[TLS] Re: [Pqc] QUIC, amplification and PQC message sizes (was: Bytes server -> client)

Michael Richardson Mon, 11 Nov 2024 04:00:27 -0800

Christian Huitema <[email protected]> wrote:
    > To summarize, the QUIC handshake will require an extra RTT:


    > * if the server flight is larger than 3 times the Client Hello,
    > * if the Client Hello is larger than 12,000 bytes,
    > * if the Server Hello is larger than 12,000 bytes.

    > If would be very nice to have PQC variants that fit inside that budget.

might it be worth doing a "legacy" crypto operation first, even if that is
broken by a CRQC, if the time to break it is less than the RTT?

--
Michael Richardson <[email protected]>, Sandelman Software Works
 -= IPv6 IoT consulting =-                      *I*LIKE*TRAINS*

signature.asc
Description: PGP signature

_______________________________________________
TLS mailing list -- [email protected]
To unsubscribe send an email to [email protected]

[TLS] Re: [Pqc] QUIC, amplification and PQC message sizes (was: Bytes server -> client)

Reply via email to