Re: [COSE] [jose] ML-DSA & SLH-DSA for JOSE and COSE
Neil Madden <neil.e.madden@gmail.com> Sat, 13 January 2024 14:33 UTC
Return-Path: <neil.e.madden@gmail.com>
X-Original-To: cose@ietfa.amsl.com
Delivered-To: cose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B60A9C14F6EE; Sat, 13 Jan 2024 06:33:51 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.202
X-Spam-Level:
X-Spam-Status: No, score=-1.202 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, MIME_HTML_ONLY=0.1, MIME_HTML_ONLY_MULTI=0.001, MIME_QP_LONG_LINE=0.001, MPART_ALT_DIFF=0.79, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_KAM_HTML_FONT_INVALID=0.01, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yOAESJro5cKb; Sat, 13 Jan 2024 06:33:47 -0800 (PST)
Received: from mail-wr1-x435.google.com (mail-wr1-x435.google.com [IPv6:2a00:1450:4864:20::435]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AE9CEC14F6ED; Sat, 13 Jan 2024 06:33:47 -0800 (PST)
Received: by mail-wr1-x435.google.com with SMTP id ffacd0b85a97d-33761776af9so1270825f8f.0; Sat, 13 Jan 2024 06:33:47 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1705156426; x=1705761226; darn=ietf.org; h=to:in-reply-to:cc:references:message-id:date:subject:mime-version :content-transfer-encoding:from:from:to:cc:subject:date:message-id :reply-to; bh=o2Or4cVFr6sg+IIM85U1cqI0wS0eOKLQiYYYjMct1Rk=; b=GnXtZHnoxYY9t2GEf8aqnspjUqd0eFygJNL7xe+faXs9lDP7gfeQgyI6CRuLv95t63 LMX8R/VdKYUcIA67h1ntPX0Bx+86DeUCC8ErS9Q7rfoO6aXXzCiOCt8GrW3u5A0Dv/ol pNlmfuo4BqK2RW11ZwSg5N9MNvTGao1vS+hx0hxzZwPTviJO3GlMtNfEUrftlZ3EIftg pTTEyG/8E7ysiSvLkbYuzvfLI6CmwclUGEOxlof5GNs2nAwxo10sqjNbie8ZI4LOiPp1 eQDvzrQz0WXFPuszCv9HbCKj+wyLkuyJhRBsWQGjg8XT3X5uC2tb0itOG6buPTzbtLmN ugUg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1705156426; x=1705761226; h=to:in-reply-to:cc:references:message-id:date:subject:mime-version :content-transfer-encoding:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=o2Or4cVFr6sg+IIM85U1cqI0wS0eOKLQiYYYjMct1Rk=; b=dvvmrp+tIKb/L7FJHZei+2Ou3uLsGf5D/B2+MVXdkmcEWxwvrb9yAir0eFpJ/5zpAx koaD/hxaheQB18nYKivBHD8478pNyY4Ta8iC99ItyU6vfOyqWGEgpfls/Yp3BrhJ6vnW ME0ze/dYe6MVKIrwtGvY7D6MLN7MlPOkoVfsNaVcNb4ybOqkvBcDWglIA0ENduym0eVK KXVnpJgeRyw3ZgRzTGcVIvWR0oOAoyX8I/QZP9gHeeuEzha3zeUeV69jKLKxXC2Cs3Xh TLWUE87eEZIa4nEWRupDIbNPKO6Q+wDYmYEJzR1N7X6R2556+3hf3jDgA/AHLe9Tql51 ZykA==
X-Gm-Message-State: AOJu0Yw7gADNqfP+ZkXFgjeOEW+YoRakffdSwOWL5ioM0MJCplrOyhSY gLfVyoZn4P7QPhKiCSYr2AqVxArvGr8=
X-Google-Smtp-Source: AGHT+IEpzwisNwYavRFyZTPAEt1tdq8+Dn0Wc59bzpFPFMYmXwkSCmkl99/jNdxbygM8r+eWC6OdWw==
X-Received: by 2002:adf:e285:0:b0:337:7598:7f54 with SMTP id v5-20020adfe285000000b0033775987f54mr2789549wri.1.1705156425562; Sat, 13 Jan 2024 06:33:45 -0800 (PST)
Received: from smtpclient.apple (186.75.159.143.dyn.plus.net. [143.159.75.186]) by smtp.gmail.com with ESMTPSA id p19-20020adf9d93000000b003378ea9a7desm6002102wre.33.2024.01.13.06.33.45 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Sat, 13 Jan 2024 06:33:45 -0800 (PST)
From: Neil Madden <neil.e.madden@gmail.com>
X-Google-Original-From: Neil Madden <Neil.E.Madden@gmail.com>
Content-Type: multipart/alternative; boundary="Apple-Mail-0D3268DA-3730-499B-9F95-BA01BB8929AD"
Content-Transfer-Encoding: 7bit
Mime-Version: 1.0 (1.0)
Date: Sat, 13 Jan 2024 14:33:34 +0000
Message-Id: <1F043FBA-692F-4BD6-958B-1CFAE808E847@gmail.com>
References: <CAN8C-_K6SOv9s1MG9zw5sbc2sqq5AqJ9eX7av_QUW3-XzGZBQQ@mail.gmail.com>
Cc: JOSE WG <jose@ietf.org>, cose <cose@ietf.org>
