[Pqc] Post Quantum & Previous Network optimisation & security for the next age : More Info https://is.gd/LEDSource

Post Quantum & Previous Network optimisation & security for the next
age : More Info https://is.gd/LEDSource

*

Combined Network QOS Routing Table Tree-Swarm : CNetQSRT-Tree-Sw :
Rupert S 2023-02 More Info https://is.gd/LEDSource

Swarm:ML (Known Receiver : Known Sender)

QOS
NTP
DNS Global Submit

Network Tunnelling, For example: Torado, Large Download Acceleration

Secure Network Tunnelling, For example: VPN, VPS, Ethernet, 3G, 4G
LTE, Volt, 5G Volt, Telecommunications Networking & GPS)

Defined routing with QOS Network optimisation (Localised) & Data
bandwidth data (Localised)

Global Zone routing through tables...

Statistic Enhanced Routing & Delivery

We then send data with a packet listing preferred routes

[QOS][Origin : Target][Preferred route list forward sent][Network
Performance Metric Packet]
[Origin : Target][Preferred route list forward sent][Semi Static Route Tunnel]
[Packet ID][Origin : Target][Data Packet]

Searching for a route with every packet costs processor Cycles; So
preferred routes need to be tunnelled & Secured with TLS

https://www.ietf.org/mailman/listinfo/congress
More Info https://is.gd/LEDSource

*****

You know you talk about S-Matrix in
https://home.web.cern.ch/events/bridging-positivity-and-s-matrix-bootstrap-bounds

relevant : Model & Create S-Box (AES & ARIA & CLEFIA S-Box Modeling)
AES & ARIA & CLEFIA S-Box Modeling - Advanced Crypto Algorithms -
Modeling for Large S-boxes Oriented to Differential Probabilities and
Linear Correlations (Long Paper) 2023-109
https://eprint.iacr.org/2023/109.pdf

*****

ICE-SSRTP GEA Replacement 2022 + (c)RS

"GEA-1 and GEA-2, which are very similar (GEA-2 is just an extension
of GEA-1 with a higher amount of processing, and apparently not
weakened) are bit-oriented stream ciphers."

GEA-2 > GEA-3 is therefor 64Bit Safe (Mobile calls) & 128Bit Safe
(Reasonable security)
SHA2, SHA3therefor 128Bit Safe (Reasonable security Mobile) ++
AES & PolyChaCha both provide a premise of 128Bit++

So by reason alone GEA has a place in our hearts.

*

ICE-SSRTP GEA Replacement 2022 + (c)RS https://is.gd/CryptographicProves

ICE-SSRTP constitutes 2 parts:

The nonce: Time Value Inverted Nonce Packet: Obfuscation
The Main Cypher: AES, CHACHA20-POLY1305, GEA, 3DES & Other RTP Classifications

*
In the case of Audio & Video; The Nonce is transmitted per frame group
& displaces the content in the correct manner
In the case of Data; Per group of packets
*

ICE-SSRTP : Network Protocol

Main Cypher Package is a recommended Cypher; for example AES, Aria,
Clefia & hardware Decrypted & Encrypted where possible,

The containment is a Tunnel; Such as maintained by a video streaming
service & GSM voice call (on reception of call & Arrangement of
reception),

The tunnel is a security certificates main job & is from source to end & routed,
Normally 128Bit to 512Bit RSA,EEC: AES, GEA, ARIA, CLEFIA

Nonces are used for Identification & Verification, Special perposes &
Small packet carrying (with me)
Nonces can arrange data & offer order garentees under routing protocols.

Cases of nonce Encryption:

Ideally due to internet traffic protocols (examples):
NTP 73bits, DNS 53Bits, Rout Mapping 50bits to 370bits estimated.

due to these main protocols being small they almost exclusively advise
use as nonce encryption; most probably 64bit enclosed in a tunnel,

To & From the DNS & NTP if used regularly & due to NTP being
specialised low traffic workload in most cases & DNS being regular
traffic...

