科技回声

6 条评论

> HPKE is not tolerant of lost messages. [1]This seems a severe limitation for certain applications (e.g. VPNs) which tunnel traffic which already has an ordering mechanism (such as TCP) [2]. This is not a limitation of, e.g., Noise [3], one of the existing hybrid protocols HPKE seems intended to replace.[1] <a href="https://www.rfc-editor.org/rfc/rfc9180.html#name-message-order-and-message-l" rel="nofollow">https://www.rfc-editor.org/rfc/rfc9180.html#name-message-ord...</a>[2] <a href="https://openvpn.net/faq/what-is-tcp-meltdown/" rel="nofollow">https://openvpn.net/faq/what-is-tcp-meltdown/</a>[3] <a href="https://noiseprotocol.org/noise.html#out-of-order-transport-messages" rel="nofollow">https://noiseprotocol.org/noise.html#out-of-order-transport-...</a>

评论 #41215944 未加载

评论 #41215805 未加载

chrismorgan10 个月前

(2022.)And because people often misunderstand RFCs as being "official":> This document is not an Internet Standards Track specification; it is published for informational purposes.> This document is a product of the Internet Research Task Force (IRTF). The IRTF publishes the results of Internet-related research and development activities. These results might not be suitable for deployment. This RFC represents the consensus of the Crypto Forum Research Group of the Internet Research Task Force (IRTF). Documents approved for publication by the IRSG are not candidates for any level of Internet Standard; see Section 2 of RFC 7841.

评论 #41215920 未加载

评论 #41215467 未加载

评论 #41214938 未加载

评论 #41215414 未加载

comex10 个月前

The introduction says that HPKE is different from the “traditional combination” of “encrypt the symmetric key with the public key”, but it doesn’t explain why it’s better. Does anyone know?

评论 #41213897 未加载

评论 #41213946 未加载

评论 #41213966 未加载

评论 #41214538 未加载

评论 #41218143 未加载

评论 #41214461 未加载

tptacek10 个月前

Similarly: <a href="http://www.noiseprotocol.org/noise.html" rel="nofollow">http://www.noiseprotocol.org/noise.html</a>

评论 #41213825 未加载

sublimefire10 个月前

> Currently, there are numerous competing and non-interoperable standards and variants for hybrid encryption …Sure, let’s create another one and expect it being used by all othe those who use existing stabdards.It would be great to understand the exact specific motive which drives it instead of converging on an existing standard.

评论 #41218876 未加载

评论 #41215074 未加载

评论 #41215661 未加载

tptacek10 个月前

I hate that they call the authentication key arrangements in this "key scheduling".

6 条评论

colanderman10 个月前

评论 #41215944 未加载

评论 #41215805 未加载

chrismorgan10 个月前

评论 #41215920 未加载

评论 #41215467 未加载

评论 #41214938 未加载

评论 #41215414 未加载

comex10 个月前

评论 #41213897 未加载

评论 #41213946 未加载

评论 #41213966 未加载

评论 #41214538 未加载

评论 #41218143 未加载

评论 #41214461 未加载

tptacek10 个月前

Similarly: <a href="http://www.noiseprotocol.org/noise.html" rel="nofollow">http://www.noiseprotocol.org/noise.html</a>

评论 #41213825 未加载

sublimefire10 个月前

评论 #41218876 未加载

评论 #41215074 未加载

评论 #41215661 未加载

tptacek10 个月前

I hate that they call the authentication key arrangements in this "key scheduling".

RFC 9180: Hybrid Public Key Encryption (2022)

6 条评论

RFC 9180: Hybrid Public Key Encryption (2022)

6 条评论