On Thu, Dec 31, 2015 at 3:51 PM, isis <i...@torproject.org> wrote: > Zhenfei Zhang transcribed 22K bytes:
[...] >> In addition, this is a modular design that allows us to use any quantum-safe >> cryptographic primitives. As a proof of concept, we instantiated the >> protocol with NTRUEncrypt lattice-based crypto. We implemented the the >> protocol with NTRU parameters that gives 128 bits security. The code is >> available at https://github.com/NTRUOpenSourceProject/ntru-tor > > Thanks! This is great! Having an implementation to go along with the > proposal makes it easier to evaluate. I've already actually looked at your > code a couple months ago, but I'll take a second look after the new year and > see what (if anything) changed. > > However, if we were to go the route of using NTRU, we'd likely want to instead > use Dan Bernstein's NTRU Prime parameters, in order to eliminate some of the > inherent algebraic structure of the ideal lattice which might possibly be > exploited. [0] [1] I'd also like us to consider the Ring-LWE proposals that Yawning has been working on, but I think that this proposal forms a good basis for future work in all those directions. (Generally, I'm a bit afraid of being the first adopter of much of anything, or the biggest user of any protocol, but I think we're soon reaching the point where we'll have to.) > Also, what is the current state of patents on NTRU? My understanding is that > NTRU is dual-licenced as GPLv2+ and commercial, [2] however, Tor is currently > BSD licenced. Would it be necessary to relicense Tor as GPLv2+? Will the GPL > exceptions continue to be applied to further patents on optimisations and > improvements/protections for NTRU? Have a look at https://github.com/NTRUOpenSourceProject/ntru-crypto/blob/master/FOSS%20Exception.md . If I'm reading that right (and Wendy has seen it too), we have their permission to use their GPL code along with BSD-licensed Tor. peace, and a happy new year to all, -- Nick _______________________________________________ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev