Design issues for hybrid key exchange in TLS 1.3
draft-stebila-tls-hybrid-design-01
| The information below is for an old version of the document | |||
|---|---|---|---|
| Document | Type | Expired Internet-Draft (individual) | |
| Authors | Douglas Steblia , Scott Fluhrer , Shay Gueron | ||
| Last updated | 2020-01-09 (latest revision 2019-07-08) | ||
| Replaced by | draft-ietf-tls-hybrid-design | ||
| Stream | (None) | ||
| Formats |
Expired & archived
pdf
htmlized (tools)
htmlized
bibtex
|
||
| Stream | Stream state | (No stream defined) | |
| Consensus Boilerplate | Unknown | ||
| RFC Editor Note | (None) | ||
| IESG | IESG state | Expired | |
| Telechat date | |||
| Responsible AD | (None) | ||
| Send notices to | (None) | ||
https://www.ietf.org/archive/id/draft-stebila-tls-hybrid-design-01.txt
Abstract
Hybrid key exchange refers to using multiple key exchange algorithms simultaneously and combining the result with the goal of providing security even if all but one of the component algorithms is broken, and is motivated by transition to post-quantum cryptography. This document categorizes various design considerations for using hybrid key exchange in the Transport Layer Security (TLS) protocol version 1.3 and outlines two concrete instantiations for consideration.
Authors
Douglas Steblia
(dstebila@uwaterloo.ca)
Scott Fluhrer
(sfluhrer@cisco.com)
Shay Gueron
(shay.gueron@gmail.com)
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)