[TLS] Re: [EXT] Re: draft-kwiatkowski-tls-ecdhe-mlkem and P-384

"Blumenthal, Uri - 0553 - MITLL" <uri@ll.mit.edu> Mon, 09 September 2024 13:15 UTC

Return-Path: <prvs=1982bd0661=uri@ll.mit.edu>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 25179C14F61B; Mon, 9 Sep 2024 06:15:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.097
X-Spam-Level:
X-Spam-Status: No, score=-4.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_FONT_LOW_CONTRAST=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, TRACKER_ID=0.1, T_KAM_HTML_FONT_INVALID=0.01, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Ktv6CJlCEBMb; Mon, 9 Sep 2024 06:15:00 -0700 (PDT)
Received: from MX2.LL.MIT.EDU (mx2.ll.mit.edu [129.55.12.51]) by ietfa.amsl.com (Postfix) with ESMTP id E6B4FC14F616; Mon, 9 Sep 2024 06:14:59 -0700 (PDT)
Received: from LLEX2019-03.mitll.ad.local ([172.25.4.99]) by MX2.LL.MIT.EDU (8.18.1.2/8.18.1.2) with ESMTPS id 489DCWNt229922 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=FAIL); Mon, 9 Sep 2024 09:12:57 -0400
ARC-Seal: i=1; a=rsa-sha256; s=arcselector5401; d=microsoft.com; cv=none; b=Pd9F/NjMGqhZkbNJX41ncgSIkePE7ZSaqk9n4y3LzalW9/kI/N3yrAXEoytsbTIqgMTVcr8RLC3S04TWb4yA0sYN2bpQYhlnp/aiGAJXNeNTdlv3Rj4u/gRRKbgn7PNTz0uOnrTLC4g0WW+qKkmLtqrz2fIJ3ExaAEChEyYcqTsDEeps7zqkGjGywdp6XZWT6JhF7A4AgMnXcpHe1ITdRbSg7xw/OgcM/k26sxC2zHoP2TIRA7B800e5a8LaSN3hS6LZip+ik3N7w70lHykEBb4Pu6g7tKLjNNNhjqInjwPl7e1T68ZlmQjzFYA0kCuyuOgG8kJSfhZFG6oVAP5lJw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector5401; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=55ecCcbt8Hvi4NP1GiK8poO0+MKX6vJ6gpSyLvge20E=; b=SAuPGSwNtmPs9RBmBOduytjMMI3dbpE0roCvjYYK3lwpxmvgdAWEy+92e2sMyOOfnvgvuHiJ2JsGjaKREyMc0APnLMhKfA+15MvjXjxlt2VAiteDy5+fH6U4UnVHfEVhnLYivYLSuZuuxN4w7b0gZ5RnW6JaT9Zd7d/OCwmUP7nbU/VHkZjR1j3mNopnKBAz75rL61Sez5RS39G8t0WA8uADHhd/cqUdCty0dMMkZ7fMOW6yyO8FSWkBzCTos8nO+m4qCI6zA0JUINXj7uSOZ7Tn3X6AT7+nBjZBFMFpnoo7sx+zYjaUPGokKqz9mumH0vnjaA1j3gSAtWStO/FLpg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ll.mit.edu; dmarc=pass action=none header.from=ll.mit.edu; dkim=pass header.d=ll.mit.edu; arc=none
From: "Blumenthal, Uri - 0553 - MITLL" <uri@ll.mit.edu>
To: Bas Westerbaan <bas=40cloudflare.com@dmarc.ietf.org>, Alicja Kario <hkario@redhat.com>
Thread-Topic: [EXT] [TLS] Re: draft-kwiatkowski-tls-ecdhe-mlkem and P-384
Thread-Index: AQHbAkwRZm28ekO3p0Gj4wLqGCBGvLJPa3sAgAADAYCAAADv0Q==
Date: Mon, 09 Sep 2024 13:14:40 +0000
Message-ID: <BN0P110MB1419D9E01E25693B301CA88A9099A@BN0P110MB1419.NAMP110.PROD.OUTLOOK.COM>
References: <def1e084-759e-471c-831f-2a40c7d40209@redhat.com> <679c304083b546d69b630fa81b3d87b7@amongbytes.com> <326f4b2d-1d85-4335-84c5-29f28468995f@redhat.com> <CAMjbhoVOt4ys3mXdXzYNM_+7xkVF7OuDYYfciSGUEnKkhLj49Q@mail.gmail.com>
