IETF Logo Mail Archive

[TLS] Re: [EXT] Re: [EXTERNAL] Re: Working Group Last Call for Post-quantum Hybrid ECDHE-MLKEM Key Agreement for TLSv1.3

"Bellebaum, Thomas" <thomas.bellebaum@aisec.fraunhofer.de> Mon, 13 October 2025 10:57 UTC

Return-Path: <thomas.bellebaum@aisec.fraunhofer.de>
X-Original-To: tls@mail2.ietf.org
Delivered-To: tls@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id 6EA58725F1D7 for <tls@mail2.ietf.org>; Mon, 13 Oct 2025 03:57:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -4.297
X-Spam-Level:
X-Spam-Status: No, score=-4.297 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H5=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=aisec.fraunhofer.de header.b="Tx3rg3ke"; dkim=pass (1024-bit key) header.d=fraunhofer.onmicrosoft.com header.b="l6omvRzs"
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NdN1UTkVswst for <tls@mail2.ietf.org>; Mon, 13 Oct 2025 03:57:51 -0700 (PDT)
Received: from mail-edgeMUC221.fraunhofer.de (mail-edgemuc221.fraunhofer.de [192.102.154.221]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id F17DD725F1C9 for <tls@ietf.org>; Mon, 13 Oct 2025 03:57:50 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=aisec.fraunhofer.de; i=@aisec.fraunhofer.de; q=dns/txt; s=emailbd1; t=1760353071; x=1791889071; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=LxhHgYBVvGYF3F0dyR56ZxaNMz/oZkHvBZiKuvN2Re0=; b=Tx3rg3keO/njSAea6IjewLf6qy+UrnaCespd8nCqhpNzMbTgo4eOZHBs 10GDfUhN99+SQIWgHJHTThjp4tebDSndN0ZonTmdvTHSh7ACn++zhfpQt 2d9g8NvhM4uEO7z2x9p7XRKCURqQkzi2nXUAHoakCFWfAYH5i6to9REbC EOnHcvblqmRhDnz74jAtpeJGry/1y2t0wPAkK0g5Rm51sCy6JS5vTHPJ6 ub15tXYiLFsG/NKcb9OYzDdod45iBHoqb4JsvBfwnBLrFVPJaxzO8kQwa rEqhUtU28LnOFN19pq7jPHaDkHbLysPaSEOGJM6L1t7BHDZvBLuzknDCY Q==;
X-CSE-ConnectionGUID: D7KX7cnHTpiU+gsuG9wv3A==
X-CSE-MsgGUID: fKwN6qA7QUGU8HCxP7XFUw==
Authentication-Results: mail-edgeMUC221.fraunhofer.de; dkim=pass (signature verified) header.i=@fraunhofer.onmicrosoft.com
X-ThreatScanner-Verdict: Negative
X-IPAS-Result: A2HnEwCWRZ5o/22jZsBaDg4BAQE8AQEEBAEBAgEBBwEBgWgCgj5AAT8uJ4EQhFWRcQOCPQGaMYJQAy4pCAcBAQEBAQEBAQEEAwEBFAIDDg0dBAEBAwEDQ4Q9AowlJzcGDgEBAQEDAQEBAQECBQEBAQEBAQEBAQEBCwEBBgECAQEBBAgBAoEdhglGDYJbgScFdDACAQEBAQEBAQEBAQEBHQIPJgwqAR8BBAEdBh0BATcBBAsCAQg7BwICAi8lAgQBDROCdYIjBBIDDhISFAaxWYEygQGCDAEBBtspGIJABwkJAYE/AYFXgiWBBoNOAYFbEoMMcgGCRIEUgR+CDEOBFTWCRDE+gkqBMYQjgmmDPJJWBIdhUoEUA1ksAVUTFwsHBYEgEDMDIAo0FRwCFA0iDxoFLR1zDCgSa4Qbg01bK0+CInWBAXZBGT+DUx4Gaw8GgRUZHi0CAgIFAkM+gV0XBh4GIBICAgICAoEDQAMLbT03Bg4bkhwSIUeBWYI3ElqBOYE8HQMyJscCAwQDgjWBZ4ZdgzOCDpVTM4VbkgWTC4NylRQijWaVNIVaAgQCBAUCEAiBfmCBIHGDNglJGQ+OX4NCM48Bo2x4AjoCBwEKAQEDCZF7I4FLAQE
