IETF Logo Mail Archive

[TLS] Re: WG Adoption Call for ML-KEM Post-Quantum Key Agreement for TLS 1.3

"Bellebaum, Thomas" <thomas.bellebaum@aisec.fraunhofer.de> Wed, 16 April 2025 08:38 UTC

Return-Path: <thomas.bellebaum@aisec.fraunhofer.de>
X-Original-To: tls@mail2.ietf.org
Delivered-To: tls@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id B8A181CDA8D1 for <tls@mail2.ietf.org>; Wed, 16 Apr 2025 01:38:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -4.299
X-Spam-Level:
X-Spam-Status: No, score=-4.299 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=aisec.fraunhofer.de header.b="o7Qwyf9u"; dkim=pass (1024-bit key) header.d=fraunhofer.onmicrosoft.com header.b="H+h1+WVa"
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bo31aaavCjo1 for <tls@mail2.ietf.org>; Wed, 16 Apr 2025 01:38:12 -0700 (PDT)
Received: from mail-edgeBI195.fraunhofer.de (mail-edgebi195.fraunhofer.de [192.102.163.195]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id 817CE1CDA8C3 for <tls@ietf.org>; Wed, 16 Apr 2025 01:38:12 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=aisec.fraunhofer.de; i=@aisec.fraunhofer.de; q=dns/txt; s=emailbd1; t=1744792692; x=1776328692; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=M4mqM36thQ8Y7TqXj9Xd64sNtK2Tn8tl6LN7ACa15wk=; b=o7Qwyf9uis+MbclLBmDXXeXUb4sr1v5LIeR3QsObwJVCgR9Y9QbxmVDs B/VF4eVnBbssOOBDXZL6BC5qWk58fMZqj0+u8/9qjCi7kDt/7436IY/UC qp3T5FTt9K9c6m88bdA4ltvoqrPV1+TiX6QpSQoW6PeVC0gKPjBLOm8F1 vYrvvuHdvuGDrBbq3IuOHKs6Nr9H/ny9wpPlxffiXP8zFElkSAhwUekdE wtjxzx1POzxiC0nrVXL4TUnw1uh4MAj4Nyy1x4/HeAf6i8JA373yhCoxt vyuGcZGlKl4eXKfaW6PRRUBavPVMUmU/cjn2Fk+ddTrStVyK0aatslXzq g==;
X-CSE-ConnectionGUID: EWUvs0tySc+tvQirEQyDGA==
X-CSE-MsgGUID: e6A6Q/8jRQCKkkHvxhumgw==
Authentication-Results: mail-edgeBI195.fraunhofer.de; dkim=pass (signature verified) header.i=@fraunhofer.onmicrosoft.com
X-IPAS-Result: A2FAAABta/9n/xwBYJlaGwEBAgIBAQUBARQBAQMDAQGCAwMBAQwBgkN9LoE2hFWRdII9AZopglADLigIBwEBAQEBAQEBAQQEATQQBAEBAwEDQ4Q9AossJzcGDgEBAQEDAQEBAQECBQEBAQEBAQEBAQEBCwEBBgECAQEBBAkCgR2FNUYBDIQCBXQwAgEBAQEBAQEBAQEBAR0CDyYMKgEBHgEEAR0GHQEBNwEECwIBCEICAgIvJQIEDhOCdYIwAw4SERQGskeBMoEBggwBAQbbJxiCPwcJCQGBPgGBV4IlgQaDTQGBWxKDDHIBOIQ/ggxDgUqCRDE+gkqBUBWDb4JpgjGBAxShRlKBFwNZLAFVExcLBwWBKUMDKjQVHCNOBTAdgXqDcoU2ghGBXAMDI4MVdRyEbIRVLU+DM4FoHUADC209NxQblWMSJoEqgSWDNYJqJEFPAscOAwQDgjWBZoZdgzGCC5VKM4VakXqTA4NylQwijWOVXoUmAgQCBAUCDwiBfYIAcYM2CUkZD44qGRaDQjPIb3gCOgIHCwEBAwmPaIF/AQE
IronPort-PHdr: A9a23:Mz7YCRVD5WSKjC9nUQshk6QGeavV8KytVDF92vMcY89mbPH6rNzra VbE7LB2jFaTANuIo/kRkefSurDtVSsa7JKIoH0OI/kuHxNQh98fggogB8CIEwv8KvvrZDY9B 8NMSBlu+HToeVMAA8v6albOpWfoqDAIEwj5NQ17K/6wHYjXjs+t0Pu19YGWaAJN11/fKbMnA g+xqFf9v9Ub07B/IKQ8wQebh3ZTYO1ZyCZJCQC4mBDg68GsuaJy6ykCntME2ot+XL/hfqM+H 4wdKQ9jHnA+5MTtuhSGdgaJ6nYGe0k9khdDAFugjlnwXsLU7i7jk7EjxCmjbfypcakEW2WS4 /k3Uzn0q307MW4l9D/zrJNZp6sC/Q2i8k8aocbeNaHWNKM9QZ3UXM1LaWpkXu1jbRReMJO4X dJMK7MQIucB84Lk+H4rpwKeQiCcWen97BBv30PR/PAk0rUYVlyXghccBMAwslbw69bONbc5Q 8m/85HLxjWcadcL9Gnby4v2bkshs+GRbOpML/XK1HYRPhv9nmSzh8+/BziRzM8I6m6UvsR8d fC+iTMCjAtbnSn16/kWpqDEwaIp7AveqXVCmdYFHt2XFGhlTeT4G84D/zHfNpFxRNslWX0to ish17ka7IayZzNZoHxG7xvWavjCfoSH7zjCDbfMZzlijW9jeLWxigz0/UXzguH/V8zhyF9Rt WIFidjDsHkRygbeotaKUPpz/0qtmH6P2gnf5/sCIBUcm7DSNpghxbA9jNwUt0HCFTXxg0L4k OmdcUBMxw==
X-Talos-CUID: 9a23:4luwJGtIKwL/TS6+0WsWRd1n6IsITUDD1y/MMnSzSnp3cbyPZGaB1IxNxp8=
X-Talos-MUID: 9a23:bp++ggjXsZZr1JpT+o8/1sMpOZlBvZ3pWEI3qL4luMqkKzxwJjKSk2Hi
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-AV: E=Sophos;i="6.15,215,1739833200"; d="p7s'346?scan'346,208,346";a="9791546"
Received: from mail-mtaka28.fraunhofer.de ([153.96.1.28]) by mail-edgeBI195.fraunhofer.de with ESMTP/TLS/TLS_AES_256_GCM_SHA384; 16 Apr 2025 10:38:10 +0200
X-CSE-ConnectionGUID: 93AoSVEHQLefN6AcSHKC8w==
X-CSE-MsgGUID: pS0K6gk7TxGCxUl2fX2qcw==
IronPort-SDR: 67ff6c71_BfUcWr5R5n5Kx1V9jH6MXJZGCqyJdJOl1hFr5jWXR9pQLHb tzK+T1avTPrLEp2SAIOxBU1VqbYpiqTBnL1QwMQ==
X-IPAS-Result: A0DAAABta/9n/3+zYZlaGgEBAQEBAQEBAQEDAQEBARIBAQEBAgIBAQEBSRyBLoFyUgc+Zi6BCIRUg0wDhSyGVoIjOAGcLoJQA1YPAQMBAQEBAQQEAUQEAQGFBwKLKQInOBMBAgEBAgEBAQEDAgMBAQEBAQEBAQEBAQsBAQUBAQECAQEGBYEOE4V7AQyGWwEBAQIBEgsGHQEBFCMBBAsCAQhCAgICLwceAgQOExSCYYIwAw4SEQICAqVzAYFAAoslgTKBAYIMAQEGBATbHxiCPwcJCQGBPgGBV4IlgQaDTQGBWxKDDHIBOIQ/ggxDgUqCRDE+hBoVg2+CaYIxgQMUoUZSgRcDWSwBVRMXCwcFgSlDAyo0FRwjTgUwHYF6g3KFNoIRgVwDAyODFXUchGyEVS1PgzOBaB1AAwttPTcUG5VjEiaBKoElgzWCaiRBTwLHDgMEA4I1gWaGXYMxl1Uzl1STA4NylQwio0GFJgIEAgQFAg8BAQaBfiWBWXGDNk8DGQ+OIQkZFoNCySJFMzwCBwsBAQMJj2iBfQEB
