Ask HN: TLS 1.3 and Post-Quantum Encryption for HN?

15 pointsAzerty99991y ago12 comments

Could HN benefit from a TLS upgrade, as it's currently at TLS v1.2, (not e.g.: v1.3) (for me, at least)? Also could it benefit from being a leader in implementing post-quantum cryptography?

Cloudflare is beginning to implement it: https://pq.cloudflareresearch.com (See cloudflare blog posts about it, too for many more details)..

12 comments

theandrewbailey1y ago

HN doesn't handle super-secure data, outside of email addresses and passwords (which should not be re-used elsewhere). I'm skeptical that HN would benefit much from using post-quantum crypto, over using current recommendations like https://ssl-config.mozilla.org/#server=nginx&version=1.27.3&...

That said, HN could use an update in configuration (disable TLS 1.0 and 1.1 and CBC ciphers, enable TLS 1.3): https://www.ssllabs.com/ssltest/analyze.html?d=news.ycombina...

I get it, new crypto algorithms are cool, but these just aren't widely implemented in browsers or servers yet, and we're still several years out from a quantum computer breaking 2048 bit RSA or 256 bit ECDSA.

Azerty9999OP1y ago

I just asked the question because I wonder if getting more responsive/agile to security protocol updates should become more of a norm. Why not start as an example of that here if it doesn't take much cost/time/effort? For whatever reason it doesn't seem like just security theater. NIST, Google, Apple, and others seem to be taking this admittedly unknown threat seriously. It's good to balance skepticism with curiosity here I think (the podcast episode below agrees). The certainty of this happening anytime soon is publicly unknown of course, but if in the rare chance it happens, even within a decade or two, the consequences could be serious. Apparently it was Richard Feynman, perhaps amongst others who raised the question regarding quantum computers according to this interesting Google podcast. During the podcast a host reportedly with an apparent PhD in Quantum Mechanics started to take it more seriously.. Thank you for your thoughtful response! https://cloud.withgoogle.com/cloudsecurity/podcast/ep164-qua...

ggm1y ago

In my personal QC skeptic opinion, frequent recertification of the site certificate would do for now. We don't need perfect forward secrecy and so future pqc outcomes about decoding packet captures made now seem fruitless for this context. (We don't need pfs because afaik everything here is visible, and individual user logins aren't based on public private cryptography. If the tls cert was rolled every day I wouldn't care)

Maybe the cert issuing chain needs to be looked at for its risks but I can't see the site certificate itself being at risk.

I mean I am glad cloudflare and others are showing capability but my highly broken foot gun of futurology says to me, this is a fools errand. I've been wrong many many times.

theandrewbailey1y ago

> Maybe the cert issuing chain needs to be looked at for its risks

HN is using Let's Encrypt, and so are about a third to half the sites on the internet at this point. If there's an issue with Let's Encrypt, the people on/running this site would know.

ggm1y ago

The people who will act are the let's encrypt people, in how they select algorithms for the CA chain. I wouldn't expect this site to have to do very much but I would expect to see some public communications from letsencrypt. Which, I am not seeing. Hence some evidence to back my pqc scepticism.

https://community.letsencrypt.org/t/preparing-for-quantum-sa...

Like I said, more frequent certificate reissuance probably covers it. It would be changing a timing parameter in the config and resetting some options in an orderly upgrade not a massive lift and drag to another place.

1 more reply

userbinator1y ago

Perhaps you're a bit too paranoid?

Azerty9999OP1y ago

lol. Maybe so! :).. but is NIST? Is Cloudflare? Is Google/Apple?

Worth a read: https://blog.cloudflare.com/nists-first-post-quantum-standar...

Google: https://cloud.google.com/security/resources/post-quantum-cry...

Various interesting Cloudflare blog posts here: https://blog.cloudflare.com/tag/post-quantum/

thayne1y ago

Practical QC is like nuclear fusion. People have been saying we're only a couple decades away for decades. And yes, we have made a lot of progress, but no one really knows for sure how far off we are. There might be a huge breakthrough within a couple years, or progress might stall for decades.

I think that it is absolutely worth researching post quantum cryptography, and if you are a high value target, maybe even using it. But it probably isn't necessary to use it everywhere yet.

1 more reply

j / k navigate · click thread line to collapse

12 comments

theandrewbailey1y ago

That said, HN could use an update in configuration (disable TLS 1.0 and 1.1 and CBC ciphers, enable TLS 1.3): https://www.ssllabs.com/ssltest/analyze.html?d=news.ycombina...

Azerty9999OP1y ago

ggm1y ago

Maybe the cert issuing chain needs to be looked at for its risks but I can't see the site certificate itself being at risk.

I mean I am glad cloudflare and others are showing capability but my highly broken foot gun of futurology says to me, this is a fools errand. I've been wrong many many times.

theandrewbailey1y ago

> Maybe the cert issuing chain needs to be looked at for its risks

HN is using Let's Encrypt, and so are about a third to half the sites on the internet at this point. If there's an issue with Let's Encrypt, the people on/running this site would know.

ggm1y ago

https://community.letsencrypt.org/t/preparing-for-quantum-sa...

1 more reply

userbinator1y ago

Perhaps you're a bit too paranoid?

Azerty9999OP1y ago

lol. Maybe so! :).. but is NIST? Is Cloudflare? Is Google/Apple?

Worth a read: https://blog.cloudflare.com/nists-first-post-quantum-standar...

Google: https://cloud.google.com/security/resources/post-quantum-cry...

Various interesting Cloudflare blog posts here: https://blog.cloudflare.com/tag/post-quantum/

thayne1y ago

I think that it is absolutely worth researching post quantum cryptography, and if you are a high value target, maybe even using it. But it probably isn't necessary to use it everywhere yet.

1 more reply

j / k navigate · click thread line to collapse