IETF Logo Mail Archive

Re: [CFRG] Classic McEliece

Peter C <Peter.C@ncsc.gov.uk> Sun, 15 October 2023 12:11 UTC

Return-Path: <Peter.C@ncsc.gov.uk>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 07045C14CF1D for <cfrg@ietfa.amsl.com>; Sun, 15 Oct 2023 05:11:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.108
X-Spam-Level:
X-Spam-Status: No, score=-3.108 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FROM_GOV_DKIM_AU=-0.999, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=ncsc.gov.uk
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hMnViiyhIepp for <cfrg@ietfa.amsl.com>; Sun, 15 Oct 2023 05:11:42 -0700 (PDT)
Received: from GBR01-LO4-obe.outbound.protection.outlook.com (mail-lo4gbr01on2096.outbound.protection.outlook.com [40.107.122.96]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 30ECBC14CF0D for <cfrg@ietf.org>; Sun, 15 Oct 2023 05:11:41 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=LAMFZ/0mJ8bLnSr2pXZyRv8Gs4TCloUeGSDwyiRLW0Nh1f5TiJHZ50aOLuMPyloQEHMlj9zlE8tMSqbsI3CmvW+NIRckw2Ctd8ZT6/2HqCTHBEivMnpkzfCCKYwDNySZwe8GAZFcLjGMHgqwlTSOon0CglpUTNO8QtvOCH8YM0aeT8sjVLX0PGWRZ1gMaylEZ7EbdOnuRhlt7jOhXrWdnwac5rMW5T2m1h0B/u5XH/tmzZwUpV3xgLvRVg7VfIaMHScilcQWPIAtLf78k/I4j93ydG0m5snADq1ZeIX72iaRvVaYpIQCAHxVOmyv9y92QDzX1KydYeZAmduT2KjC2A==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=6iWy9aqVMKEO5z/1ISKNa2pa335QDOmWNMUjULVKEB4=; b=QmyuDbPZKv4ip7yrSE4XYvU8IqnSKUzFue+rKWZDrEZPr5DInk3KXzi1KAcbQjRGTYhPhfmTPzAdMyBL46G0GhJ0qhrog27vroyxXo8GkIZMuxUflBQVgQbDShJ9Mv8d8MQdSgxGNrGX0GZz1vZ12vR+6GKDXnAhskKb7zrykUeIv2qCevw36ca6IxTpUI4LZHPUR/tmaeDBAJg2Sw+agnn2oxBbTqRJKswatWuW8GRYkz8nZCoJIZ2Z/SxXR/h2epSboCsmMmF2+vntW9I9W2ootQ93nTDOLbHag/Lly0bHQ6Uk7rv7ZDAH0PSxG9+RSP22e68Z2cpCStjCRxreXA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ncsc.gov.uk; dmarc=pass action=none header.from=ncsc.gov.uk; dkim=pass header.d=ncsc.gov.uk; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ncsc.gov.uk; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=6iWy9aqVMKEO5z/1ISKNa2pa335QDOmWNMUjULVKEB4=; b=nZ68ocdWxdu0eamm1UnH5h7Xdo6od6gzeDC0kaGJ2KB0hFH0zgCHssARUcwgwtuDOvtb6pZ16WVAJDYBWPVlQseoMJdYWmnj/P6ymxsG6gNAoKR2BRtYKFoXkQRuNsf1JoJhqenxVqJoRCZDNljsLJDv4YLroqnShXd7qJCYfxEKRus1EdDWBA0nwaD7w+b/iFaiYF2mJ3Y3pVvLKNmF0S/rMSL6CfFRDRUve4MWxkR5smKNj0vEoeF9O1c9Q9oJrln7jeKy/Rkcrw2YrAH8jKeXwagc3ul/fJaII+8Ek2KIjG4TqdFQRzuZXBC5Qk5EnNTIyeET71n2zN7l+c5Qpw==
Received: from LO2P123MB4927.GBRP123.PROD.OUTLOOK.COM (2603:10a6:600:1e3::6) by LO6P123MB6953.GBRP123.PROD.OUTLOOK.COM (2603:10a6:600:2dc::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6863.46; Sun, 15 Oct 2023 12:11:38 +0000
Received: from LO2P123MB4927.GBRP123.PROD.OUTLOOK.COM ([fe80::dd0d:1a2d:9aa9:1efd]) by LO2P123MB4927.GBRP123.PROD.OUTLOOK.COM ([fe80::dd0d:1a2d:9aa9:1efd%5]) with mapi id 15.20.6886.034; Sun, 15 Oct 2023 12:11:32 +0000
From: Peter C <Peter.C@ncsc.gov.uk>
To: John Mattsson <john.mattsson=40ericsson.com@dmarc.ietf.org>, Simon Josefsson <simon=40josefsson.org@dmarc.ietf.org>, "cfrg@ietf.org" <cfrg@ietf.org>
Thread-Topic: [CFRG] Classic McEliece
Thread-Index: AQHZ/0jWlIadzSEFpEGfAJroo5s5a7BKmDGAgAAl9nA=
Date: Sun, 15 Oct 2023 12:11:32 +0000
Message-ID: <LO2P123MB4927E0632FF8C7D5C2292188BCD0A@LO2P123MB4927.GBRP123.PROD.OUTLOOK.COM>
References: <877cno8cqv.fsf@kaka.sjd.se> <GVXPR07MB9678F2569BE63DF25C0126CA89D0A@GVXPR07MB9678.eurprd07.prod.outlook.com>
In-Reply-To: <GVXPR07MB9678F2569BE63DF25C0126CA89D0A@GVXPR07MB9678.eurprd07.prod.outlook.com>
Accept-Language: en-GB, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=ncsc.gov.uk;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: LO2P123MB4927:EE_|LO6P123MB6953:EE_
x-ms-office365-filtering-correlation-id: 6dfd0d4e-5861-4525-d71d-08dbcd77ded1
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: Z3NQ5ndjXYVNo7HcvUEzVt1JkXQtRyJtLlMyuEZQS2Qpou2XlY67c5gtSxQ1liH7Nu1MD/iyItM21okPbUDOl3EJ0Wdpp2y6US7T/+KjnZTtJRA7QbypH/Os3YLl3r4TzDroLwkdqawAolLl8t5EJMRcAhkcjwmiTAZ7Ubn6aZa6OuMtD9RZ3BteM+mv5vUKYwYce50dLZAebv9lMOuCDhPpG0Ds9fWzCo6Hsh/WtLlGw9S8CQqZ386gz2KSubicNYagi5R8N+MvlCXrWRCu3Bfb58BTxL9YPbdLpFZ0ZdQN0pRTLmRqW4mQeE2XbV0CG7WcpO401IYZAqI7r1a8gS0CDy4AEzcX6C1vnBKSwnjbyVABJ7ulatihOw/joNiGco2MRl9yjdhump7XMFB/coY51YybqL+ptSWdYiqZijaOOVboqTO4AWfENH1bai/a5CPldbyYqQpjXF7xSvFIgjj8EYvWyXsad8PRCgLm3o3ulooTZRLozXCfGZf54LyvTPHT/isJ9ixgiQnAUeDqPJy6XZbNcwWP8Ai7HNDovOnWls1sw+3TCOuMYvTCdQUE8KfCf4SrRixokG8SnZBUlfSaGj39+3bNpkySmsYwDJ8=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:LO2P123MB4927.GBRP123.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(13230031)(6029001)(396003)(346002)(39840400004)(136003)(366004)(376002)(230922051799003)(64100799003)(451199024)(186009)(1800799009)(52536014)(64756008)(76116006)(66446008)(66476007)(66946007)(5660300002)(55016003)(66899024)(316002)(66556008)(110136005)(2906002)(33656002)(166002)(8936002)(8676002)(41300700001)(83380400001)(82960400001)(26005)(38100700002)(38070700005)(478600001)(66574015)(122000001)(9686003)(966005)(53546011)(71200400001)(6506007)(86362001)(7696005); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: RYE8gdEiGA4OtaDH9wK4Da6gJ++mjn+BJueaYdO+jdp3RFUwErArmf9Ti3wlidHuFMye5nYM7m5mA9KeNzIgUWao/1/CjjazTTM2tuZ15g2f3csiZvt5x8SjqsgQbyousGXO1uNnNha8bwf3RCxP52S6BBRDYTyUJW5+Q4ikg+/VKg54CNhQPW8sqLgCyQmt1GMz0jI6eVKaTH9FXbsmyO5Q/d31RMuMADiU7+aFUiIVj8UVzLp96+ihIIHftTWAbmFo7KHKzufj9Xjczvzk6C6e8YT0ip6/PGxCypjhodve04tX2dH5B9I3TTeKl3/y06OXOJ7vPFuvf46AmG4LsP7iOP/QVmao6mibf/CS6Mce6ZXozqCf+36YZu80p4LTNDfEi+pOGxWfKV3lOwaSFOBWwT65ecO3feWRLpbTgu3th3HP//gWEnGpoEIRlTEYiysBLQ7/ZWzQhtCzlGCzhvT2bsP5up3gN9Rh+KyJ2YOCRm//bmGwWElBasF63UWlyo7YVGmNaxF2mjYEM2GqYXDlilb7o25JqO7QUX+eg80jzfzi4tVJUophg3ch+sw4EMRkizJ6uIefdXpfR0hwYRUf044azfOYoLwyIu0tQGzLEGIV4WiCJInpvoCFdc91K2HYGTkTplOEYVntajcZU8iMKwILQd6hxbydQVQ2ExQpgmAHjI6W3CXT3wUZrISBdkjK+vgKXr0Zcr8u6oYgRnMK9albhFoa5mgHMFWAb79Tpiutp7bELKax+ymBsJ3qgvoVawd/DA4XRjaZnFfnWc6zudvnx6e6FU/q51qQvEI8XCGLvbZ9aoRDeHkdHWIfPA37k3JdX9OCw7NYTNIIbE1HHIc4ZxKWle+W1+IV6vV1eiQ/Z5X6IRfILEP21zhnfgc06cjAcOMtCx/q6x6k7YN73E0wpg2vE/Ks3t7Ue8kMD5QHs07r+rXwuhrZaKv9wTKUmKZTM0JJbYyMHnRNE6KUUSjlAVIz5HqYSP76yqndGKPU7N7ULGVPr55meG7+WoAP036ilmivujWWfhxVSXaPQAYs1tlIRu4MUM2XgbZc6Jz23r88LbBmFTjNMods54uJSJ5kUvW8sZADiJ82Al3sDG9p3cnVRBDy3Me2cA+8BKL6OXsjB30Eb0CyQJ9dqxiWXt6sSu7z2iLhQdINiqa7v0eTtWeEWLgknbF6qAU+doKJUKBEqh1SkCNh12RcHp8Gm8Xnc68QshcBe07ruF+e8ycpivk7lL7EoCoEG75Gzt0rVGG+e8zLLzE26iKs9zpdAcdP+68n9WThBP3lfwHOsihm0TjguE+Yrgs+gIk/N6xGPhmcm9ctQv+lCh8TxivFCt4C0lXuaMIZdRXBuLtZbbRp/X0ct/PYa9q439JtJjowyMR0d6zUF3PL1NiAX8XnTLXTH5NfpMBs7q/uo6EUzgv56GDd9O8HPUBNxItbvX9KTWkrr/TqPV7vjaYj+PoZtHh4sNOMWgzQ104D9ugsACDUYSL0l3TxeWtm6StegBEUjaYwtRneBBL553/T35iprmHXDR/9uE/6QVZ4GjwrUfCnZxHSE95d/8DppfyynwnoDpjvlj03WzltjKeS
Content-Type: multipart/alternative; boundary="_000_LO2P123MB4927E0632FF8C7D5C2292188BCD0ALO2P123MB4927GBRP_"
MIME-Version: 1.0
X-OriginatorOrg: ncsc.gov.uk
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: LO2P123MB4927.GBRP123.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: 6dfd0d4e-5861-4525-d71d-08dbcd77ded1
X-MS-Exchange-CrossTenant-originalarrivaltime: 15 Oct 2023 12:11:32.5668 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 14aa5744-ece1-474e-a2d7-34f46dda64a1
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: OKmiClMwgVvkM7bOUfufh4g/dEPbgURej60ClsQD7ze+XMUIE2aLuUgmHOp2MPEWd3GcXTn/FjJGMmdlcW9jOg==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: LO6P123MB6953
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/m07j-Gsrb6KWyQxNSKkdSxSiu8M>
Subject: Re: [CFRG] Classic McEliece
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Sun, 15 Oct 2023 12:11:47 -0000

