[noise] Stateful Hash Object Proposal
Peter Schwabe
peter at cryptojedi.org
Mon Nov 26 00:04:17 PST 2018
Trevor Perrin <trevp at trevp.net> wrote:
Hi again,
> It would be a great exercise to work through some PQ algorithms and
> see whether they could be adjusted to this API, are there any you'd
> recommend trying this with? (e.g. some algorithms that take different
> or unusual strategies for domain-separation?).
Totally biased view: could try Kyber, which is currently using all kind
of different functions from the SHA-3 family, relying on their internal
domain separation. It uses hashing in the traditional (fixed-output
length) way, it uses it as a PRF, as a XOF, needs different hash
functions from the same family... pretty much any interesting case that
I can think of.
With the SHO you're imagining you wouldn't get the same output vectors,
but that's not too much of a problem.
Any preference for what language to try this in?
Cheers,
Peter
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://moderncrypto.org/mail-archive/noise/attachments/20181126/d7eed0b3/attachment.sig>
More information about the Noise
mailing list