[tor-dev] [proposal] RebelAlliance: A Post-Quantum Secure Hybrid Handshake Based on NewHope
isis agora lovecruft
isis at torproject.org
Sun May 22 13:44:45 UTC 2016
isis transcribed 35K bytes:
> Peter (in CC) and I have recently composed a draft proposal for a new Tor
> handshake. It's a hybrid handshake combining Tor's current X25519-based NTor
> handshake with the NewHope lattice-based key exchange, in order to protect the
> secrecy of Tor connections today from an attacker with a quantum computer in
> the future.
> I have not given the proposal a number. It is available in my
> `drafts/newhope` branch of my torspec repository:
Boring SSL now includes a similar hybrid handshake under the name CECPQ1, 
which is a really horribly crappy name. No offense to the Boring developers,
but we're not that boring.
We're calling our handshake RebelAlliance, since it's an alliance between
X25519 and NewHope. The proposal has been updated to reflect this.
♥Ⓐ isis agora lovecruft
Current Keys: https://fyb.patternsinthevoid.net/isis.txt
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 1240 bytes
Desc: Digital signature
More information about the tor-dev