe mechanisms recommended in this Technical Guideline are generally not yet trusted to the same extent as the established classical mechanisms, since they have not been as well studied with regard to side-channel resistance and implementation security. To ensure the long-term security of a key agreement, this Technical Guideline therefore recommends the use of a hybrid key agreement mechanism that combines a quantum-safe and a classical mechanism."

The french position, also quoting the German position:

https://cyber.gouv.fr/sites/default/files/document/follow_up...

"As outlined in the previous position paper [1], ANSSI still strongly emphasizes the necessity of hybrid wherever post-quantum mitigation is needed both in the short and medium term. Indeed, even if the post-quantum algorithms have gained a lot of attention, they are still not mature enough to solely ensure the security"
thomasdeleeuw
·il y a 7 mois·discuss
Farming, with its many related jobs, but also making sails, brewing beer, assisting in house work, distributing coal, blacksmithing, pottery, woodworking, the list goes on. Smaller communities, with the majority of the population, in the early 1900s really were a lot of small (family) businesses.
thomasdeleeuw
·il y a 8 mois·discuss
France and Germany propose hybrid schemes as well:

The german position:

https://www.bsi.bund.de/SharedDocs/Downloads/EN/BSI/Publicat...

"The quantum-safe mechanisms recommended in this Technical Guideline are generally not yet trusted to the same extent as the established classical mechanisms, since they have not been as well studied with regard to side-channel resistance and implementation security. To ensure the long-term security of a key agreement, this Technical Guideline therefore recommends the use of a hybrid key agreement mechanism that combines a quantum-safe and a classical mechanism."

The french position, also quoting the German position:

https://cyber.gouv.fr/sites/default/files/document/follow_up...

"As outlined in the previous position paper [1], ANSSI still strongly emphasizes the necessity of hybridation1 wherever post-quantum mitigation is needed both in the short and medium term. Indeed, even if the post-quantum algorithms have gained a lot of attention, they are still not mature enough to solely ensure the security"
thomasdeleeuw
·il y a 9 mois·discuss
The Dutch electronic identification app, DigiD, uses the Android-native attestation API.

Also good to make a distinction between the different things you can do in an attestation procedure: bootloader/boot integrity checks, attest a specific key, and ID (imei etc) attestation.
thomasdeleeuw
·il y a 9 mois·discuss
Definitely US pressure. NL is always eager to get on the good side of the US, even if they get nothing in return. For example participation in the war in Iraq and Afghanistan and Gaza today.
thomasdeleeuw
·il y a 9 mois·discuss
Related: https://news.ycombinator.com/item?id=45564203
thomasdeleeuw
·il y a 9 mois·discuss
If anyone is curious about DSI's and ANSSI's positions referred to in this comment:

The german position:

https://www.bsi.bund.de/SharedDocs/Downloads/EN/BSI/Publicat...

"The quantum-safe mechanisms recommended in this Technical Guideline are generally not yet trusted to the same extent as the established classical mechanisms, since they have not been as well studied with regard to side-channel resistance and implementation security. To ensure the long-term security of a key agreement, this Technical Guideline therefore recommends the use of a hybrid key agreement mechanism that combines a quantum-safe and a classical mechanism."

The french position, also quoting the German position:

https://cyber.gouv.fr/sites/default/files/document/follow_up...

"As outlined in the previous position paper [1], ANSSI still strongly emphasizes the necessity of hybridation1 wherever post-quantum mitigation is needed both in the short and medium term. Indeed, even if the post-quantum algorithms have gained a lot of attention, they are still not mature enough to solely ensure the security"
thomasdeleeuw
·il y a 9 mois·discuss
I remember something like that happening. Someone optimzed something and boom, one billion of valuation gone. It seems ridiculous on the surface, and definitely smells of a bubble to me.