IETF Logo Mail Archive

[CFRG] Re: Progressing NTRUPrime/Classic McEliece drafts

"D. J. Bernstein" <djb@cr.yp.to> Sat, 01 February 2025 21:49 UTC

Return-Path: <djb-dsn2-1406711340.7506@cr.yp.to>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5BBD6C14F713 for <cfrg@ietfa.amsl.com>; Sat, 1 Feb 2025 13:49:11 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.203
X-Spam-Level:
X-Spam-Status: No, score=-4.203 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4uFPcGalnBbj for <cfrg@ietfa.amsl.com>; Sat, 1 Feb 2025 13:49:07 -0800 (PST)
Received: from salsa.cs.uic.edu (salsa.cs.uic.edu [131.193.32.108]) by ietfa.amsl.com (Postfix) with SMTP id 57F0DC180B7F for <cfrg@irtf.org>; Sat, 1 Feb 2025 13:49:07 -0800 (PST)
Received: (qmail 7565 invoked by uid 1010); 1 Feb 2025 21:49:05 -0000
Received: from unknown (unknown) by unknown with QMTP; 1 Feb 2025 21:49:05 -0000
Received: (qmail 1681595 invoked by uid 1000); 1 Feb 2025 21:48:55 -0000
Date: Sat, 01 Feb 2025 21:48:55 -0000
Message-ID: <20250201214855.1681593.qmail@cr.yp.to>
From: "D. J. Bernstein" <djb@cr.yp.to>
To: cfrg@irtf.org
Mail-Followup-To: cfrg@irtf.org
In-Reply-To: <CABcZeBPhr4gENxWkoKKwqdu_dW3=7GRyKjpG0sf10CSHOXGwhg@mail.gmail.com>
Message-ID-Hash: 5WJRYFY7PI2NYOSQJ2RT6TWZB4LIRRAI
X-Message-ID-Hash: 5WJRYFY7PI2NYOSQJ2RT6TWZB4LIRRAI
X-MailFrom: djb-dsn2-1406711340.7506@cr.yp.to
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-cfrg.irtf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [CFRG] Re: Progressing NTRUPrime/Classic McEliece drafts
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/bNsc0cKHxsThWt3B9aG9FZ9m1SU>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Owner: <mailto:cfrg-owner@irtf.org>
List-Post: <mailto:cfrg@irtf.org>
List-Subscribe: <mailto:cfrg-join@irtf.org>
List-Unsubscribe: <mailto:cfrg-leave@irtf.org>

Eric Rescorla writes:
> Simon Josefsson [...] wrote:
> > Defering authority on crypto primitives to NIST is implied by many
> > suggestions made IETF-wide right now.
> i haven't seen anyone suggest that CFRG should not publish its own
> specifications regardless of what NIST does.

Some quotes in 2024 from IETF security-area directors:

    * "CFRG does not analyse or evaluate cryptography itself"
      (https://datatracker.ietf.org/meeting/120/materials/slides-120-saag-cryptography-at-the-ietf)

    * "SEC AD Proposal: Limit publication of crypto RFCs"
      (https://datatracker.ietf.org/meeting/120/materials/slides-120-saag-cryptography-at-the-ietf)

    * "the cryptographic research communities are focusing on NIST
      candidates"
      (https://mailarchive.ietf.org/arch/msg/saag/9e1QheO1L6SVBX3a8mFSij9AgHw/)

    * "Should the IETF really recommend a dropped candidate at this
      stage? I do not think so"
      (https://mailarchive.ietf.org/arch/msg/saag/9e1QheO1L6SVBX3a8mFSij9AgHw/)

The details of the "limit publication" proposal weren't clearly stated,
but included an "outside the IETF" criterion that sounded like it would
eliminate IETF (in the broad sense, including IRTF) as an independent
source of cryptographic standards---presumably rubber-stamping NIST's
decisions instead, as one sees in the last link.

---D. J. Bernstein

v2.29.0 | Report a Bug | By Email | System Status