In-Reply-To: <CAMjbhoVOt4ys3mXdXzYNM_+7xkVF7OuDYYfciSGUEnKkhLj49Q@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: BN0P110MB1419:EE_|BN0P110MB1514:EE_
x-ms-office365-filtering-correlation-id: a85efd8f-5f39-4893-83c3-08dcd0d15d1a
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;ARA:13230040|4022899009|1800799024|366016|38070700018;
x-microsoft-antispam-message-info: IoHsZZALBT3L9jwdLExO6qT7RuryLZl2nvFdQeqe1I2uoW6I+LgytpBNHUnPEeVb6/fDfwC75QLHQaShpSTyu+ghqy6+rdejlbKAksmUk5QMq5ysl9bKI05MfXbyyLt+I+CbmS8Wdy5tNKUYkGvdbDBjNr8inrj0FoMMPy/ELb3DKKeVVar4962f9M/aTVWlOrT3Nhabz0RBSOnsPfhmn5hzNT7cpvHlwqtcwfnUcRLI1SDi2WTeB0ce1dO5RWg0+CS7paRluKOFEUCLi9wDrdIl3g+99mwr1eKfqWvQ+/SbJR7cHqRRE+x8ZeNWO4wnZaWbY/m7J9/466+8ohBs+4PJA0WBp5p9QINzypL0dhf9kq66dPN2erSmodOoqYTbAKIMYNDYaZxfAjMEUDRR5K4b/s8/mTurNLD5iNix78LqaBYSpDB83KSL6uiQw0yVqiLCfsfa/ijiELyTaCz+WUOylmtIqOKeUdwUiseoUkk3LDKRwkbESfbUpX4q/jQcvYpZj5ENtoWHf11gLPZAHgTUZ8qO/LVh+1oq1n9vAuzYiUx7lir8GaHQBqaGSSSXCf0YtLd9jLrqEqXaGiNqKtl7ZlAlnV0LIxJ9lgnkhShhdLQZezwugsERUmmsZEMFUWc6FtPS2hRQGRpGChsKTUQMlskKwl9L9adxhYwi0evhSZ6gZYb12csruOSzrHjFRKOD7TPQsrhK94iR52HoM8Q8ANELFFCoLYzkhd7Zzm1W4G2FBvLKaxrMOFg7enGJoU3XRcDTGtIz9I2izYPL/twrFMuabqxcwnA+s++kYf8lliU8sUnG4GeTIChObTy9BVr73ckckMe9zTv61clxowvjm11+1ZhuZDuH1TnDRVniccNbf5lqCGo8W5UEVpENQNHotKZWua3rTaLHba4KlsJaCHkzRFwpsfQA5PA91EWOq5ocm6dNwVexQeuXS6LBbjasI1X2iYDCNEpAtIbsGd1KS/ooZaaAtJtFuDzI60My9vHolOcETY4UWS4ErKRIgyr6X86AcU/I12ifC8i0RluMmscLyYWl03nuJvhhRwbQ1te34K0WLPrjIKi/88a+gkfBVs/UHl021RMLw/brO/J02tT6r1lIZb/HNYFURjkoG0Wb1EGaLl3P5zvWZsoU9aHwbTX4gvRHnZQc9ozO46EymC/BtrxuyYNHOxNmaVAhJzlNbaRKN1owrsVh+KOJFdavk1LFc+tyzvdXO8IAgSy0cbAxNUwzHL7UV3QKylRpCokamBx1cc4+kOFzBVACeAVm1Ibbn/P12m95fzo9npzvCJ3N8qyJNBDXZJm6QyjGm7jZReRq0RGTZmrI/1xUcUCC/lh80FYubMe1qMj8RA==
x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:BN0P110MB1419.NAMP110.PROD.OUTLOOK.COM;PTR:;CAT:NONE;SFS:(13230040)(4022899009)(1800799024)(366016)(38070700018);DIR:OUT;SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: lmzelmuAHoM9FBkevoLtouDMItKGS97Qxtv+tfpeJPRKJVdBgK7TGzSFNvd5H20YXy2J83UBEzVgyeqyMHsaFHywbQmbU1mIOviVU8GT91bojYtIb5kjhpZHitGyMAr6qFt9i5pXDH8znbfQiR8QH0fN4Y90/YIsnhDBLTlnXHV5cUYPKvtbUikQp8imfua/MHmxys5GQv+rxjf0uZ/5Jv2ofrHKxPjEtcGTjDBj1AhruAq7DEGGwWHaEYdT/sB250DxcPXWZm5Ur4oRJtDb59lOAPo6L3NWsaWFs7Ia2rbx3EghhlaycP4TGroohcV7oSLtAZmmgfk2fiaodM8F5JmyW6EdEQkRavgH5RZLpcvDtpHewzYd0JLjAOi5Kws/LHu00OsJ85kEdDS12DYlrbvrDXz8C88Izah1ZlupIzZARB8FA8uWIRIBQMRg7IMnl6cC0ZtBHi3UQ7ykDYLhZ+QSV+HAMURvItDVNY15Az/S17DaOvdcAvFlmUTyBxypT6dQcfJoHhA3wbTEcyw0ZlA9TyfW699XvsnIPXEAsJMgzLaHe09d4zCDjUn6DXas6D8ffjS8mGvdPEw21+tACVRmVkAhBHG+hEfCkh866eyU0SrKekewQYUW+W2h4Yf8cs5veLHdaTx5WTcc+vUIzFYTZoaghP1cdolYAIMVxaF3Zt1vcvmzfbKUmY4MuqEyADafsGL63OTU4rjHDMUBFQFuMsp1Ruc9K+nI3n0afHEsrn+8XKWI9UOIqKGyRhn+3V5neaqI1hBGPQRPCcztR7fLNhtCGQARDOT0uR8uafgVRq2yKi2dndPvtQS8HJXvc7uMdp0L++TylSkZkc9KXSd5GKEmqFj0zUrboED+jma24rD/fogAi2C0Vp/693hpEsJ+d+MRvPUo7KXNAMMLKW7lmNpNiQG7TyRjSL2dvtWun9Dpaz8r56rPZde/MPuJqV4ahCG+E1QfKDMzEDrrhx4ospHIbX1+8KwJI8bQhWA0p/dp22rERJBke7D2DY2qGLA10VztaKKU+Z2/UN+lUpM6XZB4OzYrFZzO9xdHMj/7PC4olG4LOem0kUICnFgUIKszA2Nvx/30S3CWaqdWoajybamTbHGVXyp8pFSkBhb4czqx44VjrJ80WUQSENe3rN1eFKlJ0COcxYV5I2/QkvFT+AWNDs1xO5pqXkfK3a2R8uXPRJzuCgQYgeNJnijkn0Zr4S7Jv4Qz5DzKXVYqI/mWXsgtdoQx5tGf/uNTMhdmk9R+Y5AS2Ih206Sdg7ET1aHvPlSEU64qthjh6ltsOBsVfpHfgPOqnAF7lSAeJQBBh2GFqpGRZ+loNOUgrFn6RtwC5zs1nSyX5w3Asls1CY7zo+EMZya3fgY1tq7eZdskeEwEkQgXpb/laHuXqeFQd3nlr+KHbXelFNgyYtch2Tl35s+FL+/+8yVaNDua/brr4txtq1/9gDpjC0owwlxjfJ5WHLjqj+l3puB0Ve+sj5Us4kobX6u4nsjhqX/0HVmy5Jv2y+mKSAR8wdrhBrGf
Content-Type: multipart/alternative; boundary="_000_BN0P110MB1419D9E01E25693B301CA88A9099ABN0P110MB1419NAMP_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: BN0P110MB1419.NAMP110.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: a85efd8f-5f39-4893-83c3-08dcd0d15d1a
X-MS-Exchange-CrossTenant-originalarrivaltime: 09 Sep 2024 13:14:40.8392 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 83d1efe3-698e-4819-911b-0a8fbe79d01c
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN0P110MB1514
X-Proofpoint-GUID: hXwoWY6kuhyAsHWrVInD4vTdb8mNgzAd
X-Proofpoint-ORIG-GUID: hXwoWY6kuhyAsHWrVInD4vTdb8mNgzAd
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1039,Hydra:6.0.680,FMLib:17.12.60.29 definitions=2024-09-09_06,2024-09-09_01,2024-09-02_01
X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 malwarescore=0 mlxscore=0 mlxlogscore=999 phishscore=0 bulkscore=0 suspectscore=0 adultscore=0 spamscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2408220000 definitions=main-2409090107
Message-ID-Hash: MVFPF64SDQUXVTQ32TYUVKI2RLYFMICP
X-Message-ID-Hash: MVFPF64SDQUXVTQ32TYUVKI2RLYFMICP
X-MailFrom: prvs=1982bd0661=uri@ll.mit.edu
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-tls.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: "tls@ietf.org" <tls@ietf.org>
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [TLS] Re: [EXT] Re: draft-kwiatkowski-tls-ecdhe-mlkem and P-384
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/NGCig1g3cjMbcHPlOajbfzX3BHk>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Owner: <mailto:tls-owner@ietf.org>
List-Post: <mailto:tls@ietf.org>
List-Subscribe: <mailto:tls-join@ietf.org>
List-Unsubscribe: <mailto:tls-leave@ietf.org>

