[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-dev] R-LWE KEX error reconciliation improvements (was: Further New Hope Improvements)



bancfc@xxxxxxxxxxxxxxx transcribed 0.6K bytes:
> New paper released a week ago makes further improvements on New Hope,
> reducing decryption failure rates, ciphertext size and amount of entropy
> needed. This new version will be submitted as a NIST PQ competition
> candidate.
> 
> https://eprint.iacr.org/2017/424

Hi!

Thanks for sharing this!

Point of clarification: rather than a new version of NewHope, it's a more
efficient reconciliation method for R-LWE based KEX (and encryption schemes
too, since the newer reconciliation makes the error rate low enough).  The
only connection to NewHope is that it uses the same parameter choices for
the underlying polynomial ring.

But!  This is exciting, not only because it has smaller message sizes and
specifications for constant-time implementations (and decent reference
code!), but because it appears to me¹ that this new method is not subject to
the same patent claims as NewHope theoretically is.

¹ I am not a lawyer.  (Fortunately.)

Best,
-- 
 ♥Ⓐ isis agora lovecruft
_________________________________________________________
OpenPGP: 4096R/0A6A58A14B5946ABDE18E207A3ADB67A2CDB8B35
Current Keys: https://fyb.patternsinthevoid.net/isis.txt

Attachment: signature.asc
Description: Digital signature

_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev