[Cryptography] composing EC & RSA encryption?

[Lodewijk andré de la porte]

I think the TLA's have had quantum computing capabilities for a while. Why
wouldn't they? I bet they could match the public's QC research budget.
Maybe they just didn't, whatever, or maybe they decided to go public
through a mysterious new research company. Or maybe the mysterious research
company is finally in the TLA's footsteps. Or maybe mysterycorp have a next
gen up and running for the TLA's. Or maybe the TLA's will spy and steal all
data from mysterycorp and do it bigger and better themselves. If we're
lucky it's all very whitehat and legitimate, and most of our crypto is
still pretty screwed <20 years. (Also, will have to learn more about QC's)

So many choices, so little to spy on!

On Bitshops.net I put NTRUencrypt (reference implementation through LLVM, I
assume people's machines are stupid but honest; bad RNG but not exploited,
figure the reference implementation would be the first to get hosed anyway)
in the browser to do the key exchange. It's a very dubious choice. In v2
I'll definitely couple it with a more traditional one (the resulting key
XOR'ing method seems rather flawless). The upside is that it seems secure
even against quantum computers. The downside is the investigation was
probably relatively shitty, and it might be very broken even to not quantum
computers (shoot me for trying).

Regarding keylength/degredation attacks in general:: it's not hard to make
browsers tell you it's in "degraded security" mode. Idk, a shittier lock
than a padlock. Like a bike's wheel lock. Or maybe a security camera (to
show they're watching).
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20151027/df3a0262/attachment.html>