Re: [Pqc] PQ/T Hybrid Terminology - Basic Definitions
Florence D <Florence.D@ncsc.gov.uk> Thu, 18 May 2023 10:46 UTC
Return-Path: <Florence.D@ncsc.gov.uk>
X-Original-To: pqc@ietfa.amsl.com
Delivered-To: pqc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B680EC15154A for <pqc@ietfa.amsl.com>; Thu, 18 May 2023 03:46:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.1
X-Spam-Level:
X-Spam-Status: No, score=-2.1 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FROM_GOV_DKIM_AU=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=ncsc.gov.uk
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sODuSbZRkvSv for <pqc@ietfa.amsl.com>; Thu, 18 May 2023 03:46:25 -0700 (PDT)
Received: from GBR01-CWL-obe.outbound.protection.outlook.com (mail-cwlgbr01on071d.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe14::71d]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8CE8FC15152B for <pqc@ietf.org>; Thu, 18 May 2023 03:46:24 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=BfE0dT2i9tjrNoH2p7tuBPZRDUF87p7uJEbGIW7SqKa+SKpPi3RN91zvI4REZJUS1p4V8cZHwkb4UWLK4M/4qbkppqAmJEN6YSCk2BM7TBFCVito+AYDGT8DJVCVt74QkyxQDeBY2E8qWYxUyWY9CM2IwucizLT5Y6lpmu4tquAFoZYonBKJXN0DottK/ZVic/Z9OYOrE1be3tAZrYpr0+Cfpj/L5ilST/YywSK1FVEHKUMStPjaEZlYGSPO23YfG5Xb5146EmfkOaH76vdcDDYzDkxXGrDSuA5sQspAQBkQli7WT5dvuXfeA3J/Cra204RM2dXhvOE8AS3tasSUQw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=t02Z2s/IO5AlJtMOeDa0XCsHTEiJslPbDnMNUED9agI=; b=MEHQ5VW2fX7775PlEzvxcHhaG4sw9F4yu/+/IPq8NoN5SONRySKmk7MJRYbqm6t0NkQhrJrXepNNALYesOsAIzlOjU3kv3fsbF5etGOPoEbsRKq9zIH029cSDQ54TOxRtPW6+6caWSWOwQpQsnp3trgIxKVm6M2dxh+1f9es5SqPSZoWK9m0IUR/k+Hq5LDnFZBY44yHWyCtFqvng/Fh3LWAYFFFl/8SwiU2pWw0orJ1ycIpUlEzdr0hQS5X6h/K1DBCECt9uIfh6dRO/eqB/Zet2ih2z17lf7S8u2S5gS+hrwdrCfLjaTP08SGyPnnNfl8ZjgiAKH46kC46YOPz2Q==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ncsc.gov.uk; dmarc=pass action=none header.from=ncsc.gov.uk; dkim=pass header.d=ncsc.gov.uk; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ncsc.gov.uk; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=t02Z2s/IO5AlJtMOeDa0XCsHTEiJslPbDnMNUED9agI=; b=Q7NSs5VyOof8JoXsbinIE5emwaurT4iIC3ekLYqXRYKaSzAq37TgsPQVVHg/tnEBdbqMyerjlhtdvHH6V1ZXWPH21bl4HL5Eab4ILfV9bKtbq7wJLbLuF4+kI7MO2urDhXoTL913JxLe8a9fZKl4iegMzc///6XLeskQ4dpI/abY3tkw/E7QrJ8wvE4No3GU9VUfv8YrtzWm5X2QxjODfFbLyPsirZKPDQCKGFi17bhzDECmXmDppX2LiRUGTVnsmB+7runUrFm+PvPprqQ2n4+TBIy6vdwPRhfoy7UomgFLonOSsd/SA5iwLtYOBuqPgpF4YYqT4NiFJfV7wcaFaQ==
Received: from LO0P123MB4041.GBRP123.PROD.OUTLOOK.COM (2603:10a6:600:181::5) by LO0P123MB7022.GBRP123.PROD.OUTLOOK.COM (2603:10a6:600:331::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6411.19; Thu, 18 May 2023 10:46:20 +0000
Received: from LO0P123MB4041.GBRP123.PROD.OUTLOOK.COM ([fe80::a01d:2d3d:e1f9:422d]) by LO0P123MB4041.GBRP123.PROD.OUTLOOK.COM ([fe80::a01d:2d3d:e1f9:422d%7]) with mapi id 15.20.6411.017; Thu, 18 May 2023 10:46:20 +0000
From: Florence D <Florence.D@ncsc.gov.uk>
To: pqc <pqc@ietf.org>, Wang Guilin <Wang.Guilin@huawei.com>
Thread-Topic: [Pqc] PQ/T Hybrid Terminology - Basic Definitions
Thread-Index: Adl4PwXolbEl8tk7T0mNbkMAAgMnTwBkX5+gAGoDgaoDflUx0A==
Date: Thu, 18 May 2023 10:46:20 +0000
Message-ID: <LO0P123MB40410ED6B52ACCF43212A45CD77F9@LO0P123MB4041.GBRP123.PROD.OUTLOOK.COM>
References: <LO0P123MB40417B033A85D751F708A9DED7659@LO0P123MB4041.GBRP123.PROD.OUTLOOK.COM>, <CH0PR11MB573955F4F825A9EBE47715A29F6B9@CH0PR11MB5739.namprd11.prod.outlook.com> 19929C03-3913-466B-9A09-DB5590552482
In-Reply-To: 19929C03-3913-466B-9A09-DB5590552482
