Paper 2019/180

Disco: Modern Session Encryption

David Wong


At Real World Crypto 2017, Joan Daemen won the Levchin Prize and announced that he believed permutation-based crypto was the future of symmetric cryptography. At the same conference Mike Hamburg introduced Strobe, a symmetric protocol framework capable of protecting sessions as well as building symmetric cryptographic primitives for the single cost of Joan Daemen’s permutation Keccak. The next year, at Real World Crypto 2018 Trevor Perrin came to talk about the Noise protocol framework, a modern TLS-like protocol with similar traits but with a focus on flexibility, offering many handshake patterns to choose from in order to authenticate peers of a connection in different ways. Disco is the natural merge of the two projects, creating a new protocol based solely on two unique primitives: Curve25519 and the Keccak permutation (or more correctly its wrapper Strobe). Experimental results show that a library based on Disco can be implemented on top of these two cryptographic primitives with only a thousand lines of code. This, while offering both a flexible way to encryption sessions and a complete cryptographic library for all of an application’s needs.

Available format(s)
Cryptographic protocols
Publication info
Preprint. MINOR revision.
Session EncryptionEmbedded DevicesSHA-3KeccakDu- plex constructionPermutation-Based CryptographyStrobeNoisePro- tocol FrameworkDiscoSSLTLS
Contact author(s)
davidwong crypto @ gmail con
2019-02-26: received
Short URL
Creative Commons Attribution


      author = {David Wong},
      title = {Disco: Modern Session Encryption},
      howpublished = {Cryptology ePrint Archive, Paper 2019/180},
      year = {2019},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.