Containment on encrypted tunnel is recommended in the case of main
traffic & therefore,
Can use 64Bit EEC NONCE & because larger encryption blocks are not
recommended & they clog the internet with larger bandwidth
requirements,

We can use 64Bit Ciphers with packets like DNS & With NTP (A Single
QUICC protocol delivery with a EEC/RSA Delivery)
*

Nonce ICE-SSRTP:

Time Value Inverted ICE-SSRTP (c)Rupert S
The Nonce Variable

Needed content list

Time inverted : Value T:

Consisting of T(time) Tick(How many seconds),
Variable Inversion of content though FFT & Variable reversal of nonce
& main Enciphered package

Encryption methods:

Bit length Nonce : 16Bit & 32Bit (SiMD decrypt)
Bit length Main Encryption Packet : 32Bit, 48Bit, 64Bit (SiMD decrypt)
Bit length Main Encryption Packet H : 64Bit, 96Bit, 128Bit
(TPM/Security unit/SiMD decrypt)

Methods of obfuscation:

Packet swap (order)
Inversion (Data & band, Data Band order(High/Low)
Time Variable addition to Nonce &or Data

Compression of packet with nonce decompression list: BZip, GZip, LHZ

Main Core Accelerated Encryption Blocks:

GEA (all version) & bit depth
CHACHA20-POLY1305
AES
GCM : CCM : CBC

Value T : Nonce { Packet A : Packet B : Packet C } T = Inversion of 1
=  { Nonce : Packet Order : Content }
Value of Nonce = { Noise Removal (wavelet) : Bit Addition : Byte Order }

*****

Nonce reasoning : Dual Cypher : RS
Larger packets (Hardware Decrypt), Smaller Encrypted nonce (CPU Processed)

By the nonce we can therefor obfuscate the content of the Cryptic packet

For examples:

Nonce = Elliptic Noise
Packets are noisy

Nonce = Swap
Packets are swapped in order

Nonce = Bit addition / Byte swap
We do maths on the solved packets

Nonce = Banding arrangements
We swap bands in the Audio & Video Data

Nonce = Inversion
We invert the packets
before or after processing

*

Main Cipher Package : ICE-SSRTP

The Main Cypher: AES, CHACHA20-POLY1305, GEA, 3DES & Other RTP Classifications

Encryption methods:

Bit length Nonce : 16Bit & 32Bit (SiMD decrypt)
Bit length Main Encryption Packet : 32Bit, 48Bit, 64Bit (SiMD decrypt)
Bit length Main Encryption Packet H : 64Bit, 96Bit, 128Bit
(TPM/Security unit/SiMD decrypt)

Refer to Nonce ICE-SSRTP for packet dual Decryption/Encryption

Main Cipher Package is a recommended Cipher; for example AES, Aria,
Clefia & hardware Decrypted & Encrypted where possible,

The containment is a Tunnel; Such as maintained by a video streaming
service & GSM voice call (on reception of call & Arrangement of
reception),

The tunnel is a security certificates main job & is from source to end & routed,
Normally 128Bit to 512Bit RSA,EEC: AES, GEA, ARIA, CLEFIA

Nonce are used for Identification & Verification, Special purposes &
Small packet carrying (with me)
Nonce can arrange data & offer order guarantees under routing protocols.

*

ICE-SSRTP Block Compressed Encipher

ICE-SSRTP Encryption uses 2 Attributes & on the whole compression does
not affect security of the Encipher.

Nonce 16Bit/32Bit AES/GEA
Compression header (Encrypted)
Main Block (Block compressed with header & then lightly Encipher) (*3 or 4)

The header keeps the Data compressed a secret & is useful for EXE &
DLL because headers auto load exe's in the right order.

Refer to Code-Speed & ICE-SSRTP

*

Correct Time : EEC Elliptic & Nonce timer function:

"The thing about random unique nonce with :dev/rng is that verifying
the nonce's uniqueness is an issue, with SSRTP nonce, Time intrinsics
allow only one play time https://datatracker.ietf.org/doc/rfc8954/

So what about if they have a reset phone & have not got the correct
time ? mine wouldn't do NTP until i set it to pools.ntp.org, the
telephone network would not change the time!"

So the nonce may need a seconds from arrival timer; So that it is from
the time it arrives (in your terms) & additionally a sent and arrival
time so that when you get the correct time; It still works!

In essence TLS & OSCP need a time from arrival (to verify
link/Security CRT), It does not matter if that NTP timer is off by 5
Minutes...

You can use the Time related EEC Elliptic curve & as long as it is
timed from arrival & sends back a sample with a from time & until...

That EEC Elliptic & Nonce will work.

RS

*
TLS key sharing agreement : RS

I have regarded the tls key sharing agreement & it occurs to me that
all modes may be improved with combination of a Nonce-PSK-Type-Key,

For example held by the verifying certificate agency such as lets
encrypt & SafeSSL & Cloudflare,

Submitting a lightly cyphered PSK Key would take milliseconds &
consume only 10000th of a second on GB/S Ethernet & therefor be
unnoticeable  and thus secure for the initiation encounter,

So the proposal is TLS combine an additional initiation:

Changing Nonce:PSK (from secure source)
+ verification
TLS Main initiation : ECDHE FFDHE DHE P256>P384 etcetera (under PSK)

Key exchange > Final EEC Key with variable updates,

So PSK can find a use that does not involve directly divulging the PSK
to over use & secures the PSK by hour & variance.

PSK
https://datatracker.ietf.org/doc/rfc9258/
https://datatracker.ietf.org/group/tls/about/

(c)Rupert S

*

PSK AnonyCRT (c)RS

PSK & AnonySecureCERT & TPM Client CRT & Anonymous Identity Email/Site
Cert Identity (Replace PSK with one of them)

PSK is usable for initial Key exchange if the PSK ID is loaded from
the certificate provider, The cloud Provider or the Source Server; If
the initial PSK is for example 8 Characters sent compressed & encoded
with an Open EEC Certificate that the Browser or application uses....

One may be thinking; what the hell? Well the idea is to provide a list
of PSK's with a time function &or a message count (so the next PSK can
be loaded..

The reasoning is, We can use the PSK from the Client/Server side to
guarantee & Secure sent data,
So essentially if a PSK is regarded as an elliptic curve initiator
code; We can use any EEC we like from a PSK,

We can for example use a certificate-less TLS by initiating 2 PSK per
round (segment of time),
We can check NTP Sync with Time Protocol on send & receive of PSK/CERT/EEC

1 PSK is EEC Curve
2 PSK is CERT HASH (EEC, RSA, AES, PolySHA, GEA)

This provides a time limited window to decode & anonymity.

PSK
AnonySecureCERT
TPM Client CRT
Anonymous Identity Email/Site Cert

The idea being the Server can verify the correct receiver of TDP / UDP
/ DNS / NTP & other internet protocols such as Ethernet routing

Subject: Re: [TLS] I-D Action: draft-ietf-tls-rfc8447bis-02.txt -
Space & Aviation & Shipping & GSM

https://datatracker.ietf.org/doc/draft-mattsson-tls-psk-ke-dont-dont-dont/

I would like to point out that :

PSK_PSK could use Elliptic PSK for PSK1(encapsulation : EEC, AES, GCM)
& PSK as a certificate replacement (the PSK would have to be a
HASH:RSA, AES For example)

There are two fundamental uses for PSK; Voyager is an example (NASA);
Where a long voyage in space does not allow a long range high latency
connection to verify certificate chain & Certificate verification is
not recommended (7Years)!

Shipping Radio and GSM & Global positioning : Open PSK from space

The use of Registered Certificates for these jobs helps; When making a
Sub-Certificate verify depends on reliable certificate verification &
distance counts in Aviation
(can work though but must not verify with an offsite server for secrecy)

Static (Self updated by firmware) Certificates work for the ECDHE_CERT
pairing or the PSK_DHE/ECDHE (certificate) pairing, However
verification on first initiation is Local

(c)Rupert S

*

https://science.n-helix.com/2022/03/ice-ssrtp.html

Code Speed
https://science.n-helix.com/2022/08/simd.html
https://science.n-helix.com/2022/09/ovccans.html

Chaos
https://science.n-helix.com/2022/02/interrupt-entropy.html
https://science.n-helix.com/2022/02/rdseed.html
https://science.n-helix.com/2020/06/cryptoseed.html

sRTP Chaos Nonce: Certificate transactions; TLS & OCSP Security Protocols
https://datatracker.ietf.org/doc/rfc8954/

RSA-PSS
RSASSA-PSS is a probabilistic signature scheme (PSS) with appendix
RSAES-OAEP (Optimal Asymmetric Encryption Padding)

https://www.cryptosys.net/pki/manpki/pki_rsaschemes.html
https://www.rfc-editor.org/rfc/rfc8017
https://www.rfc-editor.org/rfc/rfc5756

PSK:
Pre-Shared Key Cipher Suites for TLS with SHA-256/384 and AES Galois
Counter Mode
https://datatracker.ietf.org/doc/rfc5487/
https://datatracker.ietf.org/doc/rfc8442/
https://datatracker.ietf.org/doc/rfc9258/

Nonce & Plaintext, Token & SequenceID (Bearing in mind that ICE-SSRTP
Nonce is compatible)
https://www.ietf.org/id/draft-howard-gssapi-aead-01.txt

AES-GCM-SIV: Nonce Misuse-Resistant Authenticated Encryption
https://datatracker.ietf.org/doc/rfc8452/

Adding the nonce to GMAC makes GMAC's unique : ICE-ssRTP
https://www.zerotier.com/2019/09/04/aes-gmac-ctr-siv/
https://www.rfc-editor.org/rfc/rfc5297#page-15

AES-GCM SRTP
https://datatracker.ietf.org/doc/rfc7714/
AES-CCM
https://datatracker.ietf.org/doc/rfc6655/

Lightweight Cryptography
https://www.cryptrec.go.jp/report/cryptrec-gl-2003-2016en.pdf
https://www.scitepress.org/papers/2014/49006/49006.pdf

Performance Evaluation Comparison LIGHTWEIGHT CIPHERS NIST LightWeight
Cryptography Requirements
https://scholarworks.calstate.edu/downloads/k0698968b

TLS 1.3 on Lightweight Crypto
https://eprint.iacr.org/2023/095.pdf

Computation of Hilbert class polynomials and modular polynomials from
super-singular elliptic curves
https://eprint.iacr.org/2023/064.pdf

Super-singular Elliptic Curves for ECDHE EEC PQC - Deuring for the
People - Supersingular Elliptic Curves with Prescribed Endomorphism
Ring in General Characteristic - 2023-106
https://eprint.iacr.org/2023/106.pdf

The Security of ChaCha20-Poly1305 in the Multi-user Setting
https://eprint.iacr.org/2023/085.pdf

Verification ECDHE
ECDHE Grotto, framework & C++ library for space- & time-efficient
-party piecewise polynomial 'i.e, spline' evaluation on secrets
additively shared over, Grotto improves on the state-of-the-art
approaches of DCF 2023-108
https://eprint.iacr.org/2023/108.pdf

AES-NI Compatible Ciphers : AES, ARIA, CLEFIA
https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-cipher-catalog-01#page-3

CLEFIA : Large size table, Pure function
https://datatracker.ietf.org/doc/html/rfc6114

ARIA : Random is a big+ to anonymity bit 128Bit's of data
https://datatracker.ietf.org/doc/html/rfc5794
ARIA is conformant
https://datatracker.ietf.org/doc/html/rfc6209
ARIA SRTP
https://datatracker.ietf.org/doc/html/rfc8269#page-14

Post Quantum:
Verification of Correctness and Security Properties for CRYSTALS-KYBER
https://eprint.iacr.org/2023/087.pdf

Verification of the (1–δ)-Correctness Proof of CRYSTALS-KYBER with
Number Theoretic Transform
https://eprint.iacr.org/2023/027.pdf

A Practical Template Attack on CRYSTALS-Dilithium
https://eprint.iacr.org/2023/050.pdf

NTRU, Kyber Hardware Acceleration - Gate-Level Masking of Streamlined
NTRU Prime Decapsulation in Hardware 2023-105
https://eprint.iacr.org/2023/105.pdf

Compact TLS 1.3
https://datatracker.ietf.org/doc/draft-ietf-tls-ctls/
DTLS 2023
https://datatracker.ietf.org/doc/draft-ietf-tsvwg-dtls-over-sctp-bis/
TLS 1.2
https://datatracker.ietf.org/doc/rfc5246/

https://datatracker.ietf.org/group/tls/about/
https://blog.cloudflare.com/post-quantum-for-all/

Network Time Protocol Version 4: Protocol and Algorithms Specification
https://datatracker.ietf.org/doc/rfc5905/

https://science.n-helix.com/2022/01/ntp.html

Securing TLS
https://is.gd/SecurityHSM
https://is.gd/WebPKI

Crypto Libraries
https://github.com/miracl/core
https://github.com/jedisct1/libsodium

About Circl library
https://github.com/cloudflare/circl
https://blog.cloudflare.com/inside-geo-key-manager-v2/

FPGA & ASIC Libraries
https://si2.org/open-cell-library/

Model & Create S-Box (AES & ARIA & CLEFIA S-Box Modeling)
AES & ARIA & CLEFIA S-Box Modeling - Advanced Crypto Algorithms -
Modeling for Large S-boxes Oriented to Differential Probabilities and
Linear Correlations (Long Paper) 2023-109
https://eprint.iacr.org/2023/109.pdf

*

AES-SIV & ARIA & CLEFIA the merits of 2023-01 RS

As documentation shows ARIA uses a Random noise input in the encryption,
I believe this is so that it is hard to pick up the signals...
On the other hand it has a max data size of 192bit (AES does not),
I feel that ARIA has merits in WiFi & Telecoms.

CLEFIA has a large data pathway; So could be good for large transfers
& Drive Storage.

As i say : ARIA, The Random element is about Stealth
AES-SIV has merits like AES-GCM, fast and relatively Safe.

RS

*
ICE-SSRTP is relatively simple & involves a Dual Cypher of many classifications
AES, CHACHA20-POLY1305, GEA, 3DES & Other RTP Classifications such as
UDP & TCP & GRE

ICE-SSRTP is useful for:

TV & Satellite encoding & decryption
Messaging applications; Video & Call Encoding
Improved AES, CHACHA20-POLY1305, GEA, 3DES & Other RTP Classifications
such as UDP & TCP & GRE
3G, 4G LTE & 5G Encoding
Radio & Telecoms

*

In terms of lightweight security (Bluetooth ear-buds & other tiny things) :
64Bit AES/3DES/GEA with ICE-SSRTP Nonce makes perfect sense.

In Terms of heavier (in terms of ARM Core Phones & Network-boxes) :

Both the 64Bit Instruction-set & the 32Bit SiMD/NANO + AES-NE +
Advance Crypto Instruction ACI,
96Bit/128Bit AES/3DES/GEA * 3 Packets per nonce ICE-SSRTP

In Terms of larger demands: With 64Bit/128Bit Instruction-set & the
32Bit SiMD/NANO/AVX128Bit+, + AES-NE + Advance Crypto Instruction ACI

96Bit * 5 /128Bit/256Bit/384Bit *3 AES/3DES/GEA * 3 Packets per nonce ICE-SSRTP

*

When it comes to pure security, We are grateful
https://is.gd/SecurityHSM https://is.gd/WebPKI TLS Optimised
https://drive.google.com/file/d/10XL19eGjxdCGj0tK8MULKlgWhHa9_5v9/view?usp=share_link
Ethernet Security
https://drive.google.com/file/d/18LNDcRSbqN7ubEzaO0pCsWaJHX68xCxf/view?usp=share_link

These are the addresses directly of some good ones; DNS & NTP & PTP
2600:c05:3010:50:47::1 2607:fca8:b000:1::3 2607:fca8:b000:1::4
2a06:98c1:54::c12b
142.202.190.19 172.64.36.1 172.64.36.2 38.17.55.196 38.17.55.111

*

#FreeRAND #Proverbs

Random is made to be free, to be as free as a bird, it becomes the
certificate of our freedom
and is cherished as born free, As free as Random is! Born to be free;
But Born forth freely by the angels of our seed.

JN

dev-rnd windows

Nothing like leaching Rand from ubuntu! no not at all! but you can
build pollinate and pollen for windows I would be greatful! thank you
bill gates (as apps because windows update does not work for me & I
built a dev/rnd for windows with a friend from a defence group before
he disappeared!, be a hero bill)

DiHARD This *Random* for your /dev/rnd *file*

Entropy / Chaos for /dev/rnd available whenever you like from
https://pollinate2.n-helix.com/ https://pollinate.n-helix.com/

Constantly active rings

if you do not know about Pollen & Pollinate ubuntu, google it!

https://science.n-helix.com/2018/12/rng.html
https://science.n-helix.com/2017/04/rng-and-random-web.html

https://science.n-helix.com/2020/06/cryptoseed.html
https://science.n-helix.com/2022/02/rdseed.html