[noise] Post-Quantum Noise with New Hope

Rhys Weatherley rhys.weatherley at gmail.com
Fri Jul 15 02:01:20 PDT 2016


Almost forgot ...

An implementation note for New Hope: part of the Alice's public key is 32
bytes of random seed material which is used to generate the shared "a"
parameter (other DH algorithms would call this a "group parameter").

The reference implementation of New Hope calls the system RNG and puts
these 32 bytes directly on the wire with no further transformation.  EEK!
Needless to say, I replaced the reference randombytes() function when
integrating the code. :-)

Cheers,

Rhys.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://moderncrypto.org/mail-archive/noise/attachments/20160715/e37cf67e/attachment.html>


More information about the Noise mailing list