IronPort-PHdr: A9a23:tae+mhQ6dEOXvOhAPDiZlUVx2tpsohGbAWYlg6HPa5pwe6iut67vI FbYra00ygOSBsODsLkd17CO6+jJYi8p39WoiDg6aptCVhsI2409vjcLJ4qoL3O+B9PRKxIAI cJZSVV+9Gu6O0UGUOz3ZlnVv2HgpWVKQka3OgV6PPn6FZDPhMqrye+y54fTYwJVjzahfL9+N hq7oAvfu8UMnYdvJKk9xgbGr3dWZ+ha2X5jKE6OkRr7+sq/85lv/jhKtfk87cBAS6L6f6o5T bxcEjsrNn0+6dPouxfeUwaB/2MQXGoOnBVHGgTI8h70UIrpviT1quRy1i+aPdbrTb8vQjSt8 71rSB7zhygZMTMy7XzahdZxjKJfpxKhugB/zovJa4ybKPZyYqXQds4cSGFcXMheSjZBD5u8Y YUREecPIPpYoYf+qVsArxSxGQajCfjgyjNUnHL7x7E23/gjHAzAwQcuH8gOsHPRrNjtOqsfT P66zK3MzTrddPxZwyr96I3NfRw5vPqCQ7Jwcc3UyUY1DAPJgEibpIv5PzOV0eQNtnKU7/F6W e20lWEnrwVxrSa0ycg2l4nJg5kYxUrF9SVi3ok6Oce0SEBhYdG+DZtQsSGaN4x4Qsw8WWFko js1xaMftJO9YSMFx4gpyQTFZPybb4iH/AjjVOCJLDp8i39ofK+zigu9/0Wi1+DwS8a53VhIo ydBltTCtnMA2wLN58WDVvZw+lmt1SuN2gzN5e9KLl45mKvVJpMvwbM9kIcYv0fbHiLuhUn7i LGael859uS09ejreKjqq56SOoNulw3yLqAjltShDek5LgQDUW2W9fmg2LL5/ED0RahFguA1n 6TctZ3aK8UWq6+/DgRIyIgs8Qy/AC2j0NkAmHkHK09KdwyfgojyPlHOPOj4DfCig1SwiDtrx +7JPrnmApjVK3jMirbhfbJk505Z1Ao8181S6ZFJBr0dJP//QEHxtMbCAR8kNQy0w+HnCNtj2 YMEQ26AH7GWPLvTsV+O+O0vP/GBaJIRtTrjMfQp+uLigWEjlVMAfKSk04EbZG2kEvliO0mZZ GDjgtYFEWcEpAo+S+nqhUWeUT5TYHayWrgz5iohBI29E4jDQoStj6Ka0yihA51WY3tLBUqNE XfzaYqLR+0AaCyIIsB7jzwEU7ihS4gv1R6wrg/20adoIfTM9i0CqZ3jzMR15/HUlRwq6DN0D d+S3nqRQGFuhG8JRyc20LpjoUx60luDy7R3g+REFdxP4PNESho6NYTdz+FhD9DyXhjNftKIS Fa6WNmpHyw+Ts8pz98Uf0l9A8mijgzE3yeyH78Vk6eLCYc18q3Cw3jxKdxxy3Hc1Kkul1UmW NdANXW6hq5j8AjeH5PGk1iDl6a3cKQTwDTN9HqYzWqSoUFYVBNwUaDeUHAQY0vZt9X55kfYQ 7CyDrQnNxNNydSeJatSdt3pkVJGSe//NdTYfm2xgXm/BReSyr2Wa4rqY2Id3DvFBUULjwwT+ HeGOhQkBiemuGLeCzJuFU71b0zw9ul+rWi2QVIxzw6QdU1uy6C5+h8LivyARfMfxLUEuD0uq zlsGlayxMrZC8CcqAp5YKVcfdQ97U9H2G7BrQxyIIKgIaN4iFMGdgR4pULu1xFuBoVFjcglt mglzAtvJa6E1F5NbT2Y3YrqNb3KLGny/Beva6DI1VHEytqZ57kA5OwlpFXgvQGpE1Iv/W973 tdIznXPrqnNWUAeTIjsV00t6gNmurXHZwEy4orV0TtnNqz++mvOxsg0AeA/1w28YtNCNYuLE QbzF4sRAM34bKRghkKoRhYAeuVT6Og5M97sP6+bwq+DOOImmTO6y2lL/dYu/FiL8n82YOPM2 5sPyuydmkO7VzD5hUzr+pTrmYdBbCpUFGe7zSXuDZNUTqRzZosAT2m0KtCxxtJwioSrV3MOp w3rPE8PxML8IUnaVFf6xwAFjSz/3FS5zHLrhzUhiSog67Gf1XaTnbeqf08dN2pCVGRuyk3hJ YGkgtxJOSrgY10njhK440b9yaVB4qN5KmjYW0BTeCbqaWplV/j4re+ZbspC448vq38SXv61f FaaTbDwuV4d1SbiFHFZ3zc1a3ShvZCq+n4yiDezNnF2/lbQZcwi/grV5tHXWax00yEdTSZ1z Bj7VHO7OcWk+8nRq4bbv7KbdkeME6NeazLqyoXShG6e3ihHERa/lva8l5jcHA423DXS+/JqW C7L/3OeKoPrgoCqMcJoT2NWGnDNxZFUQo1vqNZutoEZ/10IwZKn/loZu1XyEshF//jEYSJYF ltpi9SA5Fbi3VNZPGmqmqD5FXe4+dJBRYbnaH1I5Rsm1cZhJ4W0ypJowyl7hVDor12OWNthv icT7dF0wn40ndMJs1UdwwDePJo5NBJUOALFxjmEw4uhqpkKO0jyXb6JjFh1vtmDAeiQrBpQV U2kfroILHRB7Zo4LXDqi1DZ29/JVvbWR/kZpDK9mRbttupJEp4phMZNh21iCEjFt3c45ucjn QB+2JDmtYGGEz5E8Ky2V00QJnj0fcQV4jb3keNEk92L25z6Bpx6AWZjtPrASPupFHcfufvqE julSmdl7HmBEKfZHQiR5V0go3+cW5yoNnTCPHAC1p0iXxiSIkVDnRoZFCs3hJ83Fw2mhYThf U516ypX5wvQpAFF1+RoMBfySCHYogKpYS0zU5+RMFxd6QQq2g==
