pull down to refresh
reply
Yes it seems so. Equivalent to Signals PQXDH: encapsule the conventional crypto in a hybrid setting instead of replacing it whole with the new algorithms
reply
pull down to refresh
Yes it seems so. Equivalent to Signals PQXDH: encapsule the conventional crypto in a hybrid setting instead of replacing it whole with the new algorithms
This got me interested in the algorithm itself. It would be great to hear about it from a cryptographer, but from what I gather it uses ML-KEM (a.k.a. kyber) to replace the traditional ECDH key exchange. ML-KEM is lattice based encryption, which uses a learning with errors (LWE) algorithm, which sounds cool, but is still very young in the encryption world.
So because this hasn't stood the test of time, they're using a hybrid approach. They generate a symmetric key via ML-KEM, which is then used to privately exchange traditional AES keys and encrypted data. Basically, the public key is never available to an adversary that could collect the traffic and one day have a CRQC to break it.
It doesn't seem like serious applications are ready to jump to lattice-based encryption wholesale yet. The devil you know is better than the devil you don't?