[tor-dev] [proposal] Post-Quantum Secure Hybrid Handshake Based on NewHope
Deirdre Connolly
durumcrustulum at gmail.com
Thu May 19 17:21:47 UTC 2016
Not sure if this has been noted before on this thread, but the BoringSSL
team is working on something very similar:
https://boringssl-review.googlesource.com/#/c/7962/
On Thu, May 19, 2016 at 1:01 PM Yawning Angel <yawning at schwanenlied.me>
wrote:
> On Tue, 17 May 2016 17:49:46 +0000 (UTC)
> lukep <lukep at tutanota.com> wrote:
> > > [snip]
> > > > In other words, I'd expect our future trust in Ring-LWE and SIDH
> > > > to evolve in different ways. And counting papers will not be
> > > > informative.
> > >
> > > Yeah probably. I can envision having no choice but to use SIDH
> > > sometime in the future (or vice versa). It's an evolving field,
> > > and my current mindset is "pick one or two that probably won't kill
> > > the network (CPU/network/whatever)", integrate it in a way that is
> > > easy to switch at a later point, and deploy it.
> >
> > The important thing now is surely to get the protocol right so that
> > we can slot algorithms in or out (then pick one or two that we
> > actually want to integrate)
>
> The relevant proposals here would be:
>
>
> https://gitweb.torproject.org/torspec.git/tree/proposals/264-subprotocol-versions.txt
>
> https://gitweb.torproject.org/torspec.git/tree/proposals/249-large-create-cells.txt
>
> With emphasis on the 264, since that's probably how link handshake
> crypto support will be signified.
>
> Regards,
>
> --
> Yawning Angel
> _______________________________________________
> tor-dev mailing list
> tor-dev at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20160519/107ad038/attachment.html>
More information about the tor-dev
mailing list