On Wed, Aug 5, 2015 at 7:35 AM, Jeff Burdges <[email protected]> wrote: > As I understand it, there are no mature post-quantum Diffie-Hellman > alternatives
Is that true? Can't one easily build it from lattices? I know lots of people are working on adding bits of structure to lattices to try and shrink and speed them up but, if you're willing to suffer large (10s of KBs) public values, then completely random lattices are reasonably mature, I think. (PLEASE CONSULT WITH YOUR DJB, OR OTHER QUALIFIED CRYPTOGRAPHIC PROFESSIONAL BEFORE USING ANY PRIMITIVE DISCUSSED WITHIN THIS EMAIL.) Cheers AGL -- Adam Langley [email protected] https://www.imperialviolet.org _______________________________________________ Messaging mailing list [email protected] https://moderncrypto.org/mailman/listinfo/messaging