Accept-Language: en-GB, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=ncsc.gov.uk;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: LO0P123MB4041:EE_|LO0P123MB7022:EE_
x-ms-office365-filtering-correlation-id: ae417ace-7b6b-4314-4008-08db578d1ddb
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: hUFOPkj4k19w7UBtseTLYLD0KcUlNLO1XNOCLl2LoVWZsoth1s/WjKETcSUYopDvxvaV40wQ60+rR9fqsH6cpSBDrSvTXJvMstZCCZoRY8EUmeVavYqxLR/TAUbOHY4aGcIwOjO9NGD4UeNlobnAWW7pi9e+3DIOGqGgP/xQ4+ajbl9tM0vjWpiq8Sht+HZ5DwD4MGCAlHylx4g5hIuJK/g2HNGMye9cNcD3ycfw1xlEEx5BtacN/1372k2OUsoACiaVCGfGK+9Bq3aa7vK/NiXwuPUvaDs5Hs+6WYJsBsQeWo386v6ymt4vN0XL1G9PKlUlaV/usMiB8LdNztL8BNmYUnkgc3EVCO2dmRiJ0EEQ23BxiePlUfb9D/HVqz03Z4Dqh1Y9/xEgBG+PiZIYOVl3eg/mmJ5SsdTBmQaSwYVWk15vkZKEyLVdhq8tbs/BhP1EYuSNEi71d2UnspYCA6WjrqSj4M/TEQnaRXH3ZsRLPNtYd2s7XicPTHB7lmOA39ElhypftGh0KjGfIMaDsDkmfd81e2S3RftvyPcWEy43RcsNeYrAUbAmPFaVGlO4kkRdmLklT4Z8qb84UuPcSIJKPms7vLViiCtgdYT4qEyLOps1/64bvfT4SYsTflvT
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:LO0P123MB4041.GBRP123.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(13230028)(4636009)(136003)(366004)(376002)(396003)(346002)(39860400002)(451199021)(66446008)(66476007)(66556008)(7696005)(64756008)(66946007)(110136005)(76116006)(53546011)(316002)(478600001)(66899021)(41300700001)(71200400001)(5660300002)(186003)(33656002)(8936002)(26005)(52536014)(55016003)(6506007)(9686003)(8676002)(83380400001)(2906002)(38100700002)(38070700005)(82960400001)(86362001)(122000001); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: 2G3WuAeLxIxP1txBPKFAM3UFWZewZoe70Y+W9uk0uueUg/rti4kSLYKDX24fMiMSpRzDwyHazcUJtO8r8KTfcOH4DH+U/he8+KdgjHwZGL8AMutZsdzSOZdzzXBErkxHqdDobFM4n5GMwaE9CX5UB3JicNTmwCTeFwC+NdGTYZ/F4QERa1EKElMjC40Qbf8iU4ENRhGHelbuz3oFzQ/qlvJSUW9Zx1gNFm47lti4nLzZM7zPYI7GabRBDosJ4cDHiG9GzSOU/v0sjv88Qy57jBdwyLc8UFhYfL7pB1gShgoSjV8drBPGKQQKM/5svlU2uOEuu1miCXhFRAL8y0MtT28cN9UTIeQ0x/10XlpMPhTqzhc6iW4EK7N9Z7RxBy3Vd4W7hCWI9Q96rsYKvUzaJFZtSsS+IWeZiZ0/SsYIKWNVhMAdza/pnH322LAlMrT5NxVcTS6dXpkQa6ZZYHIz41Xb6ZHb+eDlkXuXXRHOCXM/9YZb7X2rn11zX7c4UxPlzB1A4rtL0ZUMv6AK5QWm90N3nBCRf4/18lcitaRcxkKw1pvlGsXCDjqtoap063iQ8ReLn6zgu0o6wPaVxxB06ronx499vhy4M91Mz0WK5IdJBZEsVkb3bZk3PuWvDpPtju9m+ar4+O9EiItNbh+uY0crdjGNALyD+tHxPK4Jc6sAOgApdK3gaBKgmOu+BxHRNUsicBciXL4XvSWbA0cqD/l+DqZCvdPDcWSK4RlYOw8tvMIUvUPU2JWsngaX5UEGTVbljVSQLsL+GLd2ezQq5o3ELIARIhRRlydtCzjfWY0YJTQyCT+NFUzSuqRCW95uDC9iUDU/JCIJ6mBYIkZ444a9106UqS/HZTi0mLdrx3fSgNP7JWKpCQ3qqJN7H3e16BnWLevHpXdJh6cDIhVCE1QPd2FDZ08rHqaLpres2NihL4phwPcUc7nIkdYcFl4QQ+uiSmAw9a2HT/Lp3ScLN5/ClY7MmUaS8+pQnQcAVI2Q0eo+tgQho3XUDXxxJLyV0uEC7FKGqKUP4DbjLWcMwiWSfEJk5u8VLViuFTT0ptBHQqb+TT2HLWP99PI+K78YjMwxy4APdo//u5mqCONu5dfN9WYhcw5lJKb3y++XQDXKFRlxDeuQrP3r0TyBNGdK+/ajuSpJFi15KD/T1GEP4SLIvO/C2LJ7VCRQJKjpYHIn8galBoYg9qXVbr5hMHbx38GWVWr7j5MDNEjo5ZZGe+5mtcbSp88fXPMDXyUjupdaF/zzaWwdTdgeoT744F/CW0d2MHW2tsXJmPttpLQgwVFPrAv1gYZntIfsOXyKGDwTRGaj5rO8L1KygMqlb+R2egsHZ2w9eM1IhZA9+KGPpLRXO8Snckpyj1Ch7hts1b0K90lJvSamUyyBgYsBQE0uhHNEWyrpaJOBtgOVjEdNNe0d6E3egyLqJ9LVgCRxmado6ZbrX2sCQR3UsJPFlW1pMF/pogpojY8fgKpRSCoIwLhZNaBIPcHyRJowwseL2mKvSfDKFMK5h6wjh4ppYAZhjQa6FlAlDrY8EvPzPn0k39idMAlhGtf4tei25eLyYdJ2jlmy4USEXc3WxcJYOuIx
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: ncsc.gov.uk
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: LO0P123MB4041.GBRP123.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: ae417ace-7b6b-4314-4008-08db578d1ddb
X-MS-Exchange-CrossTenant-originalarrivaltime: 18 May 2023 10:46:20.5681 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 14aa5744-ece1-474e-a2d7-34f46dda64a1
