On Tue, Nov 8, 2016 at 11:33 AM, stef <s...@ctrlc.hu> wrote: > On Fri, Nov 04, 2016 at 07:28:10PM -0700, Trevor Perrin wrote: >> A spec for the "X3DH" key agreeement protocol used in Signal is >> available at [1]. >> >> We'd welcome feedback. Eventually we should take spec discussion to a >> more specific venue, but hopefully this list doesn't mind for now. > > how about a simple post-quantum extension to this protocol ala cecpq1? like > this: > > 1. besides the prekey, bob also publishes the public part of newhope_keygen, > preferably also signed by the IKB.
Hi, That's not crazy. But there's plenty of debate about relative merits and parameter choices for post-quantum key exchange, even just looking at lattice crypto (LWE, Ring-LWE, NTRU, NTRU Prime, etc). I'm hoping the situation is clearer a year or so from now. Trevor _______________________________________________ Messaging mailing list Messaging@moderncrypto.org https://moderncrypto.org/mailman/listinfo/messaging
