Jump to content

Protecting Chromium Traffic with Hybrid Kyber KEM


Sampei.Nihira

Recommended Posts


It's still highly experimental. And basically it translates to "I have something to hide, put me on the list".

For example, hostile government agencies can collect this suspicious data, and even if they somehow fail to de-crypt it right now, they will be surely able to de-crypt later.

https://www.rand.org/pubs/commentary/2023/09/when-a-quantum-computer-is-able-to-break-our-encryption.html

Link to comment
Share on other sites

2 hours ago, Dixel said:

Considerations/Doubts.

https://blog.chromium.org/2023/08/protecting-chrome-traffic-with-hybrid.html

"Using X25519Kyber768 adds over a kilobyte of extra data to the TLS ClientHello message due to the addition of the Kyber-encapsulated key material." 

This itself makes the user's fingerprint unique.

Please provide a test where what you claim is demonstrated.
Also consider that the implementation of this feature has security/privacy purposes.

Any other input will be considered unreliable by me and will not be commented on.

Edited by Sampei.Nihira
Link to comment
Share on other sites

3 hours ago, Sampei.Nihira said:

Please provide a test where what you claim is demonstrated.
Also consider that the implementation of this feature has security/privacy purposes.

Any other input will be considered unreliable by me and will not be commented on.

Did you read the article? I don't "claim" anything, It was a quote from chromium developers, what "test" there can be, if they acknowledged it themselves, it's not up for debate.

"over a kilobyte of extra data to the TLS ClientHello message", so now try to understand, the whole Earth's population uses the standard sized TLS ClientHello message, and only a dozen of enthusiasts use the one from this topic.

https://blog.chromium.org/2023/08/protecting-chrome-traffic-with-hybrid.html

Link to comment
Share on other sites

It is useless for you to repeat 2 times the link that I included in my initial post.

You wrote (and probably misunderstood what you wrote) that using a better encryption algorithm (Kyber) than the weaker X25519 makes you more unique to fingeprinting (and has nothing to do with improving encryption key security).

Are you able to prove that what you wrote is true or not?

If not, don't replicate anymore and shut up.

 

Link to comment
Share on other sites

13 hours ago, Sampei.Nihira said:

It is useless for you to repeat 2 times the link that I included in my initial post.

 

This can be said about you.

13 hours ago, Sampei.Nihira said:

It is useless for you to repeat 2 times the link that I included in my initial post.

You wrote (and probably misunderstood what you wrote) that using a better encryption algorithm (Kyber) than the weaker X25519 makes you more unique to fingeprinting (and has nothing to do with improving encryption key security).

 

I understood what you and I both wrote. OK, I 'll try to explain to you in much more simpler words.

1 - The weaker X25519 is a widely accepted standard with a non-unique (casual, very common) fingerprint. Will you argue with that? (I hope not)

2 -  The supposed to be better encryption algorithm (Kyber) is larger than X25519, thus making you unique to fingeprinting, for example to your ISP.

3 - Any non-standard things you use make you unique over the internet. When Kyber will be accepted as a standard, I'll probably use it. 

4 - Proof is already in that article.

"added over a kilobyte of extra data to the TLS ClientHello message", making it non-standard

https://blog.chromium.org/2023/08/protecting-chrome-traffic-with-hybrid.html

Please don't hesitate to ask for more explanations!

 
Link to comment
Share on other sites

13 hours ago, Sampei.Nihira said:

You wrote (and probably misunderstood what you wrote) that using a better encryption algorithm (Kyber) than the weaker X25519 makes you more unique to fingeprinting (and has nothing to do with improving encryption key security)

 

That wasn't the question of the topic, you asked whether the members use it or not, I explained why. So you're off-topic in your self created topic

 

23 hours ago, Sampei.Nihira said:

More info:

https://blog.chromium.org/2023/08/protecting-chrome-traffic-with-hybrid.html

Do any forum users like me use a Post-Quantum Key?

It is possible to verify with 2 tests:

https://browserleaks.com/tls

https://pq.cloudflareresearch.com/

 

6.jpg

 

Link to comment
Share on other sites

13 hours ago, Sampei.Nihira said:

Are you able to prove that what you wrote is true or not?

Are you able to prove that what you wrote is true or not? I don't see any articles with valid comparisons by independent testers, rather than Google itself saying it's supposed to be good, it's all in theory, so please add such articles.

Bare in mind, the MSFN community is rarther ungoogled.

Link to comment
Share on other sites

14 hours ago, Sampei.Nihira said:

It is useless for you to repeat 2 times the link that I included in my initial post.

You wrote (and probably misunderstood what you wrote) that using a better encryption algorithm (Kyber) than the weaker X25519 makes you more unique to fingeprinting (and has nothing to do with improving encryption key security).

Are you able to prove that what you wrote is true or not?

If not, don't replicate anymore and shut up.

 

Imagine a journalist that hides from an oppressive regime switches that flag on, he immediately becomes a noticeable target for standing out of the crowd. The police is on its way to his address because the local ISP gave it to them.

There's always a big problem with you, you can't support factual, polite, grown-up people conversations, why do you usually resort to insults?

I lost count of your personal attacks.

 
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...