New design sets a high standard for post-quantum readiness.
How is this different than SimpleX’s NTRU algorithm?
Why Signal’s post-quantum makeover is an amazing engineering achievement
Submitted 14 hours ago by BrikoX@lemmy.zip to technology@lemmy.zip
Comments
AntiBullyRanger@ani.social 9 hours ago
jacksilver@lemmy.world 7 hours ago
I believe it’s the same thing I noted in another comment - lemmy.world/comment/19924290
Basically session key vs rotating session key, but to be honest I only skimmed your link as it got dense fast.
ignirtoq@fedia.io 10 hours ago
What are we defining as a "session" for Signal? The vast majority of TLS sessions exist for the duration of pulling down a web page. Dynamically interact with that page? New HTTP request backed by a new TLS session. Sure, there are exceptions like WebSockets, but by and large TLS sessions are often short.
Is a Signal session the duration of sending a single message? An entire conversation? The entire time you have someone in your address book? It doesn't seem like an apples-to-apples comparison.
Valmond@lemmy.world 1 hour ago
Isn’t asymmetric used for the handshake only? And then like AES or something which have evolving keys (and are quite quantum resistant).
jacksilver@lemmy.world 7 hours ago
I think the biggest thing here is that beyond just a session key (to make sessions secure from each other), this approach uses a rotating session key. That means each transaction in a sesssion is unique ensuring forward and backward secrecy.
I may have read it wrong plus cybersecurity is not my forte.