[COSE] ML-DSA & SLH-DSA for JOSE and COSE
Orie Steele <orie@transmute.industries> Fri, 12 January 2024 22:03 UTC
Return-Path: <orie@transmute.industries>
X-Original-To: cose@ietfa.amsl.com
Delivered-To: cose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4C994C14F602 for <cose@ietfa.amsl.com>; Fri, 12 Jan 2024 14:03:10 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.094
X-Spam-Level:
X-Spam-Status: No, score=-2.094 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_KAM_HTML_FONT_INVALID=0.01, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=transmute.industries
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fjEEMMfvSVUJ for <cose@ietfa.amsl.com>; Fri, 12 Jan 2024 14:03:05 -0800 (PST)
Received: from mail-pg1-x52d.google.com (mail-pg1-x52d.google.com [IPv6:2607:f8b0:4864:20::52d]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C654BC14F60F for <cose@ietf.org>; Fri, 12 Jan 2024 14:03:05 -0800 (PST)
Received: by mail-pg1-x52d.google.com with SMTP id 41be03b00d2f7-5cdf76cde78so3899619a12.1 for <cose@ietf.org>; Fri, 12 Jan 2024 14:03:05 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=transmute.industries; s=google; t=1705096985; x=1705701785; darn=ietf.org; h=to:subject:message-id:date:from:mime-version:from:to:cc:subject :date:message-id:reply-to; bh=HfQI+OPvIAK7FxHnuhGeUi8Q7u5L8iUJ1YRWIF99SRY=; b=gTMQGd0NMx1lP26e+g/UuRGo7pG0fsGjf0t+il7lk7SCtjh9ix2VEfyFV95k2Qg2vJ +a9NNEHx8xVC6WvSEl7qyFp0nuLrJUSou32lEj62VkJdP8iAPZ614cK3FPRmnQ4TEqF2 jCsanpOk4dwVwikDmoAwijgkNAOQ2V4do7ccz2HcWzjpccTr4qcqEsEYuzS0AuN7A6xd 8OKL0s9k5itmxqbzFyrFslRD2j1rjMz99+Y54jh0ex6UqMX4D/Ed9mU6y5LPdCDmCk6p B8/96tTSlEJ/paq73ttQa7fSF8HsYm/NavYT/veba1nFL14Y7EOgLZnTrx0CFcMPX/jC K9lg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1705096985; x=1705701785; h=to:subject:message-id:date:from:mime-version:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=HfQI+OPvIAK7FxHnuhGeUi8Q7u5L8iUJ1YRWIF99SRY=; b=MVnR94EFKL0PhqPxTkpjey/xnEpCAxN1waFRxyXcPOMfZExgXZutYmJZPFiCUSfYsQ XBP8fJ57dB0UBVExC2MbOXzFsA7B1WpDUP1pXyU0nRxeG/9ChoxnRa23qWgzYbeQz+Q0 lNXuaE+58BbLaPi0hIdD5MpxMMS6PkxDj34nHWqwshH0hWZ0l4tIelhlbwWDS51eE/rT vz8k0zij2lTYEkNojCagIFpE4afPdqz4mXvXv20Q4j0UPjkDCHcN8tlngVuBcR36Ymsz smMweaeUxV+Md/agtQkuVroWZO2AWEsFutYrGNEQs1Ybu3X1+Mje9q2NJ4xi+MhW6G6/ ccAg==
X-Gm-Message-State: AOJu0YzzlYI6U/bOkIJHGwMlSgPKRI4EWoCB9jSRzMLBtRXvkjQiwQqt Uw6u2JjMNCbqhvhjEbHduY//S6VXXU35ZgisKFvkrD1zNf2Dmg==
X-Google-Smtp-Source: AGHT+IHd4iyAK9v8110ys8otFrpI6pUfGlV7P1vvsvvALOrA5PLb3V5L0TARGV9evgvXzzhvTJGLhRbhbmzm6bxUZpo=
X-Received: by 2002:a05:6a21:183:b0:199:c29a:190b with SMTP id le3-20020a056a21018300b00199c29a190bmr1638261pzb.108.1705096984895; Fri, 12 Jan 2024 14:03:04 -0800 (PST)
MIME-Version: 1.0
From: Orie Steele <orie@transmute.industries>
Date: Fri, 12 Jan 2024 16:02:54 -0600
Message-ID: <CAN8C-_K6SOv9s1MG9zw5sbc2sqq5AqJ9eX7av_QUW3-XzGZBQQ@mail.gmail.com>
To: JOSE WG <jose@ietf.org>, cose <cose@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000017b7ef060ec6d499"
Archived-At: <https://mailarchive.ietf.org/arch/msg/cose/yRVtFDEsaNHwLMR8AIGWrTCVQx8>
Subject: [COSE] ML-DSA & SLH-DSA for JOSE and COSE
X-BeenThere: cose@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: CBOR Object Signing and Encryption <cose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cose>, <mailto:cose-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cose/>
List-Post: <mailto:cose@ietf.org>
List-Help: <mailto:cose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cose>, <mailto:cose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 12 Jan 2024 22:03:10 -0000
Hello Post Quantum Enthusiasts, We apologize for allowing the drafts to expire, that has now been corrected. We've published new versions and done a tooling migration to the COSE WG GitHub repository: - https://github.com/cose-wg/draft-ietf-cose-dilithium - https://github.com/cose-wg/draft-ietf-cose-sphincs-plus Here is a quick summary of what changed, but of course you can see the full diff in the datatracker. 1. We adjusted the names to reflect FIPS.204 (IPD) and FIPS.205 (IPD) 2. We removed extraneous text on the details of the algorithms, which is better covered in the references noted above. 3. We provided skeletons for examples We are seeking implementations of ML-DSA and SLH-DSA in order to update the examples sections, with closer to real world data. We have opted not to migrate Falcon, the parameter sets for sphincs will probably keep us busy for a while. I'd like to take this opportunity to complain a bit about this part of the FIPS 205 IPD: " This standard approves 12 parameter sets for use with SLH-DSA. " I feel this is a mistake, and wonder if there is any opportunity to reduce this to something less than 4x the number defined by ML-DSA. Even if NIST preserves all 12, we don't have to register all 12 in draft-ietf-cose-sphincs-plus. ... I really don't want to have to generate 12 key pairs and signature examples, especially because a single key pair with the required line breaks is likely to be longer than the entire draft. Of course, we will do whatever the working group thinks is correct here... what should we do? Regards, OS -- ORIE STEELE Chief Technology Officer www.transmute.industries <https://transmute.industries>
- [COSE] ML-DSA & SLH-DSA for JOSE and COSE Orie Steele
- Re: [COSE] [jose] ML-DSA & SLH-DSA for JOSE and C… Neil Madden
- Re: [COSE] [jose] ML-DSA & SLH-DSA for JOSE and C… Orie Steele
- Re: [COSE] [jose] ML-DSA & SLH-DSA for JOSE and C… Stephen Farrell
- Re: [COSE] [jose] ML-DSA & SLH-DSA for JOSE and C… Orie Steele
- Re: [COSE] [jose] ML-DSA & SLH-DSA for JOSE and C… Ilari Liusvaara
- Re: [COSE] [jose] ML-DSA & SLH-DSA for JOSE and C… Orie Steele
- Re: [COSE] [jose] ML-DSA & SLH-DSA for JOSE and C… Simo Sorce
- Re: [COSE] [jose] ML-DSA & SLH-DSA for JOSE and C… Ilari Liusvaara