Google’s CECPQ1 experiment in 2016 integrated a post-quantum key-exchange
algorithm, newhope1024, into TLS 1.2. The Google-Cloudflare CECPQ2 experiment
in 2019 integrated a more efficient key-exchange algorithm, ntruhrss701, into
TLS 1.3.

360 Mobile Vision - North & South Carolina Security products and Systems Installations for Commercial and Residential - $55 Hourly Rate. ACCESS CONTROL, INTRUSION ALARM, ACCESS CONTROLLED GATES, INTERCOMS AND CCTV INSTALL OR REPAIR 360 Mobile Vision - is committed to excellence in every aspect of our business. We uphold a standard of integrity bound by fairness, honesty and personal responsibility. Our distinction is the quality of service we bring to our customers. Accurate knowledge of our trade combined with ability is what makes us true professionals. Above all, we are watchful of our customers interests, and make their concerns the basis of our business.

This paper revisits the choices made in CECPQ2, and shows how to achieve
higher performance for post-quantum key exchange in TLS 1.3 using a
higher-security algorithm, sntrup761. Previous work had indicated that
ntruhrss701 key generation was much faster than sntrup761 key generation, but
this paper makes sntrup761 key generation much faster by generating a batch of
keys at once.

Batch key generation is invisible at the TLS protocol layer, but raises
software-engineering questions regarding the difficulty of integrating batch
key exchange into existing TLS libraries and applications. This paper shows
that careful choices of software layers make it easy to integrate fast
post-quantum software, including batch key exchange, into TLS with minor
changes to TLS libraries and no changes to applications.

As a demonstration of feasibility, this paper reports successful integration
of its fast sntrup761 library, via a lightly patched OpenSSL, into an
unmodified web browser and an unmodified TLS terminator. This paper also
reports TLS 1.3 handshake benchmarks, achieving more TLS 1.3 handshakes per
second than any software included in OpenSSL.

By admin