Thanks Brendan, Definite confirmation to rev the draft and get it in line with the NIST draft as soon as that is out.
Can I count on your eyes on the draft once I get an updated version out? Mike Prorock On Thu, Jul 25, 2024 at 4:59 PM Brendan Moran <[email protected]> wrote: > I want to voice my support for draft-ietf-cose-falcon. > > To give some context, constrained devices currently are limited to > ECDSA, EDDSA, or HSS-LMS. For those deploying devices with PQC > support, there is only one option: HSS-LMS. This presents a big > problem: HSS-LMS requires stateful private keys that have race > conditions in backup scenarios. In other words, HSS-LMS is risky but > it's the best option we have. > > I think Falcon would be a much better option for constrained device > code signing. To be clear, what we're discussing here is constrained > devices verifying signatures, with the signers potentially air-gapped, > so side channels & floating point are a non-issue. > > The signature size is smaller than HSS-LMS with an equivalent number > of bits of security and there's no state on the private key. > > This makes Falcon ideal for delivering firmware updates and secure > boot of constrained devices, where the cost of delivering a SPHINCS+ > signature, for example, would be prohibitive. > > Best Regards, > Brendan > > _______________________________________________ > COSE mailing list -- [email protected] > To unsubscribe send an email to [email protected] >
_______________________________________________ COSE mailing list -- [email protected] To unsubscribe send an email to [email protected]
