Description

New modifiers and tokens for KEM-based hybrid forward secrecy.

Status

An unofficial/unstable extension spec exists.

We want this to be consistent with an eventual "multi-algorithm" approaches that allows arbitrary mixing of KEMs, signatures, and DH. But we probably have a good enough idea of what token syntax for KEMs will look like that we can move ahead now with a simple modifier for this special case.

Documents

https://github.com/noiseprotocol/noise_hfs_spec/blob/master/output/noise_hfs.pdf https://github.com/noiseprotocol/noise_hfs_spec

Dependencies

None

References (newest first)

https://moderncrypto.org/mail-archive/noise/2018/001874.html

Older Documents

Hybrid Forward Secrecy

Using the Post-Quantum New Hope Algorithm with Noise

Hybrid Forward Secrecy with Kyber