[tor-dev] [proposal] Post-Quantum Secure Hybrid Handshake Based on NewHope
durumcrustulum at gmail.com
Thu May 19 17:21:47 UTC 2016
Not sure if this has been noted before on this thread, but the BoringSSL
team is working on something very similar:
On Thu, May 19, 2016 at 1:01 PM Yawning Angel <yawning at schwanenlied.me>
> On Tue, 17 May 2016 17:49:46 +0000 (UTC)
> lukep <lukep at tutanota.com> wrote:
> > > [snip]
> > > > In other words, I'd expect our future trust in Ring-LWE and SIDH
> > > > to evolve in different ways. And counting papers will not be
> > > > informative.
> > >
> > > Yeah probably. I can envision having no choice but to use SIDH
> > > sometime in the future (or vice versa). It's an evolving field,
> > > and my current mindset is "pick one or two that probably won't kill
> > > the network (CPU/network/whatever)", integrate it in a way that is
> > > easy to switch at a later point, and deploy it.
> > The important thing now is surely to get the protocol right so that
> > we can slot algorithms in or out (then pick one or two that we
> > actually want to integrate)
> The relevant proposals here would be:
> With emphasis on the 264, since that's probably how link handshake
> crypto support will be signified.
> Yawning Angel
> tor-dev mailing list
> tor-dev at lists.torproject.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the tor-dev