IETF Logo Mail Archive

[TLS] Re: [EXT] Re: I-D Action: draft-ietf-tls-mlkem-00.txt

"Blumenthal, Uri - 0553 - MITLL" <uri@ll.mit.edu> Wed, 16 April 2025 18:29 UTC

Return-Path: <prvs=8201e787f1=uri@ll.mit.edu>
X-Original-To: tls@mail2.ietf.org
Delivered-To: tls@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id 4072D1D36242 for <tls@mail2.ietf.org>; Wed, 16 Apr 2025 11:29:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -2.597
X-Spam-Level:
X-Spam-Status: No, score=-2.597 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GZL0OY8LxZkA for <tls@mail2.ietf.org>; Wed, 16 Apr 2025 11:29:37 -0700 (PDT)
Received: from MX3.LL.MIT.EDU (mx3.ll.mit.edu [129.55.12.52]) by mail2.ietf.org (Postfix) with ESMTP id 7E1041D36232 for <tls@ietf.org>; Wed, 16 Apr 2025 11:29:37 -0700 (PDT)
Received: from LLEX2019-03.mitll.ad.local (llex2019-03.mitll.ad.local [172.25.4.99] (may be forged)) by MX3.LL.MIT.EDU (8.18.1.2/8.18.1.2) with ESMTPS id 53GIRNME243598 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=FAIL); Wed, 16 Apr 2025 14:27:26 -0400
ARC-Seal: i=1; a=rsa-sha256; s=arcselector5401; d=microsoft.com; cv=none; b=wwo6Qv5BEFn9FsWA4fuf8dyMO3ZirTsW59vY34v3tsO/PO56AaNiS3lt7sUUrzQ0XuCjYw0fq+9iXy+FdgW01MqVZttjfiwWMU2z0QnD8V20GTlfsEBOG/vmrXwR6EqvaJ+R0a2f//OKOhFPmxu0rzMvfYJo3xc4TeoC2RnQZBuYi9SVCKK4xY0H6NsyMxYufJAcosISRsOB6eTGCSAIStVnkQ1jG7eW2lS0xTkVsUOi0ZBh/3QV9OXDvhFExUaX/hgN3/xVYVGBR3NwM1VnY31grIBWQtolC7f3q0QYrJyX8lY9DDkXioFjypjgFlh+bufDxrbVScC6//UnerCFTg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector5401; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=3AWDBFIGSZGKciaRIulvJvh3oEwj+fK4qNtQrm4lGoU=; b=Q8BS+xayOocQ9fFHGxUl51MEsbEi5iy2VpRashAC8llgCg9uM/S4TihqyG+BccNnTq9fU5OZ5b13B4y34rbQZXixJSMgZNru6v9Dxu5B9cfZaKrPttHM5/Ptb9dcpSxUAA5hJcLD1yWqQWAs+PaQ+aQMaVB9NNUKXF8VriDK9wOSTFgmBiow7u4FmQ2EAh8Y8lFICygpz4+fI1eYT3o8zsa66WYhMDU9PJXvuP8ReouuxhMpFqGlNOm9Xd67ixXyiJ4GQ4CZJWuZc9sTV+KJwXa4fgZpJGax6nwoXCeEHotZBZ8hpo9C/pFCZo8GjNKA4seuAlDfpUyT1HlZfnpglw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ll.mit.edu; dmarc=pass action=none header.from=ll.mit.edu; dkim=pass header.d=ll.mit.edu; arc=none
From: "Blumenthal, Uri - 0553 - MITLL" <uri@ll.mit.edu>
To: Paul Wouters <paul@nohats.ca>
Thread-Topic: [TLS] Re: [EXT] Re: I-D Action: draft-ietf-tls-mlkem-00.txt
Thread-Index: AQHbrvvO+LN+WvTt+ky/G4kmwdB18bOmm2p/
Date: Wed, 16 Apr 2025 18:29:34 +0000
Message-ID: <BN0P110MB1419006E9824BF8D9FCA69DE90BDA@BN0P110MB1419.NAMP110.PROD.OUTLOOK.COM>
References: <174482144256.1417643.12778721014959621161@dt-datatracker-64c5c9b5f9-hz6qg> <CAOp4FwR=RGrWiyVZ392a4myf_FeEGtHME7fOok31b0oeeMQ1Fw@mail.gmail.com> <BN0P110MB1419C6B51D12BF8F3418280190BDA@BN0P110MB1419.NAMP110.PROD.OUTLOOK.COM> <c941fc96-2e51-5591-a14e-eb63ababfa2a@nohats.ca>
In-Reply-To: <c941fc96-2e51-5591-a14e-eb63ababfa2a@nohats.ca>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-ms-reactions: allow
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: BN0P110MB1419:EE_|BN0P110MB1561:EE_
x-ms-office365-filtering-correlation-id: 9cc4be5f-ee06-408a-2040-08dd7d14a304
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;ARA:13230040|366016|1800799024|38070700018|8096899003|13003099007|4053099003;
x-microsoft-antispam-message-info: MkcJpPvjkU16zEtvPey76ky6gXS0IESoi41tl17EBXBnHEECDCJP4e+tix2SR8cddMllAPrWWyaWiy/xpoS+zWvXd8Rlh/PIE1UeGVEdFN755i1pnce1f1Bxduq2I1kzUzpRWlslFqk3uRuskpqPG4o/pWZJPC0TzIiqmR1CMhk2thp0DBxICQRiAmWwf4gXptPjvXRsvLVaQhfZ3bUyOSgT2mbTZB6pjI9JToMMh3eOx1i+E5BKlq7KQKQ1WiVS64sjXLrI6KudokvUxcGX0xAo13sgq5LTRmE371j96CxR1W4XW52uAzp0UI+dWFEmnjpayUnTEOMBaRcC171/GP2C9UWvGTfNX5tns10sqR1enBZr3OTTa83+THGktNmMFI6C6zQEyBlzurEcPNKzIcnrrP0Nbng//CYR/snujC6WwP/hVPdm8W6JKLXMjrE9yuWsTTkAVSE87EOn5fONBoOy1iA9XbIlw7WvftBPMY43XhpycbJB0i7WRgwMMHSDOfpXyvJucMuoO9y4RhQ3oPZ9DmOmc81ov7yxPi2WOtB3Fa47Vwa9mATmbUvLXAfndIr5e48GUHuyvYmyhSZa15D+aZsTBAB4bfz975wGOeHV9hMpHYlrkMs9d41pAMtgLOvPIudd0fYBAmMuJV+aY46xmPaMLjcssWfY4GLboBBwIq8DU2b8fmFIG3G9p5tM4OrJ+OwJUmHllwGkHwEFPgZ4lDcMMZJeHCul2pUWKFbgywQel3yGHW/UbvWPyeYB2XczBp6JdhvnHcHVBPlxmmwn5MjyVV90aPYDyiLeybI2DOJdi/JoFpHrnfSpIo0D39dgLqAsNLkhYLwp3lDFXZPF/jKTJcBsyOrrBZZNoa8+GoXohPrcoz38CnzetZgKef+MQ3YBucvt6p4j0T0Tel2WwW5ibtPsUGiib2My4R59WxVki201efWBKhGbcRypO5NYm5pv2gJ1z8BQJuFVNHX3B2u21mvgUs6aaSuMlYcKKCjkdT2/PYy6YGUYfO+ePLtr1qEpUatp6ggJdyEkmG7pbQxPkupY/GkSGXoJ5818SzTZBYjdG5r18ORY7EzZx9cfb0fhb6/Y5oLs/1TpLK2hItj6zOF+lCE9S78lEAE4rciSc/cyttEGzT0Ubhb5pC3vWy68APa2stvRQJZ1XfQdQMH9jECTZF0GrOtXnMU3fGMIr65QlEKgx3Ga4taAGOXM/d+wo0mKy9BiEonP+48zTQ1BbzajW7CVG0JCr5mj8C6jcKy56nAkooj1AIwgN/3k2xGEwgQTqF6Ri71gWvWq4srJTu31jBKwKqudPckWqCJOHJXxWOf3C8N0WxLlBdGrdG4vpRPZQmInHsaEGiEgvHfrDpfstL7r3WZR5812XE5JAw1XmLRJNEhl/1rLYLJXTyguGLb4ETjq72LBv8cKWBt19xDKNgxeMqAH/+w=
x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:BN0P110MB1419.NAMP110.PROD.OUTLOOK.COM;PTR:;CAT:NONE;SFS:(13230040)(366016)(1800799024)(38070700018)(8096899003)(13003099007)(4053099003);DIR:OUT;SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: sd2frAcnApo5leRgbWcR4YsA63TxybJWy5uNpgIy72FPMsl7KqWbsbqcSlpTopI2uMSyJwkFFrDhvG9hoUXoiXCA1fn1Rm6Q4sGsEvZSxhiY0s2e77WIaNMv75ffYlSzdL8pA0ALGrOGGZnuEasm1fgFn+EHFqiamhXyqn+ayGGv4trtngyh/O7WUMdj3osxJF4sYb7OTBqHwaeFahqVVwl0E5k6nyXGAGjyv/o+vcmTEARyz9QcBVyQLg3/F45mZEt8K/eSBfqqN4QHT1wpgt4WiyVfZvvidl3AqbDq4vXaJk2AgxRhQ/8PpK/hIVulU9GShwIVIw3dvBLKi+1yTCsmUA4ehkIlqMHAIzhX19sVL36kmWcq97WYDyG3nDVd/nMNL3NNsvDAExBFcRSVROOV1+IH6C/0/CPssGtRBi24sX3lf8BKIMD7b9goxTr6BbHnjQRLyPfvWmbQB0iF7zVIBbOFlKMuDj96EYB1Co9UdFZA2LH0Zu2NoJipaj2x18idvwBP3YEME89m26YhDkmPz/Ob/lLaeNBzXHwxkyUyy+5ms0CouO9wekpmtcjTTfd93Sst8H0D1h868sZotxZSokmmhYVTNx2/+2wu/og3IDNy3nVzh44bVjS5/MyIwDPWSqcrU8PQJ8uTOU8cZyQ7qYncsk0CqLiC7kAHmZgrkLyw48aGwMoPxww1eRV/zkDkfhNA2HbVUS4yAWwj/gezE9PEAanRwdcD3hHEdwZ0ujyZ5sttwAXokXRyih0LqeUT7/A8k9qp6+EfPD1DVrOJvea6oADTizw0kU+oiA+erLRicZpjQV//9YteKUENT1sXKAq+gKJgn2e8oy8uLDIE5nyqDpzvc5mcTSOxYcRTI2nG/jwHs5p4UYxH5YRZ+DsVZ2ur2i18aKSnqrsDA1DxAvybSwU400kz4WfcFY96joXD8LDEvJiPeHtG1TLYKPdPDA52e0wypZVmcpiEAf/POdW45z5e5QPkhhiowOYxzxrupB/DiA3imMdJpo6AKBONx0y7jh8OVDmYiD4wLsRCuD02RYLHyBXlrK73posoP3ug/ckUvtd47djcgRU09ZhRWSXO6dvhpcLxbDz3rRzmAYNtUL/cNuwlEkLFwi0wTGGCT8IKc1IH2mBULZhuYQAQz50Z3qTU0oU3ZWfPaqoId6QuIIoNVg+L9MiBGHzEh5ka7yrIw13eBaDVDfNzgyBaAHi7NQN+YGbzsghtG9bc0rq96rE5gjbCoQxWP+ItZ1MZ/YOZdCIHQDjT+PbmnG5CB1Br89fcLE/lNyAZcum89zF6mJ+zmYLTxB9iUpYSnOmkHlUCRZusy5xERDGZ/VCLW77+19gCKG8iJeD/38Q7rx5XjirESm937zjkc0pgKTkBxgB0cDs+MXJ1tiIOJJkmmx72wYIhU/XyhthOYQXwlJTGT7XDdVkjXSvVTGTNnU6sMkH940P6OMf+vlzWDM5KqK/NGCLXylhr8dFl7DovOTSwCkJbpGuiUwi4i06NwdhLvpgAMewHifMqHh8R
Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg="sha256"; boundary="_9BC06EE7-3F3D-C341-B0F6-2C233862E2FC_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: BN0P110MB1419.NAMP110.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: 9cc4be5f-ee06-408a-2040-08dd7d14a304
X-MS-Exchange-CrossTenant-originalarrivaltime: 16 Apr 2025 18:29:34.3662 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 83d1efe3-698e-4819-911b-0a8fbe79d01c
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN0P110MB1561
X-Proofpoint-ORIG-GUID: kN5uKMM8MgYJ0eJXaLzUnrubKwFB_0wF
X-Proofpoint-GUID: kN5uKMM8MgYJ0eJXaLzUnrubKwFB_0wF
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1095,Hydra:6.0.680,FMLib:17.12.68.34 definitions=2025-04-16_06,2025-04-15_01,2024-11-22_01
X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 bulkscore=0 mlxlogscore=999 mlxscore=0 adultscore=0 suspectscore=0 spamscore=0 phishscore=0 malwarescore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2502280000 definitions=main-2504160148
Message-ID-Hash: 2RABHWM54A6K3BOPLQLWC5ZRN6R6HMRG
X-Message-ID-Hash: 2RABHWM54A6K3BOPLQLWC5ZRN6R6HMRG
X-MailFrom: prvs=8201e787f1=uri@ll.mit.edu
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-tls.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: "tls@ietf.org" <tls@ietf.org>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [TLS] Re: [EXT] Re: I-D Action: draft-ietf-tls-mlkem-00.txt
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/8_330kjXrW59Y84cqL95JiwwXQg>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Owner: <mailto:tls-owner@ietf.org>
List-Post: <mailto:tls@ietf.org>
List-Subscribe: <mailto:tls-join@ietf.org>
List-Unsubscribe: <mailto:tls-leave@ietf.org>

> Sure. On the same note – how do we know that there will be no new research findings about ECC? (Besides the fact that once CRQC is built, it becomes useless.)

Not useless. It would still be a good anti-ddos / cookies technique until each phone is a CRQC. 

The truth is probably somewhere in the middle – ratio of the desired/desirable targets to available CRQCs. I.e., IMHO, ECC will outlive its usefulness rather before “each phone is a CRQC”, but not immediately after MSS or NSA build their first one. 

Especially if you do an ECC exchange before a PQ exchange like a Classic McEliece. This is
what the Additional KE (RFC9370) facilitates for IKEv2: https://datatracker.ietf.org/doc/rfc9370/ <https://datatracker.ietf.org/doc/rfc9370/> 

Yes, I know – we do the same (though for different reasons 😉). 

Thanks

v2.39.1 | Report a Bug | By Email | System Status