X-Talos-CUID: 9a23:/BOIbWEsqdANiHCNqmJLq20kRcsjUkHFzUqTLFSlJjd2Vua8HAo=
X-Talos-MUID: 9a23:thjPzw5tXH9+JzsRd0Ew91JbxoxmwLuIVlkkzqw7lPTUFQdgA2itogmoF9o=
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-AV: E=Sophos;i="6.17,290,1747692000"; d="p7s'346?scan'346,208,346";a="13293171"
Received: from mail-mtabi109.fraunhofer.de ([192.102.163.109]) by mail-edgeMUC221.fraunhofer.de with ESMTP/TLS/TLS_AES_256_GCM_SHA384; 13 Oct 2025 12:57:49 +0200
X-CSE-ConnectionGUID: r5rCQmwBQeeHNL8rxO9Fow==
X-CSE-MsgGUID: juZoqJoUT124vf7p1E43kw==
IronPort-SDR: 68ecdb2c_6wuijSyYTz33hKGmL5zoS3IkG4MDTHLUUqly5vd3NwATVX7 OdQFLTHfIcPYksr1tKersknqKSc1SCpfQkH4npg==
X-IPAS-Result: A0A1AABMVK1o/3+zYZlaDg4BAgIBBwEUAQQEAWaBGgcBDAGBbVJAAW4nB4EJhFSDTAOETV+IdgOcb4ErgSUDVw8BAwEBAQEBBAMBAVEEAQGFBwKMJic0CQ4BAgEBAgEBAQEDAgMBAQEBAQEBAQEBAQsBAQUBAQECAQEGBYEOE4ZPDYZbAQEBAgESCwYdAQE3AQQLAgEIOwcCAgIvJQIEAQ0TFIJhgiQEEgMPExMCAgKtNgGBQAKLJYEygQGCDAEBBgQE2yEYgkAHCQkBgT8BgVeCJIEGg04BgVwSgwtyAYJEgRSBH4IMQ4EVNYJEMT6De4QjgmmDPJNIhxVSgRQDWSwBVRMXCwcFgSAQMwMgCjQVHAIUDSIPGgUtHXMMKBJnhBWDRVorT4IbcoEBdEEZP4NTHgZrDwaBFRlJAgICBQJDPoFxBh4GHxICAwECAoEQEAJuQAMLbT03Bg4bkloSIUaBXYI7ElqBOYE8HQMyJscCAwQDgjWBZ4ZdgzOXYTOXYJMLg3KVFCKjGoVaAgQCBAUCEAEBBoFoPDmBIHGDNk8DGQ+OX4NCjzSqfEUzPAIHAQoBAQMJkXuBbAEB
IronPort-PHdr: A9a23:c7FKjB3LHflheXNysmDO+QUyDhhOgF2JFhBAs8lvgudUaa3m5JTrZ hGBtr1m2UXEWYzL5v4DkefSurDtVT9lg96N5X4YeYFKVxgLhN9QmAolAcWfDlb8IuKsZCs/T 4xZAURo+3ywLU9PQoPwfVTPpH214zMIXxL5MAt+POPuHYDOys+w0rPXmdXTNitSgz/vTbpuI UeNsA/Tu8IK065vMb04xRaMg1caUONQ2W5uORevjg7xtOKR2bMmzSlKoPMm8ZxwFIDBOokoR rxRCjsrdls44sHmrzDvZguC7XhPNwdemBodJxjFzB7LdKnvnRrU7cQl1DigYJPEXbkSfCbl6 JVoaAHCuiYkKiAfqlva0pkj6cATqkel+Rt63bTGe6LIFvo9fIbmZPM4GjdLQJhubjd7BKiTT aspIcZfP+h/pdn/+AQ3jgeeFQeILrnFyhFWtH/9gp039qcfOyrvhwAlMftfnXj498rzCPpNf 72ZypCQ3z7gZtFbgCXz84TFSU0ljNu9BoNzLo3M6290Oin00Hi+horPFDmH+c0HskWi7fZaW fq9tykl7ARAiAClzNoBg5HZmpIQywzN/CRBm685K9LtGwZrJN++F51IsDuGcpF7Wd4mXzRws T0hmdXu2La+dSkOjZE7zjT+MqTWNYaS6w/lVOGfLC0+iH82ML68hhPn6UG70aW8Tci71l9Ws zBI2sfBrHED1hHfq4CHR/Jx813n2GOn2Rra9+dEJk45j+zcLZsgyaQ3jZ0drQLIGSqepQ==
IronPort-Data: A9a23:7plfNqIT2qETpiCEFE+RQJAlxSXFcZb7ZxGr2PjKsXjdYENShDYOz 2MdX2zXa62JNjf1KtB/aIq/oUhS7cfRn9JmTAYd+CA2RRqmiyZq6fd1jqvUF3nPRiEWZBs/t 63yUvGZcoZsCCaa/k78WlTYhSEU/bmSQbbhA/LzNCl0RAt1IA8skhsLd9QR2+aEuvDnRVrd0 T/Oi5eHYgL9i2Qpajh8B5+r8XuDgtyi4Fv0gXRjPZinjHeG/1EJAZQWI72GLneQauF8Au6gS u/f+6qy92Xf8g1FIovNfmHTKxBirhb6ZGBiu1IOM0SQqkEqSh8ajs7XAMEhhXJ/0F1lqTzTJ OJl7vRcQS9xVkHFdX90vxNwS0mSNoUekFPLzOTWXcG7lyX7n3XQL/pGFhwsFrQd5cxODGxu0 