In-Reply-To: <CAN8C-_K6SOv9s1MG9zw5sbc2sqq5AqJ9eX7av_QUW3-XzGZBQQ@mail.gmail.com>
To: Orie Steele <orie@transmute.industries>
X-Mailer: iPhone Mail (21B101)
Archived-At: <https://mailarchive.ietf.org/arch/msg/cose/Wdy6DC6g_c40sypTjTsu2gdm080>
Subject: Re: [COSE] [jose] ML-DSA & SLH-DSA for JOSE and COSE
X-BeenThere: cose@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: CBOR Object Signing and Encryption <cose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cose>, <mailto:cose-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cose/>
List-Post: <mailto:cose@ietf.org>
List-Help: <mailto:cose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cose>, <mailto:cose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 13 Jan 2024 14:33:51 -0000
On 12 Jan 2024, at 22:03, Orie Steele <orie@transmute.industries> wrote:
Hello Post Quantum Enthusiasts,_______________________________________________
We apologize for allowing the drafts to expire, that has now been corrected.
We've published new versions and done a tooling migration to the COSE WG GitHub repository:
- https://github.com/cose-wg/draft-ietf-cose-dilithium" rel="nofollow">https://github.com/cose-wg/draft-ietf-cose-dilithium
- https://github.com/cose-wg/draft-ietf-cose-sphincs-plus" rel="nofollow">https://github.com/cose-wg/draft-ietf-cose-sphincs-plus--
Here is a quick summary of what changed, but of course you can see the full diff in the datatracker.
1. We adjusted the names to reflect FIPS.204 (IPD) and FIPS.205 (IPD)
2. We removed extraneous text on the details of the algorithms, which is better covered in the references noted above.
3. We provided skeletons for examples
We are seeking implementations of ML-DSA and SLH-DSA in order to update the examples sections, with closer to real world data.
We have opted not to migrate Falcon, the parameter sets for sphincs will probably keep us busy for a while.
I'd like to take this opportunity to complain a bit about this part of the FIPS 205 IPD:
" This standard approves 12 parameter sets for use with SLH-DSA. "
I feel this is a mistake, and wonder if there is any opportunity to reduce this to something less than 4x the number defined by ML-DSA.
Even if NIST preserves all 12, we don't have to register all 12 in draft-ietf-cose-sphincs-plus.
... I really don't want to have to generate 12 key pairs and signature examples, especially because a single key pair with the required line breaks is likely to be longer than the entire draft.
Of course, we will do whatever the working group thinks is correct here... what should we do?
Regards,
OS
ORIE STEELE
Chief Technology Officer
www.transmute.industrieshttps://transmute.industries" target="_blank" rel="nofollow">https://ci3.googleusercontent.com/mail-sig/AIorK4xqtkj5psM1dDeDes_mjSsF3ylbEa5EMEQmnz3602cucAIhjLaHod-eVJq0E28BwrivrNSBMBc">
jose mailing list
jose@ietf.org
https://www.ietf.org/mailman/listinfo/jose
- [COSE] ML-DSA & SLH-DSA for JOSE and COSE Orie Steele
- Re: [COSE] [jose] ML-DSA & SLH-DSA for JOSE and C… Neil Madden
- Re: [COSE] [jose] ML-DSA & SLH-DSA for JOSE and C… Orie Steele
- Re: [COSE] [jose] ML-DSA & SLH-DSA for JOSE and C… Stephen Farrell
- Re: [COSE] [jose] ML-DSA & SLH-DSA for JOSE and C… Orie Steele
- Re: [COSE] [jose] ML-DSA & SLH-DSA for JOSE and C… Ilari Liusvaara
- Re: [COSE] [jose] ML-DSA & SLH-DSA for JOSE and C… Orie Steele
- Re: [COSE] [jose] ML-DSA & SLH-DSA for JOSE and C… Simo Sorce
- Re: [COSE] [jose] ML-DSA & SLH-DSA for JOSE and C… Ilari Liusvaara