IETF-SSH archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: [Curdle] sntrup761x25519-sha512
On Tue, 16 May 2023 at 10:46, Matt Johnston <matt%ucc.asn.au@localhost> wrote:
>
> On 2023-05-15 9:40 pm, Simo Sorce wrote:
> > Is it worth waiting until the final NIST candidates parameters are
> > published and provide a full set of post quantum resistant algorithms
> > at that time?
> >
> > (Work on how to use those curves can start earlier, but publication
> > should wait until algorithms are official.
>
> sntrup761 doesn't seem to be a candidate any more for NIST
> standardisation.
> There's Kyber as the round 3 choice, then some other round 4 candidates
> [1]
>
> Has anyone asked the OpenSSH developers if they have future plans for
> sntrup761?
One of the openssh developers made a public statement on a github PR:
https://github.com/open-quantum-safe/liboqs/pull/1328#issuecomment-1354111314
Personally, I think that the "market" wants NTRU Prime as a non-NIST
approved Key exchange algorithm.
If NIST publishes a design weakness on NTRU Prime, then several Open
Source projects would
remove it or attempt to fix it.
I'm curious as to whether NIST was already aware of the weaknesses in
SIKE before it was made public ?
In developing countries such as Mauritius. We think that it's better
to have at least 2 choices of PQ Key exchange
and don't mind sacrificing a little bit of latency for better security.
>
> Cheers,
> Matt
>
> [1]
> https://csrc.nist.gov/News/2022/pqc-candidates-to-be-standardized-and-round-4
>
> _______________________________________________
> Curdle mailing list
> Curdle%ietf.org@localhost
> https://www.ietf.org/mailman/listinfo/curdle
Home |
Main Index |
Thread Index |
Old Index