9hIMiAqPz6EmLfjqF67YrEEasULN8z3JMUSqnpgiz/DBOsgQZfNTr+M6dIwMDUY350VW6eBI ZNGOHw2Nkuojx5nYj/7DLoinOCtj2K5eTBcrF+frLcyy2HS1wF6lrb3OcfTetuESN8TkkvwS mfupDShXUxLaYL3JTyt8G+egfbtmh7HAdhOCrPn7qdH3AaQ2TlGYPERfR7hyRWjsWayRshCL kcO5zEysKwv8WSkS9D8W1uzp3vslgMGWvJUF6s/6R3Lx6bJiy6VBGIsRSQHecRgqMhebSAuz XeIks/nQzt1v9W9YHSR7LqV6wu1IS8LeDNaYC4PVwwe5Nf/5oo0izrDS995G+i0g8H7Xzbqz Fi3QDMWiqUUyM4a3b+68RXNgnSlqoOPQBQ8+wPXWWyo9EV1aeZJerCV1LQS1t4ZRK6xQEOIo X4EnMaT9qYJC5SMnzaKW+IDAPei4PPtDdEWqQUH80AJrmzyqyyQbspL7StgJUxkFM8BdHW7K AXQoA5drtsbdnejcaY9Mcr7BtUI3JrQM43vdsnVSd5SPbl3VguMpx91aWCqgmvCrUkLkIMEA 6m9T/qCN3ghJJ5c/GKEfNtFib4P7QIi9FzXXqH+nkiG06LBRXu7SoUlEVqpb8Jh5YzVvDTl1 stuMvWRwTphUdzOXDXu3qALJgo0L1w+N4HHm/JKf8HSJzhWOXwTJMLQ5ZgDeIVVubtfucmV3 3O6W3Zd9kH1qkPGGDW0dlRIQo7mcsdjnEIePCIXIlej3UY4U7uv9Ksyc5gWf6Et0u5o3dpYb qAiVZ2bI/JtTj/nxWwsXaPlptY/SCXx1BO8ASW1RRMeIbhiflXt0f35dFLN8CIuMHKGhfEmq ef96jKBEIsxfCU8PsP4c/n18kiQu0Iak+dMX0flBNlfVUHv0YpyIRzKkf4FDJAQGCrH2wel+ V6aMTUAqcnJhr0Fwt3DqKSHjoWuSs9VPE5RGUvF5reXawje2EeewrF7beXZRgCFCVvI+5ija 95FkND6EvkMx2hRv6RGTr1E8KMZ5vnUnYF88DhKJnvxUgmUOutSGUXehchrnY9R94BdojqzC x6u+MEFGLCnO/HFMV82JSh9Z8vSycAkvyTj6MouKmrE5R5Hwqa+fmtKNEOyighYHqpEAL04y MhwvfwmyhGNpScrFv2kjSlk0XuGAVJdcqcgt7AcWJTKjChywH58QJXsMA3Ey7DRVMd9aWwRP S6yuKrOo59+13jyWSM/OlaV1NUMmKlUng5ByWEzAmigm/3Ht6cR5wJQ+zFmdTZl5ExL/MwrM 1c6KnAvA7uF+gppo81xX2qMPQVlLz/B82zTz2o5rkHof3OKZEfsclJkYf2s+XoH+V1yZjJYp bGU6Fj0WAbQIf3e4HEAZl5HmdfCE/pK6QzwqOK2FZ+kHr47QwbfrI2AWG4qkybjUOQN3BDph O8y5+thS7zJBQhJqY0BNoSq/7AxSheFGW98fc9c7J45RWHyRBzi2BylCVyARcdWFvmbrW66E 5NPI+xMZTSf1QGPjCIRNZQTB7pKwM9z68cwfJHrKVFbtLHFnD5isc/TxBPfn04uec1lyuwmG 7PSdhWDM22evmRVkGnzt/t5OnK0TN0HRQ/k1sa3+/UtO7Nal880amA08L+/n0vNATtd5xjO4 T/yPf7H/dJt2aFHvtXKEJwaIy6WNNmqduCD0D7rguR0ddmVbPv/7VIEmGLGYTZTE6AaAelst LK3t9Xy4kPJkZA2X03dmLiDD6N53tqzbsUGLvPIKGRmogXaVP/O+xcj/0WKGa5Nmv5Z5eilQ FKcQ+m0ftg3Rdxc5SN0bw5zLhUjMJn0P5zQ/X6Fk/exCxYjiF2NaJvt8HLydmhUexMZI5C0W Ee+p/+q4cset4hWQgMNA/Z9GZJjPVv/Qu0cesbssSWDRHyd6r9YVmAOSTJ7gd0TNkS5LQ==
IronPort-HdrOrdr: A9a23:In2PfKBOIUTQfI/lHemx55DYdb4zR+YMi2TDtnoBKyC9Hfb0qy nDppgmPHzP+VUssRMb+OxoUZPoKRi3yXcS2+Ys1N+ZLWzbUQCTTL2Kg7GN/wHd
X-Talos-CUID: 9a23:9yo9f2B9uVZ4e5T6EzM67mUtH98PS3DQ7FH0c1WoLjdHT6LAHA==
X-Talos-MUID: 9a23:y3jHbAXMK2F6F+rq/D3xtjZ7FsBV3/30VF4Dzo1flpXfNjMlbg==
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-AV: E=Sophos;i="6.18,214,1751234400"; d="p7s'346?scan'346,208,346";a="38075956"
Received: from exo-hybrid-bi.ads.fraunhofer.de (HELO smtp.exch.fraunhofer.de) ([153.97.179.127]) by mail-mtaBI109.fraunhofer.de with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 13 Oct 2025 12:57:48 +0200