IronPort-PHdr: A9a23:cCIg5RHL9x5tdjZURbbV2Z1Gf29NhN3EVzX9l7I53usdOq325Y/re Vff7K8w0gyBVtDB5vZNm+fa9LrtXWUQ7JrS1RJKfMlCTRYYj8URkQE6RsmDDEzwNvnxaCImW s9FUQwt5CSgPExYE9r5fQeXrGe78DgSHRvyL09yIOH0EZTVlMO5y6W5/JiABmcAhG+Te7R3f jm/sQiDjdQcg4ZpNvQUxwDSq3RFPsV6l0hvI06emQq52tao8cxG0gF9/sws7dVBVqOoT+Edd vl1HD8mOmY66YjQuB/PQBGmylAcX24VwX8qSwLFuTSmW47U6XXmttMt6XamJP30HIA4B2i5y btIEiPu2DsDaRofr0j8g5Utk6EO83fD7xYq483UOcKqCvNfYPLxffYablh7ZtljRyhzW8CYN poQDrNdNv8Hiqz3vntJhCvjDxuKK8S29hhp22H3jJR9jrV/Cj3dzjIiPfZJs0/VvP7nHa0ta eO+zPbO6WjuMdV12gnhs4jaYg0Q+c3SYqltTvT40XE/JiDrzQ+oooj/FDbM0OtcnXS7/ftiC MeIgUQYultcnAKD78prqrXv3ZhJmmudpRVCwKlpA8OUchJwNI3sAN5RrSacL4xsXoY4Tnp1v Dpv0rQdos3TlEkizZ0mw1vad/WkWtLYpBz5XfuXITB2iWgjdL/szxqx8E310uTnTYH0y1dFq CNZj8PB/m4AzR3d68WLC7N9806t1CzJ1lX75PtNPEY0kqTWMdgmxLsxnYAUqkPNAmn9n0Ces Q==
IronPort-Data: A9a23:TNd5rqno28Y1Wr+GZNWbra7o5gwHI0RdPkR7XQ2eYbSJt1+Wr1Gzt xJKUGCEMviPMzake4x0aY6/oEMO75KHzINnG1Zr/y49RFtH+JHPbTi7wugcHM8ywunrFh8PA xA2M4GYRCwMZiaC4E/ra/659CgUOZigHtLUEPTDNj16WThqQSIgjQMLs+Mii+aEu/Dga++2k Y20+pC31GONgWYubzpIsvzb8XuDgdyr0N8mlgxmDRx0lAKG/5UlJMp3Db28KXL+Xr5VEoaSL 87fzKu093/u5BwkDNWoiN7TKiXmlZaLYGBiIlIPM0STqkAqSh4ai87XB9JAAatjsAhlqvgqo Dl7WT5cfi9yVkHEsLx1vxC1iEiSN4UekFPMCSDXXcB+UyQqflO0q8iCAn3aMqVJoc9wOl9j1 cU8JT4rMDmIvMKV6+KkH7wEasQLdKEHPasEv214izzJBvZgT4rKXqPK4tFVxnE8i6iiH96HO pFfOGUpNUuRJUQVZT/7C7pm9AusrmX/dDhRsxSfqK4z7mLa0QlZ2bn2PdGTdMaDWMNVmUiVv CTK8gwVBzlBb4DEkmPYrRpAgMfXpnvYBo0RS4Go2dV6vVnJyFxJERYJAA7TTf6RzxTWt8hkA 0Yd4QIlqa8v+EKvR8PwGRa/pRaspQIRQ9pdFas04RuXx67Qyw2CQHQPQnhAZbQOqMstbT0ny lHPmMnmbRR1q7SRWyfBrr6XpDa7OG4eKmoqaSoNVwBD4tT/rsc0lB2nczp4OPfo1ZikRnSpn GHP9XJhwasWy8VN2b+y4FbHhDyhvN7FQ2bZ+znqY45s1SsgDKaNaZah9F7b6vhNNsCeSFyAt 2IDgM+Q8KYFCpTlqcBHaLll8GiBvq7aYG/vkhR0EoM/9j+g3XemcMoCqHt9PUpleIJMMzPgf EaZ60sb6Y5xLUmaS/Z9Q7uwLMA2konmN9DuDc7PYvR0P5NeSQ6g/QNVX3C24VzDqkYXvJsEC c+pSvr0VXc+IoZ7/QWyXNYYgOMKxDhh5Gb9RqLb7hWA0JjGbVHEVYY1FUa/a94i5oy6oTTlz cpmGOWSwE9hUsn7UDjmwbAOJH9bKEoLJI3EhPFWUsWhIQNWPn4rJNGM4LEmerVgob9fudnJz 0GDRmtz4mf2qizbGDWva35Yd7LkW6hkn087JSABOVWJ2WApR4Sk/IMzVsIQU+E81epByfVUc aE0S/+YCK4SdgWdqiUvU5btiadDKjKpvFuqFAi4amEde5VAeVT4yuX8dFGyyBhUXzuFjupgk biOzQiBfIEiQT5lB8PoaP6C6VO9kHweueBqVXvzPdhhVxTwwbduNhDOoKc7E+MUJTXH4wmq5 QKcLBMbhOvK+qse0t3Cg4KapIaITcp6OGdnHFfg0LXnDhmCo1KfwrJBXt2YIhHbdmf/o5u5a ctvkvrTDfwgnXRxibRaLYpF96wE2obQl+do9Tg8RHTvRHa3O4xkOUiDjJVutLUS57p3ujmWe 0Oo+/sCMJrYJPLVNUMgITQ+ZMu91MAkpCXrwtotKx/E5gtyzqu2YXtPNjbdjR5tDaZHH74k5 cwDu8cmzRO1pTR3E9SBjwFSr3+tKF5ZWYoZl5gqOq3ZoSt19UNzOrnnFT7Q3JGDT/5uI3saC GaYq4SajosN23eYVWQ4EEb8+NZ0hLMMiUhs90ADLVHYoej1rKY78zMJ+AtmUzkP6AtM1t9yH W1ZN0dVA6Gq1BUwjehhW1GcIS1wNCe7yGfQlWRQzHb4SnO2XFPjNGc+YOaB3H4I+lJmIwR0w uuq93bHYx3LIufKwSoAaWx0oafCTPtw1DH4tuKJIsCnJ6Q+MB3Z2vKARGxQsBb2I9IDtGuer 8lQwetAQ6naNykRnq4FN7enxYkgEBCqGEESQNVK3r84ImXHSTTjhRmMMx+Qf+1OFdzr8Gi5K d5kFvhQcxGAiBfUoS0pA4wML4Apm/Rz1t4Je+7oF1UnqJqalCJi67jLxxj9hUgqYtRgqtk8I YXvbAC/EnScqH9Xum3Vpu9GMXqcTfhdQyOkx8Gz0uECN6xbgdFWaUtoj4eF5SSEAjVo7ze/n V3lZZaP68dA1I41vY/nMpsbNjWOMdmpCdi5qlGige9vM+HKH9zF7T4Oi1/dOA9TA7sddvJ3m ZmJs//1xEn1h6k3YU+Ih6i+E7R12uvqUNp1Ks7XKFxorRmGUuLo4DoB/DmcAr5Nm9V/+MKmZ lWZbO2dSN0rYOpelUZlM3VmLxUgCqrJN/aq4Wv3qvmXERES3DDWNN7tpzejcWhfcTROIJHkT BP9v/G1/N1DsYBQH1k+Cup7B4NjakrWMUf8mwYdaRHDZoVwvm6/hw==
IronPort-HdrOrdr: A9a23://T5o6u9Syz1a0v04FN7+TUA7skDftV00zEX/kB9WHVpm62j+v xG+c5xvyMc5wxhO03I5urwXZVoLUmyyXcX2/hyAV7BZmnbUQKTRelfBODZogEIdReRygbGvZ 0NT0F2MqyVMWRH
X-Talos-CUID: 9a23:SXck22+dkuatj5zmV0KVvx9PM8ceTFD99VPdLWnmIG1SaJ6+GUDFrQ==
X-Talos-MUID: 9a23:pE8jqgq/BBQywwMeEFoezylZbOQ27KfxNFAiuoU7v5OKBXZpMCjI2Q==
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-AV: E=Sophos;i="6.15,215,1739833200"; d="p7s'346?scan'346,208,346";a="33433157"
Received: from 153-97-179-127.vm.c.fraunhofer.de (HELO smtp.exch.fraunhofer.de) ([153.97.179.127]) by mail-mtaKA28.fraunhofer.de with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 16 Apr 2025 10:38:09 +0200
Received: from XCH-HYBRID-04.ads.fraunhofer.de (10.225.9.46) by XCH-HYBRID-03.ads.fraunhofer.de (10.225.9.57) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1544.11; Wed, 16 Apr 2025 10:38:09 +0200
Received: from BEUP281CU002.outbound.protection.outlook.com (40.93.77.5) by XCH-HYBRID-04.ads.fraunhofer.de (10.225.9.46) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1544.11 via Frontend Transport; Wed, 16 Apr 2025 10:38:09 +0200
ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=ch1+lDCOeLn9rhae0hccaQRF70SAiDomBoA31EFjCZsoLNpTVyUOM6wmYw+HGHIuI+CLnrhWtcyGDEuOAaSPzes0MhTVuz7rDhYrDFyNyeYrzFkvWXmT72Ej5IRxsQetOLrHflrGctv+GKvJbQDDhcHGEPZcGhE/+TM172ab/9jDX7Nn8ywYFiSMyJ15SitMTcqpJC3GSA0/EzKbjeJVlHjls4Ym1/sEcuB7tMoptbdjZNk0RjADVy1z6SEYFigi11wbb/1Xyp+I96MTJ0WPkzhM7mQPPzaY0VaiuFjPI/Rc0x9DjRIvW+6eqCceYDRjIxt5V/KXrVl4q0+toMbuzA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=M4mqM36thQ8Y7TqXj9Xd64sNtK2Tn8tl6LN7ACa15wk=; b=FQ4tvpEZ8SREvKZjppz2rfvVHqHtPYlyYGKjiqryhVBmA5haCi6y9FsKylenwkDf8JaOcWfMOrfA/JcPjDlkjd9oSsAEH5X1IXAQ0+i/0MQMFHulNtnUs+OK06EGbo+ITy2Ih540WHl3LPGfS6rIHIZpxriBrNdKPV8/qeTo/dAZvtn2TnyecRoJ/6rTNxh0xWfaMXyvT5azZOoma3Xqy8nBD6PSoG5Yixlih7gNqt2uzVNqtE1GlLZNrunjRkZr4bPTVfbz7JP0CaLvjc//iG9bz+YfmEifP7Q0c2yKr7F3K2cEnXlcTKqlLOOp7OJ1EtG4DTdnthOGnYDguCAptA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=aisec.fraunhofer.de; dmarc=pass action=none header.from=aisec.fraunhofer.de; dkim=pass header.d=aisec.fraunhofer.de; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fraunhofer.onmicrosoft.com; s=selector2-fraunhofer-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=M4mqM36thQ8Y7TqXj9Xd64sNtK2Tn8tl6LN7ACa15wk=; b=H+h1+WVaIv9DhMhCZRPwZxlZ1+L1ywi14cq7MMbqH/AX5bzNGO1TOI5vi9Q/596sTszVjJL/kSixCzAbWPkch7nL5E6NKkVt3hzxuY0T6WsuWVApPxYKF+2PclrCm1ng9FtHzyj5MObBWy2EVRDAe/HTN3r48S18XShG4NvDR4c=
Received: from FR2PPF505246CBE.DEUP281.PROD.OUTLOOK.COM (2603:10a6:d18:2::33) by FRYP281MB0191.DEUP281.PROD.OUTLOOK.COM (2603:10a6:d10:8::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8632.36; Wed, 16 Apr 2025 08:38:08 +0000
Received: from FR2PPF505246CBE.DEUP281.PROD.OUTLOOK.COM ([fe80::fd57:1fc0:bd10:c142]) by FR2PPF505246CBE.DEUP281.PROD.OUTLOOK.COM ([fe80::fd57:1fc0:bd10:c142%3]) with mapi id 15.20.8655.022; Wed, 16 Apr 2025 08:38:08 +0000
From: "Bellebaum, Thomas" <thomas.bellebaum@aisec.fraunhofer.de>
To: "bas@cloudflare.com" <bas@cloudflare.com>
Thread-Topic: [TLS] Re: WG Adoption Call for ML-KEM Post-Quantum Key Agreement for TLS 1.3
Thread-Index: AQHbrPJBV3/74HL8TkOCNQdviQ3EgLOlWuuAgAAIB4CAACfpAIAAA5sAgAACX4CAAGPngIAAAmKAgAAEvQA=
Date: Wed, 16 Apr 2025 08:38:07 +0000
Message-ID: <cdd62ba475366ee7cab4397ab377b3fccbcb430a.camel@aisec.fraunhofer.de>
References: <582917A1-F936-4A15-AE9D-342076605BE7@sn3rd.com> <F347DA21-EB06-4FBF-B357-871A0FFA8DB1@sn3rd.com> <Z/7lbXqb8QHruMS2@akamai.com> <05bd6aa6-4b41-4bdc-8875-d380924031cf@cs.tcd.ie> <IA1PR17MB6421EBF2FDA5B4395C92D6D3CDBD2@IA1PR17MB6421.namprd17.prod.outlook.com> <73c3de1d-a9ee-43ee-8a71-ac1fe28ca467@cs.tcd.ie> <IA1PR17MB6421FCBACFA92AF01342D2FDCDBD2@IA1PR17MB6421.namprd17.prod.outlook.com> <c19d4aab928747fc3e702bdad7bf22ddf120ff9f.camel@aisec.fraunhofer.de> <CAMjbhoWMz180cGYrOM8S+KUkEP34rxCVtcw59hMW+vZv-FgCqw@mail.gmail.com>
In-Reply-To: <CAMjbhoWMz180cGYrOM8S+KUkEP34rxCVtcw59hMW+vZv-FgCqw@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: FR2PPF505246CBE:EE_|FRYP281MB0191:EE_
x-ms-office365-filtering-correlation-id: 9ead6759-5c6b-4699-11c7-08dd7cc2036e
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;ARA:13230040|366016|1800799024|376014|4053099003|38070700018;
x-microsoft-antispam-message-info: 4AKQOY43z9nNbzVtmlDcY0IfP5Pl59HJipXjtVdZe+kuuxNp1D6luVgFGjDeXcdaJOtVOQskSKD2WJVlwd0kMRgDDhxmmUg+MCG38UkCCOq3RTI9cz749+FzKo6aPs5lL6ErSeV/XSjetfhhsb/HMr735ckiZg1g0DKP1Le+aC7JxEqpc1uVPCo7eW4JacvHvynSiXLKrAQUiSfgVhtbZOQQYS9EA4pLrpZJWUTwTtEs3FMfBjhx39l9rAyYjCnO4Lv6stN0lHmcUJTU1jrV8tBEEv6FhIgGSGzHLU2x1Sj1HOK+1tU8tnHVVP3nYPkBNZWhiJ+Na8tBRl5IvbopLvlixA4vf6zxfNpWaywPC2cOf5jMijNbhzv07NdL2ZPkDqUT+xy2PnyNa56+R0tExSuc8qseYkAVQF/Wk42h9U6SSPUz/J/lGTZr1HTFWcx0UN0yT3V44s6zZHVbzn1npCu8O9itYmfuQV8NGu4y7rSgh5LV6EsMtIQX/R+CqIVbzm0R5E5v4bxnxXVNURnEG9D71QqBYr7Djd8w4QK/4HJU/SC+0SaiWcvP2J8swHBZ59bKm5LRfh0VkWcbV9UBKAtmhuYsXGKhm8MWaxE/xCJLCyKxh5cpXqWI8UBKZx57BP7BWjAfQwdLQNADnF2ClXJaPhx3Hur0sEnWOShbrTvrAzhFEPqhNp0echLHAofuua23oXqy6j0dgTlIlkbQ6F4S/DCQPauTOZ1DsQuHi7WUW60+E0QYtgP8x9n3XZbTb5oVrjBz/C8+IjlB/s48H0wrO5OnayHGC6IK459TxH7bVA4sFJ1hBBPWfgrHLp34tIP0dc53ZjBf5yCXLM2o5wPpWVwEG/frm+wL+9C4uRCM6FH/uRyBSDjMu4LLeS1BUsK6ng04/etOKVOcX832q0T8/RWFni2Qus9kf0G6Gg5sTAksfA9JqzSeJC3uTMWUbmPd9IR3CFGJoZ17URI8h5nB+PH4/YwQCPSu+OwO8fVGPDQYG+SlL1RO8VwrIjjM1A+IWcXNvRdqrJt1XgB+lZx8tHdWfR6NwqVIC960KmTe4lmXQoCxZ4+d5BD4g12kAY6+9uhheipbBFfst+6FbatWPKwIWxNFrV3DF6LEPKp5cqbbxRrC7wtHO4AVJsWVkEjvkCFy5rw8A8hHeWQ4/1u6glx39pqXB+pNpfD5GRUHilXCrDe6DZM1YhEEpJ//y6TwMGFLI7f1glHs3Wyf6HiTYRVwwBz3SvmYuyiKPCsOgPOXL7LgEGD4VN8EKzFNWxUNNICcB7lFwlYjn2vXoEsv+H4B0t5bOJJGMY4Vp3hJSf9UIqsMCd1j37Mg/z4O2Zht1O/Cj2WS0RerK6ZveFyOF2hiHwCS61yX5pWMQ82hAscrpxM1Ur4p6w0SxZtbn9zm9mXMKGtgf5YxhPfmK33iyEurt+3Tiixsxrh28VDriYsHpoVpJU5IIXsYO0YOh8iRf9clZZShLlgyCc7RuwoNo6BM6b84bF4jYS/AVM8=
