[PATCH] Add NTRUEncrypt public key encryption algorithm

Jeff Burdges burdges at gnunet.org
Mon Sep 21 11:41:40 CEST 2015

SPHINCS is ideal for signing software packages for distribution, but
today protocols should usually provide deniability, making signatures
unworkable.  I haven't looked at XMSS yet, but sounds quite similar to

There is a way to gain PQ security from classical primitives for
encryption though :  Use Axolotl with very long-running sessions
everywhere.  And ideally introduce side key material so that breaking
one ratchet requires breaking many.  I'm interested in writing a paper
on exactly this, but it requires building a mixnet, so it's requires
doing a lot of different things right. 

On Mon, 2015-09-21 at 09:22 +0200, Simon Josefsson wrote:
> Christian Grothoff <grothoff at gnunet.org> writes:
> >    So we're actually strongly considering NTRU (and other PQ-schemes,
> >    but NTRU so far seems very good on the potential security
> >    improvement vs. performance loss/complexity front) as an
> >    additional (likely for a while optional) handshake within
> >    GNUnet (which so far uses primarily libgcrypt for
> >    crypto-primitives) for the future. No code yet, but plenty of
> >    thinking.
> You want to look at XMSS, SPHINCS and some of the other modern
> PQ-schemes:
> https://tools.ietf.org/html/draft-irtf-cfrg-xmss-hash-based-signatures-01
> http://sphincs.cr.yp.to/
> /Simon

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: This is a digitally signed message part
URL: </pipermail/attachments/20150921/a4c000ea/attachment-0001.sig>

More information about the Gcrypt-devel mailing list