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: cW/dslmGjVxLedVM1kxMIYpFxjty34QutDAvR34Sam1Aosdv088qsJ75vzlKe/KkSX3DFsrXAACuPRKP8Uo4X6p05AKWKRq4BLOJnD0SvsI=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: LO0P123MB7022
Archived-At: <https://mailarchive.ietf.org/arch/msg/pqc/8e_PuDxPYze-uKmMAVFZFjTOjsM>
Subject: Re: [Pqc] PQ/T Hybrid Terminology - Basic Definitions
X-BeenThere: pqc@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Post Quantum Cryptography discussion list <pqc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pqc>, <mailto:pqc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/pqc/>
List-Post: <mailto:pqc@ietf.org>
List-Help: <mailto:pqc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pqc>, <mailto:pqc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 18 May 2023 10:46:29 -0000
Hi Guilin, Thank you very much for your comments, they were very helpful. I'll respond to both this email and your next one here to keep things together. Picking up on your points one by one: * Defining Traditional Cryptographic Algorithm rather than Traditional Algorithm sounds fine to me. This does mean that we'll have a different convention for traditional and post-quantum algorithms, but I don't think that's a problem as the meaning of "Post-Quantum Algorithm" is already well understood. * On expanding out the definition for traditional cryptographic algorithms to include those which are not based on integer factorisation or the discrete-log problem, do you have specific exclusions in mind here? I understand the desire not to unnecessarily constrain ourselves, but I also want to ensure that we're being as precise as we can, so it would be helpful to know what you're thinking of to motivate this change. * On multi-algorithm schemes (from your other email) - I agree that the note may be too restrictive. What I was aiming to get at was the idea that a scheme that includes e.g. a single signature and a single hash, is not a hybrid scheme because it includes multiple algorithms. However, I think the current wording may be too strong, and I didn't intend to exclude the examples you give. What do you think about: Multi-Algorithm Scheme: A cryptographic scheme which incorporates more than one component algorithm to achieve the same cryptographic outcome. For example, a multi-algorithm scheme may include multiple signature algorithms or multiple Public Key Encryption (PKE) algorithms. Component algorithms could be all traditional, all post-quantum or a mixture of the two. * On including a definition of hybrid scheme more generally, I don't think that this adds much given that the scope of the document is restricted to PQ/T Hybrid Schemes. With the change to the multi-algorithm scheme described above (or something similar), is a further definition necessary? Thank you again for your comments and for what I hope will be an interesting discussion, Flo Florence D UK National Cyber Security Centre From: Pqc <pqc-bounces@ietf.org> On Behalf Of Wang Guilin Sent: Sunday, April 30, 2023 4:30 PM To: Mike Ounsworth <Mike.Ounsworth=40entrust.com@dmarc.ietf.org>; Florence D <Florence.D=40ncsc.gov.uk@dmarc.ietf.org>; pqc <pqc@ietf.org> Cc: Wang Guilin <Wang.Guilin@huawei.com> Subject: Re: [Pqc] PQ/T Hybrid Terminology - Basic Definitions Hi, Florence, Basically, I supports your choices for the 3 terms listed and the reasons why to select them. However, here are some comments on the first term, i.e., Traditional Algorithm. 