[messaging] Post-quantum forward-secrecy
Adam Langley
agl at imperialviolet.org
Wed Aug 5 08:21:09 PDT 2015
On Wed, Aug 5, 2015 at 7:35 AM, Jeff Burdges <burdges at gnunet.org> wrote:
> As I understand it, there are no mature post-quantum Diffie-Hellman
> alternatives
Is that true? Can't one easily build it from lattices? I know lots of
people are working on adding bits of structure to lattices to try and
shrink and speed them up but, if you're willing to suffer large (10s
of KBs) public values, then completely random lattices are reasonably
mature, I think.
(PLEASE CONSULT WITH YOUR DJB, OR OTHER QUALIFIED CRYPTOGRAPHIC
PROFESSIONAL BEFORE USING ANY PRIMITIVE DISCUSSED WITHIN THIS EMAIL.)
Cheers
AGL
--
Adam Langley agl at imperialviolet.org https://www.imperialviolet.org
More information about the Messaging
mailing list