HackerTrans
トップ新着トレンドコメント過去質問紹介求人

thomasdeleeuw

52 カルマ登録 5 年前

コメント

thomasdeleeuw
·5 日前·議論
France and Germany propose hybrid schemes as well: The german position:

https://www.bsi.bund.de/SharedDocs/Downloads/EN/BSI/Publicat...

"The quantum-safe mechanisms recommended in this Technical Guideline are generally not yet trusted to the same extent as the established classical mechanisms, since they have not been as well studied with regard to side-channel resistance and implementation security. To ensure the long-term security of a key agreement, this Technical Guideline therefore recommends the use of a hybrid key agreement mechanism that combines a quantum-safe and a classical mechanism."

The french position, also quoting the German position:

https://cyber.gouv.fr/sites/default/files/document/follow_up...

"As outlined in the previous position paper [1], ANSSI still strongly emphasizes the necessity of hybrid wherever post-quantum mitigation is needed both in the short and medium term. Indeed, even if the post-quantum algorithms have gained a lot of attention, they are still not mature enough to solely ensure the security"
thomasdeleeuw
·7 か月前·議論
Farming, with its many related jobs, but also making sails, brewing beer, assisting in house work, distributing coal, blacksmithing, pottery, woodworking, the list goes on. Smaller communities, with the majority of the population, in the early 1900s really were a lot of small (family) businesses.
thomasdeleeuw
·8 か月前·議論
France and Germany propose hybrid schemes as well:

The german position:

https://www.bsi.bund.de/SharedDocs/Downloads/EN/BSI/Publicat...

"The quantum-safe mechanisms recommended in this Technical Guideline are generally not yet trusted to the same extent as the established classical mechanisms, since they have not been as well studied with regard to side-channel resistance and implementation security. To ensure the long-term security of a key agreement, this Technical Guideline therefore recommends the use of a hybrid key agreement mechanism that combines a quantum-safe and a classical mechanism."

The french position, also quoting the German position:

https://cyber.gouv.fr/sites/default/files/document/follow_up...

"As outlined in the previous position paper [1], ANSSI still strongly emphasizes the necessity of hybridation1 wherever post-quantum mitigation is needed both in the short and medium term. Indeed, even if the post-quantum algorithms have gained a lot of attention, they are still not mature enough to solely ensure the security"
thomasdeleeuw
·9 か月前·議論
The Dutch electronic identification app, DigiD, uses the Android-native attestation API.

Also good to make a distinction between the different things you can do in an attestation procedure: bootloader/boot integrity checks, attest a specific key, and ID (imei etc) attestation.
thomasdeleeuw
·9 か月前·議論
Definitely US pressure. NL is always eager to get on the good side of the US, even if they get nothing in return. For example participation in the war in Iraq and Afghanistan and Gaza today.
thomasdeleeuw
·9 か月前·議論
Related: https://news.ycombinator.com/item?id=45564203
thomasdeleeuw
·9 か月前·議論
If anyone is curious about DSI's and ANSSI's positions referred to in this comment:

The german position:

https://www.bsi.bund.de/SharedDocs/Downloads/EN/BSI/Publicat...

"The quantum-safe mechanisms recommended in this Technical Guideline are generally not yet trusted to the same extent as the established classical mechanisms, since they have not been as well studied with regard to side-channel resistance and implementation security. To ensure the long-term security of a key agreement, this Technical Guideline therefore recommends the use of a hybrid key agreement mechanism that combines a quantum-safe and a classical mechanism."

The french position, also quoting the German position:

https://cyber.gouv.fr/sites/default/files/document/follow_up...

"As outlined in the previous position paper [1], ANSSI still strongly emphasizes the necessity of hybridation1 wherever post-quantum mitigation is needed both in the short and medium term. Indeed, even if the post-quantum algorithms have gained a lot of attention, they are still not mature enough to solely ensure the security"
thomasdeleeuw
·9 か月前·議論
I remember something like that happening. Someone optimzed something and boom, one billion of valuation gone. It seems ridiculous on the surface, and definitely smells of a bubble to me.