1a) For a proper definition, Traditional Algorithm looks too general. In my opinion, it is better to define "Traditional Cryptographic Algorithm" rather than "Traditional Algorithm", though a note can be given to say that for short, "Traditional Cryptographic Algorithm" is also called "Traditional Algorithm". 1b) It is better to define "Traditional Cryptographic Algorithm/Traditional Algorithm" in a general way, similar as what has been done to the definition for "Post-Quantum Algorithm", rather than giving a list of limited algorithms. 1c) It seems not a good idea to (implicitly) say that RSA, DLP, EC-DLP based algoritms are the only traditional algorithms. In academic research, there are huge of cryptographic algorithms which were designed not to resist PQ attacks. So, these algorithms should also be classified as Traditional (Cryptographic) Algorithms, but they may be or may be not related to the above hard problems. In a summary, in my opinion, a better definition for 1 could be something like the following: ======== 1. Traditional (Cryotographic) Algorithm: An asymmetric cryptographic algorithm that is believed to be secure against classic computers and not secure against quantum computers. For short, we call a traditional cryotographic algorithm as a taditional algorithm. Examples of traditional algorithms inlcude the cryptographic algorithms based on integer factorisation, finite field discrete logarithms or elliptic curve discrete logarithms. These are also the representatives of current standardized asymmetric algorithms (say, ...). However, due to the discovery of Shor algorithmb in 1994, all of these algorithms are potentially broken under quantum attacks. ... ======== Cheers, Guilin ________________________________________ Wang Guilin Mobile: +65-86920345 Email: Wang.Guilin@huawei.com From:Mike Ounsworth <Mike.Ounsworth=40entrust.com@dmarc.ietf.org> To:Florence D <Florence.D=40ncsc.gov.uk@dmarc.ietf.org>;pqc <pqc@ietf.org> Date:2023-04-28 21:02:00 Subject:Re: [Pqc] PQ/T Hybrid Terminology - Basic Definitions Thanks Flo! I'll add a meta-point about 3: I like "thing1 / thing2 hybrid" because it extends nicely to other things: I can talk about a "PQ/PQ hybrid", or a "PSK/Traditional hybrid", or a "PQ/QKD hybrid" and the meaning is clear. It's a nice qualification and disambiguation of the word "hybrid" which by itself can mean many different things within cryptography. --- Mike Ounsworth -----Original Message----- From: Pqc <mailto:pqc-bounces@ietf.org> On Behalf Of Florence D Sent: Wednesday, April 26, 2023 9:14 AM To: mailto:pqc@ietf.org Subject: [EXTERNAL] [Pqc] PQ/T Hybrid Terminology - Basic Definitions WARNING: This email originated outside of Entrust. DO NOT CLICK links or attachments unless you trust the sender and know the content is safe. ______________________________________________________________________ Hi PQUIP and friends, At the PQUIP meeting at IETF 116 I committed to summarising the discussion on algorithm type naming that happened on the mailing list back in March [1]. The email aims to do that, as well as to provide some justification for the choices made in the draft at the moment. The aim here is to come to some consensus on the base level definitions/names in this draft, allowing us to use this terminology to build from there. I'll focus on the following definitions: 1. Traditional Algorithm: An asymmetric cryptographic algorithm based on integer factorisation, finite field discrete logarithms or elliptic curve discrete logarithms 2. Post-Quantum Algorithm: An asymmetric cryptographic algorithm that is believed to be secure against quantum computers as well as classical computers. 