from the cryptography mailing list 





The introduction https://strobe.sourceforge.io/papers/strobe-latest.pdf
is well worth reading.

It seems that it is possible to implement secure communication protocols
with a very limited number of operations (10 different core functions)
and 4 bits of flags all based on one STROBE primitive (KECCAK-f).
The interesting part is the fact that while the protocol for information
exchange moves on, a transcript of past stages is recorded that affects
future operations.

  "Strobe maintains a running hash of the protocol transcript,
   which is the sequence of all operations and their data as seen
   by the application layer."

The inclusion of these transcripts in subsequent operations clearly helps
to ensure, that the protocol develops as expected. Though it also
imposes limitations to what the protocol can achieve. The paper claims
that TLS can be implemented based on minimal STROBE operations.

While the implementation is targeted on IoT systems with limited computation
powers, this idea is IMHO quite interesting and promising.


    -ralf
Show quoted text