[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] Quantum-safe Hybrid handshake for Tor

To: tor-dev@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-dev] Quantum-safe Hybrid handshake for Tor
From: Tim Wilson-Brown - teor <teor2345@xxxxxxxxx>
Date: Sun, 3 Jan 2016 14:24:24 +1100
Delivered-to: archiver@xxxxxxxx
Delivery-date: Sat, 02 Jan 2016 22:24:40 -0500
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=content-type:mime-version:subject:from:in-reply-to:date:message-id :references:to; bh=Whgknc8Z2e6065UcFQIS3atxFod/baWnv5W8pgplFHE=; b=UYdk8+mRLdgjgSEeVOLDk+fKYP3IpYWZYR4mCD/45tX4gBkBYW++GoonVoCtIyDCbF 7xl1Iea3WwBGqeX4lYwjqJb5lQjAPvHpfv+1KvXv6MS6bneAbPelDwm2TV+mgNDQWT5I mfoD2ewbEe6Nl2RT8izsXEZ5AnYg2pv3aupEkh2hXfGxTmGO0QRo5m72oBtxZlb4kyto M+FGVCAnE3uoLX/sy7xBZweB/zklMYm8XtBlLwv2zKDHAaJu9KP9nLPzBk0C+QpKXwJM dYDGFDqdrS2OLkY3G+x5BkyPe1MuHhcPy0zqxFqAEnPjAXXBODnNh9r4i7Rrl02q3X6C hTLQ==
In-reply-to: <56889182.5070504@xxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-dev/>
List-help: <mailto:tor-dev-request@lists.torproject.org?subject=help>
List-id: discussion regarding Tor development <tor-dev.lists.torproject.org>
List-post: <mailto:tor-dev@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=unsubscribe>
References: <mailman.13.1451736002.4966.tor-dev@xxxxxxxxxxxxxxxxxxxx> <2A62732B-0817-46E5-85FE-37167D63DBE3@xxxxxxxxxx> <56886742.5000002@xxxxxxxxxx> <10E3C7F3-FF7C-46A3-B9AB-3412DDDCF8A1@xxxxxxxxx> <56889182.5070504@xxxxxxxxxx>
Reply-to: tor-dev@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-dev" <tor-dev-bounces@xxxxxxxxxxxxxxxxxxxx>

On 3 Jan 2016, at 14:12, Jesse V <kernelcorn@xxxxxxxxxx> wrote:

On 01/02/2016 05:42 PM, Tim Wilson-Brown - teor wrote:
And if we can't use the reference implementation, we have some decent
programmers…
(On the other hand, if there's no reference implementation, then that
makes it hard to recommend that particular crypto scheme.)

That sounds pretty close to a "roll your own crypto" idea, which as I'm
sure you know is almost always a poor idea. Classical algorithms like
RSA and Diffie-Hellman are ~40 years old but they have many
side-channels and are still hard to implement correctly. There are so
many subtleties with ECDHE and ECDSA, with the notable exception of the
safer *25519 cryptosystems from djb. Post-quantum cryptography is over
my head, but considering the pattern and the newness of the field I
wouldn't trust any implementation unless it was written or at least
vetted by the authors of the respective post-quantum crypto system.

Point taken. It was a bit of a throwaway line, rather than a serious suggestion.

tor currently uses external crypto implementations rather than writing our own.

Tim Wilson-Brown (teor)

teor2345 at gmail dot com
PGP 968F094B

teor at blah dot im
OTR CAD08081 9755866D 89E2A06F E3558B7F B5A9D14F

Attachment: signature.asc
Description: Message signed with OpenPGP using GPGMail

_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev

References:
- Re: [tor-dev] tor-dev Digest, Vol 60, Issue 2
  - From: Flipchan
- Re: [tor-dev] Quantum-safe Hybrid handshake for Tor
  - From: Jesse V
- Re: [tor-dev] Quantum-safe Hybrid handshake for Tor
  - From: Tim Wilson-Brown - teor
- Re: [tor-dev] Quantum-safe Hybrid handshake for Tor
  - From: Jesse V

Prev by Author: Re: [tor-dev] Quantum-safe Hybrid handshake for Tor
Next by Author: Re: [tor-dev] Go version in Gitian descriptors
Previous by thread: Re: [tor-dev] Quantum-safe Hybrid handshake for Tor
Next by thread: Re: [tor-dev] Quantum-safe Hybrid handshake for Tor
Index(es):
- Author
- Thread