3. Post-Quantum/Traditional (PQ/T) Hybrid Scheme: A cryptographic scheme made up of two or more component algorithms where at least one is a post-quantum algorithm and at least one is a traditional algorithm. Taking these one at a time: 1. Traditional Algorithm - Alternative words that have been suggested are classical, conventional, pre-quantum, vintage, quantum-vulnerable. Others have suggested alternatives that describe the mathematical problems that these algorithms are based on e.g., discrete-log or integer-factorisation based. - The current version uses "traditional", rather than another word, for these reasons: a. It doesn't begin with "C" or "PQ" so can form a helpful and non-confusing acronym. Conventional/classical seem non-ideal because PQC is already taken as an acronym. b. Classical describes a type of computer, and PQ algorithms are run on classical computers. c. It is a single word and is not too long or technical. I think this is important if we want the terminology to be used. d. It doesn't suggest that these types of algorithms are already insecure before the existence of a CRQC (as e.g., vintage might). - Arguments against "traditional" include: a. In the long term we might expect PQ algorithms to become "traditional", so this may not age well. b. Traditional is one of the words highlighted as potentially biased in NIST's inclusive language guidance [2]. I believe that the usage in this document is sufficiently different to the example in the NIST guidance that it is reasonable to use the word here, but it is worth taking into consideration. 2. Post-Quantum Algorithm - Alternative words: quantum-safe, quantum-resistant. - The current version uses "post-quantum" for these reasons: a. It is currently the most widely used term for this algorithm type. b. Quantum-safe and quantum-resistant suggest properties of the security achieved by the algorithms, rather than the security goals of the algorithm. For example, SIKE is a post-quantum algorithm, but calling it a quantum-safe algorithm is (at best) highly misleading. c. Quantum-safe has previously been used to include both PQC and QKD (e.g. by ETSI). 3. PQ/T Hybrid Scheme - Obviously this decision depends on 1. and 2. above. - I am currently using PQ/T hybrid scheme for this concept because I believe it does a good job of describing the components, giving a technical reader who hasn't read this document has a good chance of understanding the meaning. - There was previously discussion on this thread about including a forward slash in the name [3], which suggested that the group preferred some separation between the two algorithm types. This does raise a question about if you pronounce the slash (I think no...). If you have alternative suggestions for 1,2 and 3 which have fewer compromises than what we've got so far then I'd be very keen to hear them, please do post to the list or email me directly if you'd prefer. Also, if you'd like to add any more pros/cons to this discussion please do reply. Flo
- [Pqc] PQ/T Hybrid Terminology - Basic Definitions Florence D
- Re: [Pqc] PQ/T Hybrid Terminology - Basic Definit… Mike Ounsworth
- Re: [Pqc] PQ/T Hybrid Terminology - Basic Definit… Wang Guilin
- Re: [Pqc] PQ/T Hybrid Terminology - Basic Definit… Florence D