[tor-dev] tor-dev Digest, Vol 60, Issue 2
Flipchan
flipchan at riseup.net
Sat Jan 2 22:49:40 UTC 2016
How would u add quantum-safe
crypto? I havent seen anyone puttin a pub lib that anyone can import
tor-dev-request at lists.torproject.org skrev: (2 januari 2016 13:00:02 CET)
>Send tor-dev mailing list submissions to
> tor-dev at lists.torproject.org
>
>To subscribe or unsubscribe via the World Wide Web, visit
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
>or, via email, send a message with subject or body 'help' to
> tor-dev-request at lists.torproject.org
>
>You can reach the person managing the list at
> tor-dev-owner at lists.torproject.org
>
>When replying, please edit your Subject line so it is more specific
>than "Re: Contents of tor-dev digest..."
>
>
>Today's Topics:
>
> 1. Re: Quantum-safe Hybrid handshake for Tor (Ryan Carboni)
> 2. Re: Quantum-safe Hybrid handshake for Tor (Yawning Angel)
>
>
>----------------------------------------------------------------------
>
>Message: 1
>Date: Fri, 1 Jan 2016 19:33:31 -0800
>From: Ryan Carboni <ryacko at gmail.com>
>To: tor-dev at lists.torproject.org
>Subject: Re: [tor-dev] Quantum-safe Hybrid handshake for Tor
>Message-ID:
> <CAO7N=i2MspE1N5eOczCyT9RCPORgUJboSOY3vUMGKL5FSzAPnw at mail.gmail.com>
>Content-Type: text/plain; charset="utf-8"
>
>The first step should be replacing the long-term keys with quantum-safe
>crypto.
>-------------- next part --------------
>An HTML attachment was scrubbed...
>URL:
><http://lists.torproject.org/pipermail/tor-dev/attachments/20160101/14b4bd21/attachment-0001.html>
>
>------------------------------
>
>Message: 2
>Date: Sat, 2 Jan 2016 04:19:28 +0000
>From: Yawning Angel <yawning at schwanenlied.me>
>To: tor-dev at lists.torproject.org
>Subject: Re: [tor-dev] Quantum-safe Hybrid handshake for Tor
>Message-ID: <20160102041928.15e0cbc3 at schwanenlied.me>
>Content-Type: text/plain; charset="us-ascii"
>
>On Fri, 1 Jan 2016 19:33:31 -0800
>Ryan Carboni <ryacko at gmail.com> wrote:
>
>> The first step should be replacing the long-term keys with
>> quantum-safe crypto.
>
>Wrong.
>
>There are NO usable PQ signature primitives that are suitable for
>deployment. Adding 1408+ bytes to every single microdescriptor is
>not a realistic proposition. Signing is also quite expensive unless
>you
>have AVX2, and will decimate circuit build performance.
>
>Protecting against Quantum Computer equipped active Man-In-The-Middle
>attacks is the least important thing to do in terms of user safety.
>
>By modifying the link handshake to incorporate a PQ key exchange
>algorithm with ephemeral keys as in the proposal, user data being
>generated right now will be protected from bulk decryption later, in
>the event of a Curve25519 break (probably by a large enough Quantum
>Computer), which is a far more realistic threat to be concerned about.
>
>--
>Yawning Angel
>-------------- next part --------------
>A non-text attachment was scrubbed...
>Name: not available
>Type: application/pgp-signature
>Size: 819 bytes
>Desc: OpenPGP digital signature
>URL:
><http://lists.torproject.org/pipermail/tor-dev/attachments/20160102/dff24542/attachment-0001.sig>
>
>------------------------------
>
>Subject: Digest Footer
>
>_______________________________________________
>tor-dev mailing list
>tor-dev at lists.torproject.org
>https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
>
>
>------------------------------
>
>End of tor-dev Digest, Vol 60, Issue 2
>**************************************
--
Sincerly Flipchan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20160102/73b02158/attachment.html>
More information about the tor-dev
mailing list