Open david415 opened 6 years ago
Err. At that point, I would want to switch the way the handshake is done to do an authenticated Kyber handshake as well for PQ auth. While this is sort of a nice to have, it's towards the bottom of my priority list, because there's a lot of other more important things to do.
So, I wrote this: https://github.com/yawning/kyber
But I'm not sure if I want to switch off NewHope-Simple anytime soon. While I have no reason to believe that Kyber is flawed or any worse, it is more of a moving target than NewHope-Simple is, and I don't want to end up in a position down the line where we need to upgrade absolutely everything (post deployment, when it's actually massively painful) because of tweaks to the algorithm.
Implement khyber in golang starting with the current new hope simple implementation. after that we should make it work with our noise based wire protocol.
our fork of the golang noise library https://github.com/katzenpost/noise
our noise based wire protocol (aka mixnet link layer) https://github.com/katzenpost/core/tree/master/wire