Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

update MLKEM code points #511

Merged
merged 3 commits into from
Sep 11, 2024
Merged

update MLKEM code points #511

merged 3 commits into from
Sep 11, 2024

Conversation

baentsch
Copy link
Member

@baentsch baentsch commented Sep 7, 2024

Signed-off-by: Michael Baentsch <[email protected]>
@baentsch
Copy link
Member Author

baentsch commented Sep 7, 2024

@bhess -- didn't we agree in #351 that you'd look after this algorithm set wrt code points -- as this basically pertains to Kyber that IBM claims fame for?

If my understanding is incorrect or this no longer holds (which I could understand as the press release is done and you may consider this "mission accomplished"), please let me know and I complete this PR beyond the standardized code points with further code points/OIDs of my choice as necessitated by the change of KATs in open-quantum-safe/liboqs#1899. Otherwise, please amend this PR in completion of open-quantum-safe/liboqs#1899. Thanks for letting me know.

@bhess
Copy link
Member

bhess commented Sep 7, 2024

@baentsch: OIDs for the standards (ML-KEM, ML-DSA, SLH-DSA) are assigned by NIST, see https://csrc.nist.gov/projects/computer-security-objects-register/algorithm-registration.

TLS code points for x25519_mlkem768 and p256_mlkem768 are published here: https://www.ietf.org/archive/id/draft-kwiatkowski-tls-ecdhe-mlkem-01.html#name-iana-considerations.

Signed-off-by: Michael Baentsch <[email protected]>
@baentsch baentsch changed the title update X25519-MLKEM768 code point update MLKEM code points Sep 10, 2024
@baentsch
Copy link
Member Author

Thanks @bhess for the pointers. Without further activity on your side I thus assume you only keep supporting IBM Kyber and not NIST MLKEM. Your review of the PR would be welcome regardless. Now also asking Tresorit (@bencemali) and the IETF hackathon team (@johngray-dev as proxy) for their feedback as to whether (continued) use of their (e.g., BouncyCastle) OIDs is OK as well as Sandbox regarding code points (@thb-sb as proxy).

@baentsch baentsch requested review from bhess, feventura, a user and praveksharma September 10, 2024 09:01
@baentsch baentsch marked this pull request as ready for review September 10, 2024 09:02
@bencemali
Copy link
Contributor

@baentsch, it's ok

Copy link
Member

@bhess bhess left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the update @baentsch. I'll do an accompanying -tracker branch for the upcoming ML-DSA liboqs integration.

We currently don't plan to assign additional OIDs besides the standardized ones.

Is the "share reversal" for x25519_mlkem768 planned as a separate PR?

@baentsch
Copy link
Member Author

Is the "share reversal" for x25519_mlkem768 planned as a separate PR?

I certainly don't plan to include it in this PR. This is only meant to bring CI back to green.

@baentsch baentsch merged commit 8abfecd into main Sep 11, 2024
47 checks passed
@baentsch baentsch deleted the mb-changex25519mlkem768-codepoint branch September 11, 2024 10:39
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Implement new ML-KEM hybrid key exchange in TLS
3 participants