As far as I’m concerned – no need: P384 (or no ECC at all, aka – no hybrid) would suffice.

TNX
--
V/R,
Uri

There are two ways to design a system. One is to make it so simple there are obviously no deficiencies.
The other is to make it so complex there are no obvious deficiencies.
                                                                                                                                        C. A. R. Hoare

I was a shepherd to fools
Causelessly bold or afraid.
They would not abide by my rules.
Yet they escaped. For I stayed.
                                    R. Kipling “Epitaphs of the War. Convoy Escort”


From: Bas Westerbaan <bas=40cloudflare.com@dmarc.ietf.org>
Date: Monday, September 9, 2024 at 09:12
To: Alicja Kario <hkario@redhat.com>
Cc: tls@ietf.org <tls@ietf.org>
Subject: [EXT] [TLS] Re: draft-kwiatkowski-tls-ecdhe-mlkem and P-384
Did anyone ask for X448? On Mon, Sep 9, 2024 at 3: 00 PM Alicja Kario <hkario@ redhat. com> wrote: On Monday, 9 September 2024 02: 04: 48 CEST, kris wrote: > Hello, > > I'm sorry, possibly I've missed some emails. > If there
ZjQcmQRYFpfptBannerStart
This Message Is From an External Sender
This message came from outside the Laboratory.

ZjQcmQRYFpfptBannerEnd
Did anyone ask for X448?

On Mon, Sep 9, 2024 at 3:00 PM Alicja Kario <hkario@redhat.com<mailto:hkario@redhat.com>> wrote:
On Monday, 9 September 2024 02:04:48 CEST, kris wrote:
> Hello,
>
> I'm sorry, possibly I've missed some emails.
> If there is an interest I propose we add it to existing draft,
> publish version -03 and request a code point.
> The repo is here:
> https://github.com/post-quantum-cryptography/draft-kwiatkowski-tls-ecdhe-mlkem
>
> Feel free to open PR

done:
https://github.com/post-quantum-cryptography/draft-kwiatkowski-tls-ecdhe-mlkem/pull/22

> Cheers,
> Kris
> From: Alicja Kario <hkario@redhat.com<mailto:hkario@redhat.com>>
> Sent: Saturday, September 7, 2024 12:39:30 AM
> To: kris; tls@ietf.org<mailto:tls@ietf.org>
> Subject: draft-kwiatkowski-tls-ecdhe-mlkem and P-384
>
> Hello,
>
> What's the situation with other groups for TLS 1.3?
> Specifically, are there any plans to specify SecP384r1MLKEM1024?
>
> As mentioned in multiple emails already, high security system
> already have a strict requirement to use P-384 curve exclusively.
> Similarly, for post-quantum resistance they will be required
> to use ML-KEM-1024.
>
> Will you add it to the draft, or should we start work on a
> separate one that defines those hybrid algorithms?

--
Regards,
Alicja (nee Hubert) Kario
Principal Quality Engineer, RHEL Crypto team
Web: www.cz.redhat.com<http://www.cz.redhat.com>
Red Hat Czech s.r.o., Purkyňova 115, 612 00, Brno, Czech Republic

_______________________________________________
TLS mailing list -- tls@ietf.org<mailto:tls@ietf.org>
To unsubscribe send an email to tls-leave@ietf.org<mailto:tls-leave@ietf.org>