Not sure if this has been noted before on this thread, but the BoringSSL team is working on something very similar:
https://boringssl-review.googlesource.com/#/c/7962/ On Thu, May 19, 2016 at 1:01 PM Yawning Angel <yawn...@schwanenlied.me> wrote: > On Tue, 17 May 2016 17:49:46 +0000 (UTC) > lukep <lu...@tutanota.com> wrote: > > > [snip] > > > > In other words, I'd expect our future trust in Ring-LWE and SIDH > > > > to evolve in different ways. And counting papers will not be > > > > informative. > > > > > > Yeah probably. I can envision having no choice but to use SIDH > > > sometime in the future (or vice versa). It's an evolving field, > > > and my current mindset is "pick one or two that probably won't kill > > > the network (CPU/network/whatever)", integrate it in a way that is > > > easy to switch at a later point, and deploy it. > > > > The important thing now is surely to get the protocol right so that > > we can slot algorithms in or out (then pick one or two that we > > actually want to integrate) > > The relevant proposals here would be: > > > https://gitweb.torproject.org/torspec.git/tree/proposals/264-subprotocol-versions.txt > > https://gitweb.torproject.org/torspec.git/tree/proposals/249-large-create-cells.txt > > With emphasis on the 264, since that's probably how link handshake > crypto support will be signified. > > Regards, > > -- > Yawning Angel > _______________________________________________ > tor-dev mailing list > tor-dev@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev >
_______________________________________________ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev