On Tue, 5 Mar 2024 at 20:12, AJITOMI Daisuke <[email protected]> wrote:
> > I think we should use HPKE until there is reason not to use it. > > I agree. > > Regarding ML-KEM, I was thinking that we should add X-Wing as a PQ/T > Hybrid KEM to the list of COSE-HPKE ciphersuites at first. > > X-Wing: general-purpose hybrid post-quantum KEM > https://datatracker.ietf.org/doc/draft-connolly-cfrg-xwing-kem/ > X-wing is specific to hybrid schemes and it is back-ward compatible with X25519Kyber768Draft00. The COSE and JOSE HPKE specifications can use the above hybrid scheme which is already registered in HPKE IANA registry. -Tiru > > > Daisuke > > > > https://datatracker.ietf.org/doc/draft-connolly-cfrg-xwing-kem/ > > 2024年3月5日(火) 22:32 Orie Steele <[email protected]>: > >> Draft looks very familiar after have spent so much time with HPKE. >> >> And it would be nice to have at least one pq encryption suite on track >> for standardization. >> >> Having different direct mode alg values for ML-KEM and HPKE that are both >> basically telling you to look an enc... Is wasting registry space. >> >> alg: dir, is sufficient. >> >> The documents that register the new enc modes can explain why. >> >> I think it would be better to see ML-KEM suites in HPKE, instead of >> seeing duplicates. >> >> There will also be different security issues, without the HPKE context >> and key commiting, etc... >> >> There will be worse interop with 2 ways to do the same things. >> >> With hydrids on the horizon... it's a mistake to register hydrids >> twice... Once for HPKE and once for standalone. >> >> I think we should use HPKE until there is reason not to use it. >> >> Is this draft motivated by implementers who could not use HPKE? >> >> Are there critical use cases that multiple vendors need to support that >> only work without using HPKE? >> >> OS >> >> On Tue, Mar 5, 2024, 5:34 AM tirumal reddy <[email protected]> wrote: >> >>> We have published a new draft >>> https://www.ietf.org/archive/id/draft-reddy-cose-jose-pqc-kem-00.html, >>> that describes the conventions for using Post-Quantum Key Encapsulation >>> Mechanisms (PQ-KEMs) within JOSE and COSE. Although this mechanism could >>> be used with any PQ-KEM, this document focuses on Module-Lattice-based Key >>> Encapsulation Mechanisms (ML-KEMs). >>> >>> Comments and Suggestions are welcome. >>> >>> -Tiru >>> >>> ---------- Forwarded message --------- >>> From: <[email protected]> >>> Date: Sun, 3 Mar 2024 at 10:32 >>> Subject: New Version Notification for >>> draft-reddy-cose-jose-pqc-kem-00.txt >>> To: Tirumaleswar Reddy.K <[email protected]>, Aritra Banerjee < >>> [email protected]>, Hannes Tschofenig <[email protected]>, >>> Hannes Tschofenig <[email protected]> >>> >>> >>> A new version of Internet-Draft draft-reddy-cose-jose-pqc-kem-00.txt has >>> been >>> successfully submitted by Tirumaleswar Reddy and posted to the >>> IETF repository. >>> >>> Name: draft-reddy-cose-jose-pqc-kem >>> Revision: 00 >>> Title: Post-Quantum Key Encapsulation Mechanisms (PQ KEMs) for JOSE >>> and COSE >>> Date: 2024-03-03 >>> Group: Individual Submission >>> Pages: 16 >>> URL: >>> https://www.ietf.org/archive/id/draft-reddy-cose-jose-pqc-kem-00.txt >>> Status: >>> https://datatracker.ietf.org/doc/draft-reddy-cose-jose-pqc-kem/ >>> HTML: >>> https://www.ietf.org/archive/id/draft-reddy-cose-jose-pqc-kem-00.html >>> HTMLized: >>> https://datatracker.ietf.org/doc/html/draft-reddy-cose-jose-pqc-kem >>> >>> >>> Abstract: >>> >>> This document describes the conventions for using Post-Quantum Key >>> Encapsulation Mechanisms (PQ-KEMs) within JOSE and COSE. >>> >>> About This Document >>> >>> This note is to be removed before publishing as an RFC. >>> >>> Status information for this document may be found at >>> https://datatracker.ietf.org/doc/draft-reddy-cose-jose-pqc/. >>> >>> Discussion of this document takes place on the cose Working Group >>> mailing list (mailto:[email protected]), which is archived at >>> https://mailarchive.ietf.org/arch/browse/cose/. Subscribe at >>> https://www.ietf.org/mailman/listinfo/cose/. >>> >>> >>> >>> The IETF Secretariat >>> >>> >>> _______________________________________________ >>> jose mailing list >>> [email protected] >>> https://www.ietf.org/mailman/listinfo/jose >>> >> _______________________________________________ >> COSE mailing list >> [email protected] >> https://www.ietf.org/mailman/listinfo/cose >> >
_______________________________________________ jose mailing list [email protected] https://www.ietf.org/mailman/listinfo/jose