Received: from XCH-HYBRID-04.ads.fraunhofer.de (10.225.9.46) by XCH-HYBRID-03.ads.fraunhofer.de (10.225.9.57) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.2562.20; Mon, 13 Oct 2025 12:57:48 +0200
Received: from FR6P281CU001.outbound.protection.outlook.com (40.93.78.5) by XCH-HYBRID-04.ads.fraunhofer.de (10.225.9.46) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.2562.20 via Frontend Transport; Mon, 13 Oct 2025 12:57:48 +0200
ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=XQL9/3CZx8egHl3PwDvHRSniGHUbcJ+VBRhbCgW8N7THmABpvNE410npTn7MHWxj3tSP0qStQXyBYecNkFwOYGD41Ts3m8BdGsEbx8UkWefvd+0BwO+M4bbtPbr8kL0vF9r4QhHhOOCoPWMjio0BOK/iG+FSpASxYzo/gJWxrlh2axecEXtzPyPR9S2v74r3yanqMVXcUWlh92SQNxfi5KWibPAtKjB7jjs6OLcuyivx6qFwoBqSqgmaOKdZKU2fGR9Wl5qaQ1uel+BooxNQ/ar+dz2K+nxvs2e2NlBLCqYSk2XdEVrvauaM+AH/+CS0kUTLPD1AwcAMQpN1ETiTEA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=LxhHgYBVvGYF3F0dyR56ZxaNMz/oZkHvBZiKuvN2Re0=; b=AwEMmua+rZxQAzc2XsDwM53i5R+2BklBXEmUaGiZ5ex/1wL2F/NS2tacyP3Aye+vZYGmQX75cqa/afHfdgZGx2JYmVQIJ/96mOLBLPmQ9xUriUep7mcbcwZmopetdWX3j4XmdNHFPVrOen1n+myLTB4m1QCcHNlslj9tf3nVZyxYY17fohNRUiNmeACfnP5AUXQAK1gMCDt/VZg57zpV/f1Y6ZPADacho3M6+WMo17ebt9qxFpfm/76hWcFw4oaqFsH2WQE+FRnWM42N64jCU1vSffQQzNW13sD3j9hyDpXe59b+hGLXpSEQtYmUwwly3TMTQCnRVcw8Kkyv6GzCxA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=aisec.fraunhofer.de; dmarc=pass action=none header.from=aisec.fraunhofer.de; dkim=pass header.d=aisec.fraunhofer.de; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fraunhofer.onmicrosoft.com; s=selector2-fraunhofer-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=LxhHgYBVvGYF3F0dyR56ZxaNMz/oZkHvBZiKuvN2Re0=; b=l6omvRzsK5Jh+jMSqHJ75bv6WQsRnCGJHNFD6jfOb8j77QKtHxfLB2BhFvZhc7XeM+VBCA3dmFA9EdD3wnT57F5DnQ0zcKaJe1zfsdeS5lEBY3Yk7/uJN3EBY6EFGnBCbzGAbiEQjtRdpzT/j/mYBPbbuEapxtxmi4aaiP3Adfg=
Received: from FR1PPF809320EF6.DEUP281.PROD.OUTLOOK.COM (2603:10a6:d18::f66) by FR2P281MB1781.DEUP281.PROD.OUTLOOK.COM (2603:10a6:d10:8d::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9203.12; Mon, 13 Oct 2025 10:57:47 +0000
Received: from FR1PPF809320EF6.DEUP281.PROD.OUTLOOK.COM ([fe80::8d96:d427:50b0:8ad6]) by FR1PPF809320EF6.DEUP281.PROD.OUTLOOK.COM ([fe80::8d96:d427:50b0:8ad6%3]) with mapi id 15.20.9203.009; Mon, 13 Oct 2025 10:57:47 +0000
From: "Bellebaum, Thomas" <thomas.bellebaum@aisec.fraunhofer.de>
To: "durumcrustulum@gmail.com" <durumcrustulum@gmail.com>, "uri@ll.mit.edu" <uri@ll.mit.edu>
Thread-Topic: [TLS] Re: [EXT] Re: [EXTERNAL] Re: Working Group Last Call for Post-quantum Hybrid ECDHE-MLKEM Key Agreement for TLSv1.3
Thread-Index: AQHcOiWue4JrfcwleEiApQ2TQGUlRbS/7B2A
