isis transcribed 35K bytes: > Hello, > > Peter (in CC) and I have recently composed a draft proposal for a new Tor > handshake. It's a hybrid handshake combining Tor's current X25519-based NTor > handshake with the NewHope lattice-based key exchange, in order to protect the > secrecy of Tor connections today from an attacker with a quantum computer in > the future. > > I have not given the proposal a number. It is available in my > `drafts/newhope` branch of my torspec repository: > > https://gitweb.torproject.org/user/isis/torspec.git/tree/proposals/XXX-newhope-hybrid-handshake.txt?h=draft/newhope Boring SSL now includes a similar hybrid handshake under the name CECPQ1, [0] which is a really horribly crappy name. No offense to the Boring developers, but we're not that boring. We're calling our handshake RebelAlliance, since it's an alliance between X25519 and NewHope. The proposal has been updated to reflect this. [0]: https://boringssl-review.googlesource.com/#/c/7962/ Best, -- ââ isis agora lovecruft _________________________________________________________ OpenPGP: 4096R/0A6A58A14B5946ABDE18E207A3ADB67A2CDB8B35 Current Keys: https://fyb.patternsinthevoid.net/isis.txt
Attachment:
signature.asc
Description: Digital signature
_______________________________________________ tor-dev mailing list tor-dev@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev