Hacker News new | ask | show | jobs
by modalduality 3092 days ago
In general forward security involves generating a new key for each conversation with Diffie-Hellman or similar.

According to https://crypto.stackexchange.com/questions/5610/diffie-hellm..., Diffie-Hellman is not post-quantum secure, but https://en.wikipedia.org/wiki/Supersingular_isogeny_key_exch... is a DH alternative that is.
1 comments
jgrahamc 3092 days ago
Which is partly why we wrote and open sourced a SIDH implementation in TLS 1.3: https://blog.cloudflare.com/sidh-go/
link
exabrial 3092 days ago
I <3 cloudflare, you guys are awesome!
link
newman314 3092 days ago
Do you have any performance numbers for SIDH vs ECDHE?
link
grittygrease 3088 days ago
Cloudflare has a Go implementation of SIDH with p751: https://blog.cloudflare.com/sidh-go/

Here’s an overview of the performance from a patch by Armando Faz Hernandez: https://github.com/cloudflare/p751sidh/pull/2

link