Date: Mon, 13 Oct 2025 10:57:46 +0000
Message-ID: <3f2a02b66e77b648e008962493a956568e4e22a7.camel@aisec.fraunhofer.de>
References: <CAFR824wG_3h3P0cM_oe4sAA2T9si2KteZRvi3UbzC7gs6hV7hQ@mail.gmail.com> <551EC460-8C2F-4FB5-B95C-D11DCD84BB61@ll.mit.edu>
In-Reply-To: <551EC460-8C2F-4FB5-B95C-D11DCD84BB61@ll.mit.edu>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: FR1PPF809320EF6:EE_|FR2P281MB1781:EE_
x-ms-office365-filtering-correlation-id: 74cf8e8b-4a31-4b29-de8b-08de0a475815
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;ARA:13230040|376014|366016|1800799024|4053099003|38070700021;
x-microsoft-antispam-message-info: eZHh7te3o31D4fjK8UbPu5QqCHatXlyTceHcTkWUp1SUR4h/1NwlmlCm1UTBvnUG+5247p7WUIJFOZ5IngOCaCo3xvm+8PdZkv5fIsfhwFfVgk6nh8EB/OBy0YOMBL4uVpA0hkNS27E3BM5kniAkSmEAjvjnAFc2auyZEBFxAZ0gwWsGe+Z4wTXoQZhpMtpYwTFesdVaUOUFtSDqQNfsTF3z/Jb45Nwv9Bi0nkl+BBoYBzNGuLtLyU81FlzuSuZZVAEQVokTKsq7wgD/qIqapEjprs18yzFag4FhakKcYVQTdSrHVQn9EX6H2JszsFwcS+EAtGXAiekDF67722iBjYQHnUJrPY6/qaH5bJV9Re7kzMZzgwqPWwUdTqJg11BgEAntZe/Kg9pt3tq+kCTLIGGxzWfV9oVM21FaG0GFIdyCclNs9ZGi753Z4GzbP4PNGmoxmmQSpIpjv6OXEjSqbyjr8MF0/WotlGFbBfIiXMjgkvfkwUJtVZ1A4+gI0ocI4ZM4JoaoTt5b8aCSbzEnaHgaUxNs/qST285Hzwcp5bguhU7boSVXE7Vba7bgeomUJpIUsf7d7j43Qo8l0BhuGUSjjSpmoFEx3NKhnnZayGR5L1hkrC0AVTahkL1eYOvRO/pE2VLzIG6lC2hkU4yVdZuzLw42oPNuwPbVM+oBURJxKmJU4QVX+9hhbAZTYVabXqWWnMVYaLhfsqztH06gkOXaYW1EvdMWJmOZ9utWx3xLxaYpNbosTkTKyl0CCUYW+V1cJcv9TS+tFkamY9Gex2goDZy8IWcy0s4QnIFR2KQ5+oMd7boxy9STVNphNGtrDbK+3VlKKxkd0vPohbFpgczN4XM5GhmGm0cC4jdrQlrZf3SUtnpk4mkGuVch0+MhnODGeUsSp0cxzEXI2Pq7cLJGzhBfsW7dfg3zGombsd3Su1iJwQ3hkMqEaFxPoEwWartWgr9PoSRYt4fWeK7KQJSS1clqPMOyfqkh+mJxmBaH9d55EDBXO2EgDS+3XA5zqv+c44UE8E+Rqse6rUZvY8amUzoQnd0UiRArJPXbY3Q3DrYPzMlfGa5DBh07OCnse9v+FZeIZhpA+3Zj+vX36NQj5uBs1ZMxRTYl0dwkdHOkOmOMOn392XtfShHy/L0mhyuAaCMf0p4S9/gF9SjvXoBtEBkvvEYJH6nVHH++RJKbTvrOCvOXTtdn1nT4eyWdUFpN1452iI47WGPsajxUeqENk5hrTZskTUICPa86465SDDH1zDJy6xmy6RYD6R78CcFtJnQ80/LVo+dj12b6+xKqtjtSdhi6f8WR7KxKIMfUkWZ/xn+uW717SkJXmg2CIKv7jYQDkap5CIjJ9vbtjDRKrBPD3teNPc2wXejp753uUxxW945d/RAGDYL4yksSuk86hxJ/HQCxajLfU1fUqxJhqSxpEHW+KdSKWmDF3cnuF327/mUPoWEzbfScifMvh9X/053Q2PDhiDmuwLDVIOZX/oUBwgMQwQNT77EByOnDYm0zMVtYgeaHnKBsWFAm
x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:FR1PPF809320EF6.DEUP281.PROD.OUTLOOK.COM;PTR:;CAT:NONE;SFS:(13230040)(376014)(366016)(1800799024)(4053099003)(38070700021);DIR:OUT;SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: hvYZIv+d/pCaqVZkM2yO359bOdKfFNzvtvUnj//E6gBpIOQk6hOxlej50+3VKPIrY2r+oiPx5xvRUsmGuMgneoMty/3gpzt76L37E5xr8LglBMXX4NwOT3h5Po1pjSH8qGcyF9cy7tayfq6n7jS5h06FIizT0YyUOheqXv7XPlta3o60tQVT3rW3Fr/+5Xm6mT4e4lHWNH7k4R4FOr+JxVtqQZmIKWdYmXYPM1w7e+7d03A0KyZrq9ZWcbyMvi4X+9aB0xEQUafsA+Ck3ZkIdms2u1Hq3YnNRWCfZ2sFC4MapmjWppn2I4fpSqfUN+dwl+xxkFc75VTLHgBVykQMYmYCzUO20pMhkYS1yHrCDJPfGxL3D+nI3kW7hOaje7NoM/lanrP4/31PCWHCwLCYxcyMi20OpL4k51y9QIXx/UcuvV7kUoGX0GxPT56z84d740XRrvn7z51sHtWpxPIqrs2lH8U8u3vBebWPVjdyC8ffSmASY3AQasDynZz+4rK/Dq8xZbHGkkwrqOMPWNxR3qYow1UeOiS51EcgJV+G9crY7e6qQOZtzfgMO9NjGG1gto5syoi3PV0NlREaAfKCKqg04Waynl1O/5/UBixKnqwVJQJOvTSgyjgR6gEr655BvfFC+lKqlqXqNwskK7RVcKdh5+MSE4M6JqlYu6ILfV/7xLDqtwUv2d6nKd8veco/OPBTGBmRkR2kClCvUK2y6h9Noc5LTBXleyJmAgKvXnee3wpEgOkzpRdimg1mwwsqC49DB5DI63TwyRAtl0Vftk9/epiSXEqp+JK2g/bXwAz3NlkS1RLHAtlExe9eG3z/u5hGtFsLGd7Rr0gEZywr0PxXPSEVjqDpfPbJmWuYvj6+IDUahJFKoMeItNF04mCtOxg4BRpbNgNYPsrPHcYzaoG7ZiX3jH2afUxJKH0bIuAeiyvHzOqe4RLAyGk40u0wj45gPRFYRjK6fDxDtTCv1ZMNEDnHGef/JpZmP6q3EBBKWhXqXlltGuBS80uVxdT6RzR9X6ggIXxEDFRnACy+V/ZhRsEMxrf7Lb+HppWZv6BJiz2a887D0v+4uEEyM3i+LNrkvlIIyHVLxEOCQO9GuN/4FdBoQZp4t7peCHWhfanw/h7B/j/9ZGa86LW+XVRSAE/N4lRgggYvzkoqbbVnSv9KB++6wnWNfv/McPw97M3YOvrceiP3H/iNTMBRQ+Yok1Oay5epcCekxM6epsML+Gew5LngFWJ154QkLXnuc9lSMpxgR6EG6qdVoIsytYrOw5c3VIDfn/R02VBc516xPj5HnsvF4gl/2GCuHOvVDTt0J/sKx9o+Hktga1B6atLonagfjBBW3PcZvdZKYWcH39SfkQ2mRTQmkqm9m1W5p4Gk13wbTdN3k8fTHfBJJGnRlMgMFMATV31HY/OcnCaOHgHOetaKNidyBO2cDDgL0SyKPbwwVVLe/6t4u5Uk9rqIvo8aUElO9+vMPbpyv060BGCf+DhM6BE5i+CxZEN7fntE6R4RpPPsaMfqT5Jhj2vg6OsZMqTg3h/IESlFNHcp9+5ARTzEJmKAI0lVzVrWB/B3b4iYeHGnRrmHN/TZDpJzBR2KBXOM7fzv1g8ddahVZ5QUQmnX3mFaxG+e8ODXmNY=
Content-Type: multipart/signed; micalg="sha-256"; protocol="application/pkcs7-signature"; boundary="=-zrrOgLT05UU6GFQ1aZ+6"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: FR1PPF809320EF6.DEUP281.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: 74cf8e8b-4a31-4b29-de8b-08de0a475815
X-MS-Exchange-CrossTenant-originalarrivaltime: 13 Oct 2025 10:57:46.9559 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: f930300c-c97d-4019-be03-add650a171c4
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: 8wrX1XvLzTwlmnrphHGFyOQ1N629vtfpOtuYzO9OJ2cEnTm1/cl5LD8t0YV2FIKLtfYe18Yp4DX1Nigk3S11wAv9mR/bMxbwnTIZ/i88Vavsrs8+WX2UAa9VcTeDyzhj
X-MS-Exchange-Transport-CrossTenantHeadersStamped: FR2P281MB1781
X-OriginatorOrg: aisec.fraunhofer.de
Message-ID-Hash: TTBLB6FPH2AUWST45U3BMV23LEVY4DPB
X-Message-ID-Hash: TTBLB6FPH2AUWST45U3BMV23LEVY4DPB
X-MailFrom: thomas.bellebaum@aisec.fraunhofer.de
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-tls.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: "djb@cr.yp.to" <djb@cr.yp.to>, "tls@ietf.org" <tls@ietf.org>, "Andrei.Popov=40microsoft.com@dmarc.ietf.org" <Andrei.Popov=40microsoft.com@dmarc.ietf.org>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [TLS] Re: [EXT] Re: [EXTERNAL] Re: Working Group Last Call for Post-quantum Hybrid ECDHE-MLKEM Key Agreement for TLSv1.3