Almost the entire content of draft-josefsson-mceliece is taken verbatim from the first working draft of ISO/IEC 18033-2/AMD2.  There is a prominent copyright notice on the WD warning against reproducing any part of the document without prior written permission.  The scheme may be owned by the Classic McEliece submission team, but the text of the WD is not.

If the CRFG wants a specification to use as an alternative to an ISO standard, this is not the way to go about it.

Peter

From: CFRG <cfrg-bounces@irtf.org> On Behalf Of John Mattsson
Sent: Sunday, October 15, 2023 10:39 AM
To: Simon Josefsson <simon=40josefsson.org@dmarc.ietf.org>; cfrg@ietf.org
Subject: Re: [CFRG] Classic McEliece

Hi,

I agree that Classic McElice should be standardized somewhere. There seems to be significant interest in having a more conservative KEM than ML-KEM. Even if I personally think Curve25519+ML-KEM is conservative enough for most use cases.

ISO standards are paywalled which goes completely against the values of the Internet community.  I think ISO security standards are completely unusable. Secret and paywalled algorithms should not be seen as acceptable anymore. Paywalled algorithm standards means that much fewer security researchers has access to them. This is both a security and a trust problem. There are also many examples were implementations use publicly available material instead of paywalled standards which creates both interoperability and security problems. Now in 2023 there have been several court verdicts in the EU and US stating that all technical standards referenced by laws must be freely available. I think cryptographers should boycott ISO.

NIST said this week that they are planning to standardize 1-2 of the code-based KEMs of which Classic McElice is one. The other two candidates are BIKE and HQC. It therefore seems quite likely that NIST will standardize Classic McElice. I think CFRG should wait on NIST standardization. If NIST choses to standardize Classic McElice, I don't think a CFRG specification is needed.

If NIST choses to not standardize Classic McElice and a paywalled ISO standard is the only reference, I think a CFRG specification is the way to go.

Cheers,
John

From: CFRG <cfrg-bounces@irtf.org> on behalf of Simon Josefsson <simon=40josefsson.org@dmarc.ietf.org>
Date: Sunday, 15 October 2023 at 11:20
To: cfrg@ietf.org <cfrg@ietf.org>
Subject: [CFRG] Classic McEliece
Hi

Here is a starting point to describe Classic McEliece as an IETF draft,
based on the proposed Classic McEliece ISO draft:

https://datatracker.ietf.org/doc/html/draft-josefsson-mceliece

All non-editorial feedback should preferrably go upstream to the Classic
McEliece team, but you are welcome to give feedback in the issue
tracker: https://gitlab.com/jas/ietf-mceliece

/Simon

v2.37.1 | Report a Bug | By Email | System Status