On Tue, Mar 05, 2024 at 05:03:23PM +0530, tirumal reddy wrote: > We have published a new draft > https://www.ietf.org/archive/id/draft-reddy-cose-jose-pqc-kem-00.html, that > describes the conventions for using Post-Quantum Key Encapsulation > Mechanisms (PQ-KEMs) within JOSE and COSE. Although this mechanism could > be used with any PQ-KEM, this document focuses on Module-Lattice-based Key > Encapsulation Mechanisms (ML-KEMs). > > Comments and Suggestions are welcome.
I can't make heads or tails of how this is supposed to work. Whatever it is, it would certainly fail to be fully-specified. Moreover, I don't think it complies with JWE either. The way KEMs operate is extremely similar to how ECDH-ES works. So the way to add KEMs is to copy ECDH-ES (fully specified if needed) and make small modifications required for it to work. The two main modifications compared to ECDH-ES are: 1) The shared secret is generated by encapsulation/decapsulation instead of ECDH operation. 2) New header parameter for KEM ciphertext, as it is octet string and not a key. The usual KDF structuctures of COSE/JOSE could be reused as-is. However, for COSE, if HPKE ends up binding alg from one layer higher, then it would make sense to do that here too (and if doing fully-specified ECDH-ES, there too). > ---------- Forwarded message --------- > From: <[email protected]> > Date: Sun, 3 Mar 2024 at 10:32 > Subject: New Version Notification for draft-reddy-cose-jose-pqc-kem-00.txt > To: Tirumaleswar Reddy.K <[email protected]>, Aritra Banerjee < > [email protected]>, Hannes Tschofenig <[email protected]>, > Hannes Tschofenig <[email protected]> > > > A new version of Internet-Draft draft-reddy-cose-jose-pqc-kem-00.txt has > been > successfully submitted by Tirumaleswar Reddy and posted to the > IETF repository. > > Name: draft-reddy-cose-jose-pqc-kem > Revision: 00 > Title: Post-Quantum Key Encapsulation Mechanisms (PQ KEMs) for JOSE and > COSE -Ilari _______________________________________________ jose mailing list [email protected] https://www.ietf.org/mailman/listinfo/jose
