[CFRG] Pre-draft QSC Key Serialization and Identification

Christine van Vredendaal <cvvrede@gmail.com> Sat, 03 July 2021 08:52 UTC

Return-Path: <cvvrede@gmail.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id 3B9C83A21ED for <cfrg@ietfa.amsl.com>; Sat, 3 Jul 2021 01:52:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id AFRxMbLrx27J for <cfrg@ietfa.amsl.com>; Sat, 3 Jul 2021 01:52:07 -0700 (PDT)
Received: from mail-ed1-x534.google.com (mail-ed1-x534.google.com [IPv6:2a00:1450:4864:20::534]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 172363A21EB for <cfrg@irtf.org>; Sat, 3 Jul 2021 01:52:06 -0700 (PDT)
Received: by mail-ed1-x534.google.com with SMTP id w17so16512451edd.10 for <cfrg@irtf.org>; Sat, 03 Jul 2021 01:52:06 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=vyEHVU4lX9bPFAt72kb2MAsU7CUzQVcqc0XRpfVxuUc=; b=Bd7ZhUJ1NVxuegISNACUydGiQPYe4+gZR71eqAKeM0lHi7Hq1cbjlLfBgqGOV50wod dz3C35OzxLYnsqiG1bQcswXueecRTA1m82uxBOYkaljsd7N0UWmVU8WvuMc6GTC0qFUn Qoby5anOKetjnsjR6mq9wvxb0P3BoEuDLL48ZppcVMqCd3AZFIyvL/ETQXRRu7nSLPAn DdSunM/Ow0+bNIuHXEJw9l/EIzUTc4xK57d0/cpftzLO0Oi4QOQ83sRxWWb7qHtwia3o wy3y+vNfN5GkePrwfhYTmlnCcpxoJtmxNc/f5dwiOBasmH23GzNXcIcTw84mWGCHiDqk jHUg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=vyEHVU4lX9bPFAt72kb2MAsU7CUzQVcqc0XRpfVxuUc=; b=HFnStWiFzfBiNr/MGICH9GJ/3T+AmOdV9M9r5/PE7yY7TFaPwG0lH5ah04QR+e1eE9 eBNCZKcvpgaO0El2UFUgdTjgCp3s3yaLlWQ6Cag0GGPhTT+Wg1Crj3MrcsEeU5wtU6qZ X98Y12ZsdF6iiTPoWk4jdcBbQcFdT5jkDGaHV686jiRFUnfdk9oag+0FUW17WXDxEZ1Y 7Alo0TVLPRo1YAXTyBuLdE0O1221QubJRn+4/qPH4Swy0YrndjN9vJ0DEsGkg3hTeTNW hU79Rw0XzPLRBg2A70uWwUwREMzO0tVBKWUCgWSLf26yFF5TWiC58XCOZrOaU+kiDv/W lcNQ==
X-Gm-Message-State: AOAM533/BRBHoAzXvRr/XnpSzeVSYBfOifZ6eEY8LM1arYSKrr3Y+CGy +npkhwUCX7YHhHdVJnyLUVqlp/ibhUxmtXWGJ6ZX3/wNxTS33A==
X-Google-Smtp-Source: ABdhPJxm0MRIvUI5FikDhU80v5Jpg2ux+fJLzFjtCwLxtcOU7NYgHk971AbPPacKfQmTmDgA+xXmuIPkmhFukUT+li0=
X-Received: by 2002:aa7:c782:: with SMTP id n2mr4188141eds.77.1625302323657; Sat, 03 Jul 2021 01:52:03 -0700 (PDT)
MIME-Version: 1.0
From: Christine van Vredendaal <cvvrede@gmail.com>
Date: Sat, 03 Jul 2021 10:51:51 +0200
Message-ID: <CAHzQBQWTidvmXgYXrJ2wmswj29aNSkEt-efVcta70zreRFUQFw@mail.gmail.com>
To: cfrg@irtf.org
Content-Type: multipart/alternative; boundary="000000000000a77ea405c6342f02"
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/WDDvnW1ope9Nw5coqzAEbnj6SbE>
Subject: [CFRG] Pre-draft QSC Key Serialization and Identification
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Sat, 03 Jul 2021 08:52:09 -0000

Hello all,

We (folks from NXP, IBM and Utimaco) have been working on a draft
specifying key serializations and OIDs for quantum-safe cryptography to
already start to prepare for the upcoming new public-key standard.

We would like to share this with this community for feedback and
recommendations and also to see if CFRG is the right venue.

At the moment this is a pre-draft in the sense that it is not in an IETF
format yet, but all the content is there.
You can find the link to a comment-only Google Docs version here

The abstract of the document is as follows:

With the NIST standardization effort still in full swing, companies
implementing post-quantum cryptography now are running into multiple
issues, such as:

   1. Difficulty in managing algorithm versions and the compatibility of
   associated keys
   2. Difficulty in interoperability testing
   3. Difficulty in evaluating the impact of integrating algorithms with
   higher level standards

These difficulties result in delay of many follow-up activities for
algorithm integration and adoption.

The document `Quantum Safe Key Identification and Serialization’ specifies
the key formats of selected quantum safe algorithms, to hopefully resolve
some of these interoperability issues.

Additionally it should serve to make choices in future standard clear and
prevent delays in adaption.

To this end the document contains parameter identifiers for the Round 3
finalist parameter sets (specific OIDs in some cases to be added), as well
as key descriptions, byte sizes, and their ASN.1 formatting.

Open items that we would consider still adding (opinions are welcome) are
the addition of CBOR formats, and the serialization of signatures and

We also note that the current OIDs are not useable or filled in yet. We are
investigating adding temporary OIDs, and in the end permanent OIDs should
be assigned by NIST upon standardization of a set of algorithms.

*(Current) authors: *Dieter Bong (Utimaco), Joppe Bos (NXP), Silvio Dragone
(IBM), Basil Hess (IBM), Christopher Meyer (Utimaco), Mike Osborne (IBM),
Christine van Vredendaal (NXP), Karen Willbrand (Utimaco)

Looking forward to your thoughts and suggestions,

Cheers on behalf of the team,