[PATCH] Add NTRUEncrypt public key encryption algorithm
Jeff Burdges
burdges at gnunet.org
Mon Sep 21 11:41:40 CEST 2015
SPHINCS is ideal for signing software packages for distribution, but
today protocols should usually provide deniability, making signatures
unworkable. I haven't looked at XMSS yet, but sounds quite similar to
SPHINCS.
There is a way to gain PQ security from classical primitives for
encryption though : Use Axolotl with very long-running sessions
everywhere. And ideally introduce side key material so that breaking
one ratchet requires breaking many. I'm interested in writing a paper
on exactly this, but it requires building a mixnet, so it's requires
doing a lot of different things right.
On Mon, 2015-09-21 at 09:22 +0200, Simon Josefsson wrote:
> Christian Grothoff <grothoff at gnunet.org> writes:
>
> > So we're actually strongly considering NTRU (and other PQ-schemes,
> > but NTRU so far seems very good on the potential security
> > improvement vs. performance loss/complexity front) as an
> > additional (likely for a while optional) handshake within
> > GNUnet (which so far uses primarily libgcrypt for
> > crypto-primitives) for the future. No code yet, but plenty of
> > thinking.
>
> You want to look at XMSS, SPHINCS and some of the other modern
> PQ-schemes:
>
> https://tools.ietf.org/html/draft-irtf-cfrg-xmss-hash-based-signatures-01
> http://sphincs.cr.yp.to/
>
> /Simon
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: This is a digitally signed message part
URL: </pipermail/attachments/20150921/a4c000ea/attachment-0001.sig>
More information about the Gcrypt-devel
mailing list