x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:FR2PPF505246CBE.DEUP281.PROD.OUTLOOK.COM;PTR:;CAT:NONE;SFS:(13230040)(366016)(1800799024)(376014)(4053099003)(38070700018);DIR:OUT;SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: ZjOtYCckR9LB3FAzE0I0b1xylcQHJDlUIJpxPkmt3BoSniG0owCoqp2T11aQSKzsdPDMj/erbHQi7sE1VN8SyNAyGMy/IUFD8TVB25uhYqI0jHymh+VVEYnLAT5M3CNFxdTWF1SDrVS7bFfHo7+Grzkk36pNiTL3xIxGpfVAR8EAHY3/0h+2Uj/tL4S0YYx0sCI2JUGu3MHFGYIgDLRatc4PQZZA9uxs19ALSWDus+DP7ajssHlupi/+sQjAUV5XalBwOBPBBmsJaLV9lzoyfVqvIF2zflvqCibAW+dqR/SUaNIkLCpS86omTaEcUU78CxaGyDCGbPsU6xumkmVuVkxymBdKzth0b/phnelK8D3UGLhxHI+O+e3xbImbAJSYXA7bjOXLIiOA5iaDEATgW98blFsFDqnskxCtQYk2ov+IVBBO3uVoixJxfUwcXRjEU+Z8o2/5IfUIeqF6NlkYYqfaphHz4IPVUPUezUiYeDD3P6iTFzv3hZEVm/aTF+tXDESZz9kgqrOzuH8Jo3fN5+mQSNvOKIc1kTuZI+bI7PpIAHsC63Xx1kMdBPh3LuJxAopjM8u6ASGsX0xbm4N71VQNc6f77Rc4gZxC0CRLCrbmDlFb1Zp2I0qOrkx3m2o/JE9bg+dRNuBgNlWgXwQsUQxUddqZvKPP+bov7jjCozwYSnezUi9LVQcPa7LTJT9FsRk+OI/jf0jCPbjtqYJebH7mV3iTdTgGxW7QukoRjrkOjKTHNyAXn9S42H/5nZLlEa+hsvlzzcZzwUBIH8igJanBUN5TelSl2b7yMMG3Qbkq4dWRN3rBceBdOm6wRbM7dWXKYbMdMO5MyiZPpQqNGpAA+XFjsIK+4xk7VqAup0Dj/Ao9S4ThSkCEitlFNVNQpjKPkU5JyTpdwEj49Fh6zuxLNAGwSjD/m2wju8yQizVVCokGJAF8Mgn3EabbzTsplHR2kn9gHfZshPOfEhGCnyI7Sinq0MsW0bYtWGIJhEVfx9Uk4cVT28oY5g82ExT57ZGect4PjClDR57xXd8eMJPYxeT2wSH7UDs3jJImYivq/dkqE5ZvpJC9/eHzNyd79BC4i8zyCpef/Rn+yRVDIDD6DqloTRf9q12c+yJSilzAJ2IOjdP6DgdGDMPn6Jjz3+T2rsQPA1SSl6DWntKWZxEQAa5lqcodBsgDdxyUF9b4va9gEvYdOsp/QuwnUEfOsptjhWkk3ylE61lhS/ysCdfs5m6zLT0yY5Pg/kMEPezj6EUu6dinT6eBT0kaEt4xUND5H1r13ZXRDs27a9bqUCa5MvNsi7HslzEidUZZ0osPhPL9vkplx29I034wSPzcInq6MfM3nZeJstxZRrkaqeNIxgDG6MX23Hy36hZir8COLYk6cuQlaIWRag7iacBcxzbESY3gbq4GyjVNbnO4xjsvB6g/jwc+cJDnOvcBhytleiOgN2yJU7eDSGJBFmQVtxXq7uaHP1BDGuX3+S0CJSaQ2hubnb1SAk3OUO24ntSEC6aaFsRAoI01I42HVPAubk+4M5mj+RA87bsjTse4+51P8XqFICB7OxSIWMNEHKTOJLRQUvAPsTsnNGrH423kjAfQ6nNvGRKdfcXM+0rQShImVZ8NKWEmjAHxcxKrQ1s=
Content-Type: multipart/signed; micalg="sha-256"; protocol="application/pkcs7-signature"; boundary="=-ZzHke5shX9HKJmWdbVsT"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: FR2PPF505246CBE.DEUP281.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: 9ead6759-5c6b-4699-11c7-08dd7cc2036e
