[tor-dev] Quantum-safe Hybrid handshake for Tor

William Whyte wwhyte at securityinnovation.com
Fri Apr 22 11:20:37 UTC 2016

> I'd imagine everyone in this thread knows this, but New Hope requires
> that "both parties use fresh secrets for each instantiation".

NTRUEncrypt, which has also been proposed for this, can be used with
ephemeral or long-lived keys safely.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20160422/c101711c/attachment.html>

More information about the tor-dev mailing list