[noise] Stateful Hash Object Proposal

Peter Schwabe peter at cryptojedi.org
Mon Nov 26 00:04:17 PST 2018


Trevor Perrin <trevp at trevp.net> wrote:

Hi again,

> It would be a great exercise to work through some PQ algorithms and
> see whether they could be adjusted to this API, are there any you'd
> recommend trying this with? (e.g. some algorithms that take different
> or unusual strategies for domain-separation?).

Totally biased view: could try Kyber, which is currently using all kind
of different functions from the SHA-3 family, relying on their internal
domain separation. It uses hashing in the traditional (fixed-output
length) way, it uses it as a PRF, as a XOF, needs different hash
functions from the same family... pretty much any interesting case that
I can think of.

With the SHO you're imagining you wouldn't get the same output vectors,
but that's not too much of a problem. 

Any preference for what language to try this in?

Cheers,

Peter
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://moderncrypto.org/mail-archive/noise/attachments/20181126/d7eed0b3/attachment.sig>


More information about the Noise mailing list