[tor-dev] Quantum-safe Hybrid handshake for Tor
Nick Mathewson
nickm at alum.mit.edu
Thu Dec 31 21:41:20 UTC 2015
On Thu, Dec 31, 2015 at 3:51 PM, isis <isis at torproject.org> wrote:
> Zhenfei Zhang transcribed 22K bytes:
[...]
>> In addition, this is a modular design that allows us to use any quantum-safe
>> cryptographic primitives. As a proof of concept, we instantiated the
>> protocol with NTRUEncrypt lattice-based crypto. We implemented the the
>> protocol with NTRU parameters that gives 128 bits security. The code is
>> available at https://github.com/NTRUOpenSourceProject/ntru-tor
>
> Thanks! This is great! Having an implementation to go along with the
> proposal makes it easier to evaluate. I've already actually looked at your
> code a couple months ago, but I'll take a second look after the new year and
> see what (if anything) changed.
>
> However, if we were to go the route of using NTRU, we'd likely want to instead
> use Dan Bernstein's NTRU Prime parameters, in order to eliminate some of the
> inherent algebraic structure of the ideal lattice which might possibly be
> exploited. [0] [1]
I'd also like us to consider the Ring-LWE proposals that Yawning has
been working on, but I think that this proposal forms a good basis for
future work in all those directions.
(Generally, I'm a bit afraid of being the first adopter of much of
anything, or the biggest user of any protocol, but I think we're soon
reaching the point where we'll have to.)
> Also, what is the current state of patents on NTRU? My understanding is that
> NTRU is dual-licenced as GPLv2+ and commercial, [2] however, Tor is currently
> BSD licenced. Would it be necessary to relicense Tor as GPLv2+? Will the GPL
> exceptions continue to be applied to further patents on optimisations and
> improvements/protections for NTRU?
Have a look at https://github.com/NTRUOpenSourceProject/ntru-crypto/blob/master/FOSS%20Exception.md
. If I'm reading that right (and Wendy has seen it too), we have
their permission to use their GPL code along with BSD-licensed Tor.
peace, and a happy new year to all,
--
Nick
More information about the tor-dev
mailing list