Re: [GNUnet-developers] EcDSA signature scheme

[hyazinthe]

Thank you for the evaluation and info. The combination thing sounds familiar to 
me. I'm reminding that I've heard of that before in a crypto talk anywhere...

--- Ursprüngliche Nachricht ---
Von: Christian Grothoff <address@hidden>
Datum: 12.08.2018 23:33:29
An: address@hidden
Betreff: Re: [GNUnet-developers] EcDSA signature scheme

> This does not sound like a great idea, largely because the PQ algorithms
>
> are all a bit new and not nearly as well understood as classical crypto.
>
> A sane PQ implementation should _combine_ classical and PQ crypto, i.e.
> sign/verify with both types of algorithms and for encryption use two
> types of KX algorithms and then HKDF the results together.  As they are
>
> not doing that (at least nothing in their documentation suggests this),
> I would advise to stay away.
>
> Also, as far as GNUnet is concerned, Jeff is planning on putting some PQ
>
> crypto into the Lake design, and I'm don't see an urgent need to deploy
> PQ elsewhere yet. But having good PQ crypto primitive implementations
> out there would definitively be a good thing, but I'm not sure codecrypt
>
> is where I'd look. ;-)
>
> On 08/12/2018 06:44 PM, address@hidden wrote:
> > News on the PQ site of things - at least worth it to keep an eye on:
>
> > Whonix includes Codecrypt by default now - 
> > https://www.whonix.org/wiki/PQCrypto#Use_Instructions
> .
> > Codecrypt is a GnuPG-like unix program for encryption and signing that
> uses only quantum-computer-resistant algorithms. It's Free Software using
> "GNU LGPLv3 or later" license, which is good. Codecrypt git: 
> https://gitea.blesmrt.net/exa/codecrypt
>
> >
>
>
> _______________________________________________
> GNUnet-developers mailing list
> address@hidden
> https://lists.gnu.org/mailman/listinfo/gnunet-developers
>