On Tue, Aug 20, 2024 at 2:31 PM Ilari Liusvaara <[email protected]> wrote:
> On Tue, Aug 20, 2024 at 01:48:41PM -0500, Orie Steele wrote: > > > > > > Current ML-DSA proposal: > > > > > https://datatracker.ietf.org/doc/html/draft-ietf-cose-dilithium-03#name-the-ml-dsa-algorithm-family > > As note, there is potential for some confusion in "ML-DSA Algorithm > Family". > > JWK refers to "cryptographic algorithm family", but the meaning is > rather different, being defined by kind of key used rather than any > algorithmic similarity. ML-DSA belongs to much larger "cryptographic > algorithm family", which includes things like SLH-DSA and FALCON. It > would also include suitably defined pre-quantum algorithms. > > The use of the term is intentionally aligned: https://datatracker.ietf.org/doc/html/rfc7517#section-4.1 https://datatracker.ietf.org/doc/html/draft-ietf-cose-dilithium-03#name-the-ml-dsa-key-type https://datatracker.ietf.org/doc/html/draft-ietf-cose-dilithium-03#appendix-A.1.1 I think you are arguing that "kty" : "ML-DSA" should be "kty: "PQK", so that both ML-DSA and SLH-DSA can use the same kty, just with different algorithms. ... see: https://datatracker.ietf.org/doc/html/draft-ietf-cose-sphincs-plus-04#appendix-A.1.1 ... and then we add some "crv" like property to tell ML-DSA and SLH-DSA apart, like we do for kty OKP and kty EC... I am not in favor of making this change. If any other readers of this list want this change, please let us know. > > > I was hoping we might send the document to WGLC, and make some final > > adjustments to test vectors, as soon as a good non -ipd version emerges > > that I can use to generate examples. > > You mean implementation, right? > > And one does not need to care about performance (unless it is something > ridiculous) or side channel attacks in suff like this... > Yes, I meant implementation. If you have an implementation, I am happy to add it to the implementation report as well. I have one that I am waiting to update. > > > > > -Ilari > > _______________________________________________ > jose mailing list -- [email protected] > To unsubscribe send an email to [email protected] > -- ORIE STEELE Chief Technology Officer www.transmute.industries <https://transmute.industries>
_______________________________________________ jose mailing list -- [email protected] To unsubscribe send an email to [email protected]
