bancfc@xxxxxxxxxxxxxxx transcribed 0.6K bytes: > New paper released a week ago makes further improvements on New Hope, > reducing decryption failure rates, ciphertext size and amount of entropy > needed. This new version will be submitted as a NIST PQ competition > candidate. > > https://eprint.iacr.org/2017/424 Hi! Thanks for sharing this! Point of clarification: rather than a new version of NewHope, it's a more efficient reconciliation method for R-LWE based KEX (and encryption schemes too, since the newer reconciliation makes the error rate low enough). The only connection to NewHope is that it uses the same parameter choices for the underlying polynomial ring. But! This is exciting, not only because it has smaller message sizes and specifications for constant-time implementations (and decent reference code!), but because it appears to me¹ that this new method is not subject to the same patent claims as NewHope theoretically is. ¹ I am not a lawyer. (Fortunately.) Best, -- ♥Ⓐ isis agora lovecruft _________________________________________________________ OpenPGP: 4096R/0A6A58A14B5946ABDE18E207A3ADB67A2CDB8B35 Current Keys: https://fyb.patternsinthevoid.net/isis.txt
Attachment:
signature.asc
Description: Digital signature
_______________________________________________ tor-dev mailing list tor-dev@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev