
Show HN: Proposal for a new 3-pass protocol - 19eightyfour
https://github.com/dosaygo-coder-0/dosy3ppq
======
19eightyfour
For background on 3-pass protocols, see [1]

This could have some holes, so I'm putting it out there to see if anyone can
poke some in it, or seeing if it can stand up. It's flexible enough that it
can encompass a family of ways of doing this -- but I'll consider it defeated
if there's a fundamental flaw with the central idea of using AONTs to confound
adversaries attacks. My plan with this is, if it does work out, not to patent
it, but just to implement it securely under MIT license.

[1]: [https://en.wikipedia.org/wiki/Three-
pass_protocol](https://en.wikipedia.org/wiki/Three-pass_protocol)

~~~
19eightyfour
I currently consider this broken since, turns out that XOR and permutation do
not commute over each other, and anyway to get them do so so requires
knowledge of the secrets to be transmitted in a way to the channel that lets
attacks recover them.

The need for XOR can be removed, but then each half of the AONT(message) is
exposed. I couldn't see a way around this. So even tho I'm sure there is a way
to construct a secret exchange on insecure channel mechanism (probably using 3
pass) I do not see it right now.

