[openpgp] Fw: New Version Notification for draft-ietf-openpgp-pqc-05.txt

Aron Wussler <aron@wussler.it> Mon, 21 October 2024 15:35 UTC

Return-Path: <aron@wussler.it>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 43924C1E0D63 for <openpgp@ietfa.amsl.com>; Mon, 21 Oct 2024 08:35:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.105
X-Spam-Level:
X-Spam-Status: No, score=-2.105 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=wussler.it
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MzTxPCRHeWrs for <openpgp@ietfa.amsl.com>; Mon, 21 Oct 2024 08:35:37 -0700 (PDT)
Received: from mail-4018.proton.ch (mail-4018.proton.ch [185.70.40.18]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A8F35C1D61E0 for <openpgp@ietf.org>; Mon, 21 Oct 2024 08:35:35 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=wussler.it; s=protonmail; t=1729524933; x=1729784133; bh=aeoc9hiwlLEU2/D3CYiAT+0G2UeYSXLbnD+MHOvk60U=; h=Date:To:From:Subject:Message-ID:In-Reply-To:References: Feedback-ID:From:To:Cc:Date:Subject:Reply-To:Feedback-ID: Message-ID:BIMI-Selector; b=dWBxAVDF4pjkVnwc9TuQ1n58XmFs11e7SQBqweHVM9j0tvZerbrpqMkP2vdRJXRI+ sWLX3oK2ztZZqBuIn/KUcTulNYQZLVvJEyfk0h59vn6J4NNDwoxzyaQdlfsv0PuNH1 b7OfPwsErUfBXFNDVeTu/hOrSxe0yZVUaur2RzTf2ScJ/Vophn0JiTRQ2/890Iuv7K 5wcneCsO1uG9h4WgvXqDzZ27rzfNfRjSjqMCm56WWFYAzvAiyz3g62Tnb/t+g7I7cU +kiuJKpxXk+pTtsDMDA58OzI2cWtpuxg+oOrioWu85p0zdLmlzJYKgsES1LlzFhOGG ge8ncLqphmGnQ==
Date: Mon, 21 Oct 2024 15:35:30 +0000
To: "openpgp@ietf.org" <openpgp@ietf.org>
From: Aron Wussler <aron@wussler.it>
Message-ID: <lgzJzv6GX9ZQ_K3bRqIi9ASxbjwaZFahcghzBaHLReMHIfVpudSlnWe9wCrKniruARt3AzOpEkT8WBWjO4N1ksP9LLcq4pBu0VhrzOyqbJE=@wussler.it>
In-Reply-To: <172952468697.1996193.18317768871302868182@dt-datatracker-78dc5ccf94-w8wgc>
References: <172952468697.1996193.18317768871302868182@dt-datatracker-78dc5ccf94-w8wgc>
Feedback-ID: 10883271:user:proton
X-Pm-Message-ID: 8c60a68f00aefb518e3b001d00dd55ff3ef364b5
MIME-Version: 1.0
Content-Type: multipart/signed; protocol="application/pgp-signature"; micalg="pgp-sha512"; boundary="------a4a849a7d2c8779c21925480a03a4f7747b9f1f0e863e29bce4b8e8940e58166"; charset="utf-8"
Message-ID-Hash: Y32QMK2MYXWIFIIHDCVISHCJLI4QEY4J
X-Message-ID-Hash: Y32QMK2MYXWIFIIHDCVISHCJLI4QEY4J
X-MailFrom: aron@wussler.it
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-openpgp.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [openpgp] Fw: New Version Notification for draft-ietf-openpgp-pqc-05.txt
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/gAoFLyZrp-jUlnzY5NsLFq-zn_g>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Owner: <mailto:openpgp-owner@ietf.org>
List-Post: <mailto:openpgp@ietf.org>
List-Subscribe: <mailto:openpgp-join@ietf.org>
List-Unsubscribe: <mailto:openpgp-leave@ietf.org>

Hi everyone,

We just published the new version of the draft, including all the changes promised at the last meeting. 


In particular, here's the changelog:
   *  Reworked KEM combiner for the purpose of NIST-compliance.
   *  Mandated v6 keys for ML-KEM + ECDH algorithms.
   *  Defined private key seed format for ML-KEM and ML-DSA.
   *  Added key generation security considerations.
   *  Replaced initial public drafts with FIPS 203, 204, 205.

The test vectors are up-to-date, and we encourage everyone to have a look at it, or even better try to implement it.

Cheers,
Aron



--
Aron Wussler
Sent with ProtonMail, OpenPGP key 0x7E6761563EFE3930



------- Forwarded Message -------
From: internet-drafts@ietf.org <internet-drafts@ietf.org>
Date: On Monday, 21 October 2024 at 17:31
Subject: New Version Notification for draft-ietf-openpgp-pqc-05.txt
To: Aron Wussler <aron@wussler.it>, Falko Strenzke <falko.strenzke@mtg.de>, Johannes Roth <johannes.roth@mtg.de>, Stavros Kousidis <stavros.kousidis@bsi.bund.de>


> A new version of Internet-Draft draft-ietf-openpgp-pqc-05.txt has been
> successfully submitted by Aron Wussler and posted to the
> IETF repository.
> 

> Name: draft-ietf-openpgp-pqc
> Revision: 05
> Title: Post-Quantum Cryptography in OpenPGP
> Date: 2024-10-21
> Group: openpgp
> Pages: 59
> URL: https://www.ietf.org/archive/id/draft-ietf-openpgp-pqc-05.txt
> Status: https://datatracker.ietf.org/doc/draft-ietf-openpgp-pqc/
> HTML: https://www.ietf.org/archive/id/draft-ietf-openpgp-pqc-05.html
> HTMLized: https://datatracker.ietf.org/doc/html/draft-ietf-openpgp-pqc
> Diff: https://author-tools.ietf.org/iddiff?url2=draft-ietf-openpgp-pqc-05
> 

> Abstract:
> 

> This document defines a post-quantum public-key algorithm extension
> for the OpenPGP protocol. Given the generally assumed threat of a
> cryptographically relevant quantum computer, this extension provides
> a basis for long-term secure OpenPGP signatures and ciphertexts.
> Specifically, it defines composite public-key encryption based on ML-
> KEM (formerly CRYSTALS-Kyber), composite public-key signatures based
> on ML-DSA (formerly CRYSTALS-Dilithium), both in combination with
> elliptic curve cryptography, and SLH-DSA (formerly SPHINCS+) as a
> standalone public key signature scheme.
> 

> 

> 

> The IETF Secretariat