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/I7ZNss4Zt76MjZziJNAQ4w-j214>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Owner: <mailto:tls-owner@ietf.org>
List-Post: <mailto:tls@ietf.org>
List-Subscribe: <mailto:tls-join@ietf.org>
List-Unsubscribe: <mailto:tls-leave@ietf.org>

> Yes , Hybrid is weaker because it contributes little/nothing[1] to cryptographic security and increases attack surface by adding another code base. 

Not quite. Certainly, the probability of a memory corruption bug increases, and this would be an actual threat. However, we are increasingly deploying memory safe languages. And if not, I seldomly see apps where the crypto is the one and only memory bug, or even a significant part of the attack surface.

When it comes to other kinds of attacks, a properly designed hybrid can actually be *safer* because instead of doubling the amount of wall you have to guard for your castle, you are building a second wall *behind* an existing one.
On a more technical level, the primary use of a KEM in TLS is to derive a secret key, and as long as the PQ-KEM spits out anything at all during normal program flow, whatever output this is could be treated as part of the nonce, as far as security goes. So the additional attack surface is basically nonexistent.

> [1] The only case when Hybrid helps is when both
> CRQC is not a threat

This is now for any use case not requiring confidentiality for more than a few years.
Obvious examples include the transmission of credentials like OAuth access tokens for accessing administrative APIs.
Less obvious examples include any message whose sensitivity decreases with time. This to some extend includes chat messages, regardless of whether or not they ever become worthless (which they do often not).

> **and** PQ algorithms falls to a classic attack (like SIKE).

Google KyberSlash, which is a classic attack.
That's how realistic this is.

> Thus, deploying hybrid because you want to protect your date against “harvest now, decrypt later” Quantum attack is a non-starter. And that attack is the main reason people are hustling now, rather than wait for several more years.

"Harvest now, decrypt later" plays no role in deciding between a hybrid and an all-in option.
It plays a role in whether to deploy a PQ-resistant wall. The above attacks play a role in whether or not to deploy a tried-and-tested wall which we assume may fall one day. Hence, we erect both.

v2.35.0 | Report a Bug | By Email | System Status