IETF Logo Mail Archive

Re: [COSE] [jose] Fwd: New Version Notification for draft-reddy-cose-jose-pqc-kem-00.txt

tirumal reddy <kondtir@gmail.com> Wed, 06 March 2024 05:58 UTC

Return-Path: <kondtir@gmail.com>
X-Original-To: cose@ietfa.amsl.com
Delivered-To: cose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CB97FC151075; Tue, 5 Mar 2024 21:58:15 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.104
X-Spam-Level:
X-Spam-Status: No, score=-2.104 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MC650RIMJbGQ; Tue, 5 Mar 2024 21:58:12 -0800 (PST)
Received: from mail-lf1-x12c.google.com (mail-lf1-x12c.google.com [IPv6:2a00:1450:4864:20::12c]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DCAFDC14F615; Tue, 5 Mar 2024 21:58:11 -0800 (PST)
Received: by mail-lf1-x12c.google.com with SMTP id 2adb3069b0e04-5135a419ac5so258771e87.1; Tue, 05 Mar 2024 21:58:11 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1709704689; x=1710309489; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=oQ2XloW+8a2eIldkyHpAjpJ/7FRS+pMOkjpMJW+ZPFk=; b=jPn+jIO1SYC6BNQvMtpdUGb+ixQzBBM6cCSohK0CIl/rSORAhfVM1HVJsTHZBQ4nvN nAPFA6GGcYX1XwF5NOrqYvM8Zcj7innMqkHwtIGVbW7NFDbb7Mx95rx2+gBi4bB2Cq0D rb+N8Sduo5lYC1HjQO/RF5NRRlyu54HD3swGeLe/GTo5BrMJP17ihbKKR1VqOHzKAQzh BLz14ULo05WRHGk1k71UkiTnykUguzPT9XsWxzFnPjmzsojYxu2CP97lHR6dxAb/ob4q TPTL00jamD8+njYL5/fP/mS1E/UiSvWyTsqSP1hoRIOa8hFpF8ZFtVTwLQmrs2hA8+mJ 0AGA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1709704689; x=1710309489; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=oQ2XloW+8a2eIldkyHpAjpJ/7FRS+pMOkjpMJW+ZPFk=; b=GrRfeZGjTpC5C9Uv2SRaK+RoSxlTiFeGpJZhJ161YUkb4EefCfjs7Vgd6V5y36aPpj eVr3jyH1rTNAytEKxjnBiybIUYEOOTZLOtslzMUjw5+X/o09/YLZnTr2dpNWl5o8r1/5 eJMAhqBD8yWa+oVOsQwlnTMEfQwFhOC5GVFIGeoNOqUSqqXz0O0q33LjQxVafrJpNIsw aFL9E033vt8mpanONqEeiD3OgX8sDrgrtBJeVILT9++USLcRxksZXl9do4Bs2YrfASbw XVsw1pRQPURtPT5EEgpBEWrrciuM/9+Gt/k1XTBPrDv6gOjIBnXTe3R9ZjOgAdjzgLpN IlsQ==
X-Forwarded-Encrypted: i=1; AJvYcCUK7R3MnHaQPz3UXyGzzML3hSknaO9VjPF/94cPsF36NkMG3g/jvHOSQynIf2x8o4u8Vnr2ZSr6JRMu6jBp
X-Gm-Message-State: AOJu0Yw9e+5MWb6WwYCm2GPk+FwhoT1HazO3Bx1J+TcjkEkPNdHs37wB HrfhjnQhbO3+qcTJG6Q7+2VY9oi1B+11Tjq2fsmk6ndQKa1tiUTwUYuEnQ4+su1UxtzNvl7JNQC qnkS0dLdrZ44ZoYJvD2AeFMawKCiPVeq7U9g=
X-Google-Smtp-Source: AGHT+IHyfi4w3hrCkCFO5p2DreAXBv/JKAjD0E1k/ygHtc7bxkhYS/hlsp4JaI6yDTYPDxUVWH8t16EdCT+6SmKNlQs=
X-Received: by 2002:a05:6512:214a:b0:513:2cf8:8a19 with SMTP id s10-20020a056512214a00b005132cf88a19mr1156677lfr.5.1709704689410; Tue, 05 Mar 2024 21:58:09 -0800 (PST)
MIME-Version: 1.0
References: <170944215832.65165.15558599263256086018@ietfa.amsl.com> <CAFpG3gdGiw2wap8C1H+AOWvEn1ewSjmtBmghKKAvNBmXnDmoYg@mail.gmail.com> <CAN8C-_KZifohssn3WoZa6Qn3QMeh0YMya6c8RGa1ZieWgRY9=A@mail.gmail.com>
In-Reply-To: <CAN8C-_KZifohssn3WoZa6Qn3QMeh0YMya6c8RGa1ZieWgRY9=A@mail.gmail.com>
From: tirumal reddy <kondtir@gmail.com>
Date: Wed, 06 Mar 2024 11:27:32 +0530
Message-ID: <CAFpG3gcu2DDfQYjoRWpaoEoDxbsYGw_2MhMNLM0KDVr-6PM7=Q@mail.gmail.com>
To: Orie Steele <orie@transmute.industries>
Cc: cose <cose@ietf.org>, JOSE WG <jose@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000aef01c0612f7a4f6"
Archived-At: <https://mailarchive.ietf.org/arch/msg/cose/mVWXCRvLx7IfsOqXBmSW0b3YPRE>
Subject: Re: [COSE] [jose] Fwd: New Version Notification for draft-reddy-cose-jose-pqc-kem-00.txt
X-BeenThere: cose@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: CBOR Object Signing and Encryption <cose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cose>, <mailto:cose-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cose/>
List-Post: <mailto:cose@ietf.org>
List-Help: <mailto:cose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cose>, <mailto:cose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 06 Mar 2024 05:58:15 -0000