X-MS-Exchange-CrossTenant-originalarrivaltime: 16 Apr 2025 08:38:07.9175 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: f930300c-c97d-4019-be03-add650a171c4
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: /0BOTUPgpRRYGMpky+z9Jxd/C+iHov8WCD35oh7RboT1ZZ8b7lYs77OiycTZ+MSwccH11O30aOEqCR0VBg+EHc7xDzBFvJF2/e8pNzfQ6TyIj4bnreaRNSUtMFycuNC5
X-MS-Exchange-Transport-CrossTenantHeadersStamped: FRYP281MB0191
X-OriginatorOrg: aisec.fraunhofer.de
Message-ID-Hash: JXNNW53PRU5IUB7WBPAW4K2ALTOZP3JB
X-Message-ID-Hash: JXNNW53PRU5IUB7WBPAW4K2ALTOZP3JB
X-MailFrom: thomas.bellebaum@aisec.fraunhofer.de
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-tls.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: "tls@ietf.org" <tls@ietf.org>, "rsalz=40akamai.com@dmarc.ietf.org" <rsalz=40akamai.com@dmarc.ietf.org>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [TLS] Re: WG Adoption Call for ML-KEM Post-Quantum Key Agreement for TLS 1.3
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/yJmyKydzsMpxgrHqS0wklSJtU70>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Owner: <mailto:tls-owner@ietf.org>
List-Post: <mailto:tls@ietf.org>
List-Subscribe: <mailto:tls-join@ietf.org>
List-Unsubscribe: <mailto:tls-leave@ietf.org>

> This is misleading. There are many implementations of Kyber that require  
> much less memory. See eg [1] from 2019 where Kyber-512 only requires 2736  
> bytes.

Thank you. Somehow I missed this, although the use of a reference implementation seemed suspicious.

> By the way, for key agreement, between keygen and decapsulation, a client  
> only needs to keep around the private key seed (64 bytes).

This actually emphasizes the point.
For any ML-KEM capable device, we are still talking about a minimum RAM of at least two KB (ignoring significant future optimizations). Moreover, much of that memory is unused outside of ML-KEM operations.
Then:

1. The unused memory should suffice to perform X25519, and therefore
2. Limited RAM is quite unlikely to be the bottleneck when choosing between ML-KEM and a hybrid.

-- TBB

v2.30.2 | Report a Bug | By Email | System Status