Rare project developers

[Cristina Klippel Dominicini <>]

Hi Csaba,

My friend have just replied my e-mail with very interesting feedback :-)

========
The most likely scenario: go with Crystals-Kyber for key exchange, and
with Crystals-Dilithium for signature. They are very fast, and have
reasonable (worse than RSA, but still reasonable) sizes for public keys
and signature sizes/encrypted packages (some numbers:
https://s3.amazonaws.com/files.douglas.stebila.ca/files/research/presentations/20201021-SERENE-RISC.pdf).

I'm not sure if there is a great reference for that recommendation, but
(1) they are already on the standardization track, rather than on the
"let's do another round with those", and (2) those are the ones that
have been receiving more attention in venues like TCHES and
eprint.iacr.org. Hence, it is my best hunch :)

========

Best regards,

Cristina

---

De: Cristina Klippel Dominicini
Enviado: quarta-feira, 22 de fevereiro de 2023 21:09:35
Para:
Cc: Ronald van der Pol
Assunto: Re: [rare-dev] what is your opinion about quantum resistant algorithms?

 

Hi Csaba,

Very interesting question! I am not a specialist in cryptography, but your question certainly provides food for thought.

I am studying the finalists (https://csrc.nist.gov/Projects/post-quantum-cryptography/selected-algorithms-2022) and the openssh implementations (https://github.com/open-quantum-safe/openssh) to understand the context. In the meanwhile, I also asked some questions to two friends who are cryptologists and should bring more assertive answers.

I'll get back to you as soon as I have good insights on the matter :-)

Best regards,

Cristina

---

De: <> em nome de mc36 <>
Enviado: sábado, 11 de fevereiro de 2023 04:44:51
Para: Cristina Klippel Dominicini
Cc: Ronald van der Pol;
Assunto: [rare-dev] what is your opinion about quantum resistant algorithms?

 

hi cristina,
so i recently had a conversation/monologue(?) on irc about the subject and as you're my only trustworthy math/info prof i know of,
hereby i would like to ask your opinion about the topic... all what i see is that we had a lot of candidate algorithms at the
nist competition but round by round they divided this number by two, and there are still too many imho, and this challenge will
end like what happened with the advanced encryption _standard_ (aes*). i'm know that picking an algorithm could be n-p hard task,
and i know about existing implementations of the algos in public git repos and i strongly feel that we're in the hands of some
of the top cleverest mathematicians/cryptographers here so no need to worry, and i'm optimistic having the finalist in freerouter,
but still, do you have a preference here or following openssh guys 'blindly' and starting to have something compatible (?) to what
they recently started and hoping that will be the good choice just to have something?
thanks,
cs

---

Esta mensagem (incluindo anexos) contém informação confidencial destinada a um usuário específico e seu conteúdo é protegido por lei. Se você não é o destinatário correto deve apagar esta mensagem.

O emitente desta mensagem é responsável por seu conteúdo e endereçamento.
Cabe ao destinatário cuidar quanto ao tratamento adequado. A divulgação, reprodução e/ou distribuição sem a devida autorização ou qualquer outra ação sem conformidade com as normas internas do Ifes são proibidas e passíveis de sanção disciplinar, cível e criminal.