Hi Orie,

Thanks for the review. Please see inline

On Tue, 5 Mar 2024 at 19:02, Orie Steele <orie@transmute.industries> wrote:

> Draft looks very familiar after have spent so much time with HPKE.
>
> And it would be nice to have at least one pq encryption suite on track for
> standardization.
>
> Having different direct mode alg values for ML-KEM and HPKE that are both
> basically telling you to look an enc... Is wasting registry space.
>
> alg: dir, is sufficient.
>
> The documents that register the new enc modes can explain why.
>
> I think it would be better to see ML-KEM suites in HPKE, instead of seeing
> duplicates.
>
> There will also be different security issues, without the HPKE context and
> key commiting, etc...
>
> There will be worse interop with 2 ways to do the same things.
>
> With hydrids on the horizon... it's a mistake to register hydrids twice...
> Once for HPKE and once for standalone.
>
> I think we should use HPKE until there is reason not to use it.
>
> Is this draft motivated by implementers who could not use HPKE?
>

HPKE supports X25519Kyber768Draft00, a hybrid scheme that combines both
traditional and PQC KEM algorithms. This hybrid scheme for confidentiality
serves as a transitional approach, paving the path for a future migration
to PQC KEM algorithms. For more details, refer to
https://datatracker.ietf.org/doc/html/draft-ietf-pquip-pqc-engineers-03#section-14.
Other protocols like IPSEC are also discussing the use of PQC KEM
algorithms.

-Tiru


>
> Are there critical use cases that multiple vendors need to support that
> only work without using HPKE?
>
> OS
>
> On Tue, Mar 5, 2024, 5:34 AM tirumal reddy <kondtir@gmail.com> wrote:
>
>> We have published a new draft
>> https://www.ietf.org/archive/id/draft-reddy-cose-jose-pqc-kem-00.html,
>> that describes the conventions for using Post-Quantum Key Encapsulation
>> Mechanisms (PQ-KEMs) within JOSE and COSE.  Although this mechanism could
>> be used with any PQ-KEM, this document focuses on Module-Lattice-based Key
>> Encapsulation Mechanisms (ML-KEMs).
>>
>> Comments and Suggestions are welcome.
>>
>> -Tiru
>>
>> ---------- Forwarded message ---------
>> From: <internet-drafts@ietf.org>
>> Date: Sun, 3 Mar 2024 at 10:32
>> Subject: New Version Notification for draft-reddy-cose-jose-pqc-kem-00.txt
>> To: Tirumaleswar Reddy.K <kondtir@gmail.com>, Aritra Banerjee <
>> aritra.banerjee@nokia.com>, Hannes Tschofenig <Hannes.Tschofenig@gmx.net>,
>> Hannes Tschofenig <hannes.tschofenig@gmx.net>
>>
>>
>> A new version of Internet-Draft draft-reddy-cose-jose-pqc-kem-00.txt has
>> been
>> successfully submitted by Tirumaleswar Reddy and posted to the
>> IETF repository.
>>
>> Name:     draft-reddy-cose-jose-pqc-kem
>> Revision: 00
>> Title:    Post-Quantum Key Encapsulation Mechanisms (PQ KEMs) for JOSE
>> and COSE
>> Date:     2024-03-03
>> Group:    Individual Submission
>> Pages:    16
>> URL:
>> https://www.ietf.org/archive/id/draft-reddy-cose-jose-pqc-kem-00.txt
>> Status:   https://datatracker.ietf.org/doc/draft-reddy-cose-jose-pqc-kem/
>> HTML:
>> https://www.ietf.org/archive/id/draft-reddy-cose-jose-pqc-kem-00.html
>> HTMLized:
>> https://datatracker.ietf.org/doc/html/draft-reddy-cose-jose-pqc-kem
>>
>>
>> Abstract:
>>
>>    This document describes the conventions for using Post-Quantum Key
>>    Encapsulation Mechanisms (PQ-KEMs) within JOSE and COSE.
>>
>> About This Document
>>
>>    This note is to be removed before publishing as an RFC.
>>
>>    Status information for this document may be found at
>>    https://datatracker.ietf.org/doc/draft-reddy-cose-jose-pqc/.
>>
>>    Discussion of this document takes place on the cose Working Group
>>    mailing list (mailto:cose@ietf.org), which is archived at
>>    https://mailarchive.ietf.org/arch/browse/cose/.  Subscribe at
>>    https://www.ietf.org/mailman/listinfo/cose/.
>>
>>
>>
>> The IETF Secretariat
>>
>>
>> _______________________________________________
>> jose mailing list
>> jose@ietf.org
>> https://www.ietf.org/mailman/listinfo/jose
>>
>

v2.23.0 | Report a Bug | By Email