Re: Consultation:Additional “ephemeral public key” and “ephemeral private key" implementations for quictls/opens

[Kris Kwiatkowski]

Hi Nobuo,

I'm afraid a bit more details are needed. Not sure,
what you mean by "enabling ephemeral key for SSL/TLS".
For example, TLSv1.3 uses only key exchanges that offer
forward secrecy, so one way to "enable ephemeral" is
to use this new version of TLS protocol.

If you wish see an example of such integration, then
open-quantum-safe project [1] is maybe one place to look at.
Those guys have integrated post-quantum key exchanges
(ephemeral) into openssl. Lot's of good examples there.
The OpenSSLNTRU [2] does similar thing and maybe is simpler
to understand.

Kind regards,
Kris

[1] https://github.com/open-quantum-safe/openssl
[2] https://opensslntru.cr.yp.to/demo.html

On 8/29/21 8:41 PM, Nobuo Aoki wrote:
> Dear OpenSSL users (reshaped)
>
> My name is Nobuo Aoki, 
> and I am a master's student.
> (Hiroshima City University, Japan)
>
> Right now, I am doing research on secure communication protocols.
> Specifically, we are trying to enable “ephemeral public key” and 
> “ephemeral private key” for SSL/TLS.
>
> I have been using quictls/openssl as an implementation of SSL/TLS.
> It is publicly available on Github.
> I am trying to identify the implementation 
> where “ephemeral public key” and “ephemeral private key” can be added, 
> but I have not been able to do so yet, 
> probably because I am not familiar with the openssl implementation.
> I have also tried to read openssl/openssl in order to identify the
> implementation, but no luck.
>
> So, I'm wondering if those who are familiar with 
> the openssl implementation can lend me some great help.
> Any advice would be greatly appreciated.
>
> ——————————
> Nobuo Aoki (master 1st-year student)
> Email : b20001send at gmail.com <mailto:b20001send at gmail.com>
> Tel or SMS : +8170-8516-4157
> Laboratory of Information Network
> Department of Computer and Network Engineering
> Graduate School of Information Sciences,
> Hiroshima City University
>
>> Dear OpenSSL users
>>
>> My name is Nobuo Aoki, 
>> and I am a master's student.
>> (Hiroshima City University, Japan)
>>
>> Right now, I am doing research on secure communication protocols.
>> Specifically, we are trying to enable “ephemeral public key” and 
>> “ephemeral private key” for SSL/TLS.
>>
>> I have been using quictls/openssl as an implementation of SSL/TLS.
>> It is publicly available on Github.
>> I am trying to identify the implementation 
>> where “ephemeral public key” and “ephemeral private key” can be added, 
>> but I have not been able to do so yet, 
>> probably because I am not familiar with the openssl implementation.
>> I have also tried to read openssl/openssl in order to identify the
>> implementation, but no luck.
>>
>> So, I'm wondering if those who are familiar with 
>> the openssl implementation can lend me some great help.
>> Any advice would be greatly appreciated.
>>
>> ——————————
>> Aoki Nobuo (master 1st-year student)
>> Email : b20001send at gmail.com <mailto:b20001send at gmail.com>
>> Tel or SMS : +8170-8516-4157
>> Laboratory of Information Network
>> Department of Computer and Network Engineering
>> Graduate School of Information Sciences,
>> Hiroshima City University
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-users/attachments/20210829/5895c3a6/attachment.html>