[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [pkcs11] 'Hash then Sign' Discussions
There has been discussion in the KMIP TC regarding various PQC topics including some material from KMIP members who are participating in some of the discussions regarding the NCCoE PQC Migration project and whether the analysis document would be available to the TC at some point soon or as some suspect to be issued as a NIST publication.
After the meeting in January Judith Furlong (KMIP TC Co-Chair) circulated a list of threads that had relevant information on the "hash then sign" discussions which have been happening on the NIST PQC Forum and within the IETF.
I confirmed with Judy at this week's KMIP TC meeting that these were public discussions and that these could also be circulated to the members of the PKCS#11 TC.
Thanks Greg, this is really helpful.
I conclude from this that:
We'll probably need that for XMSS as well, and we probably need a multi-part change for HSS (same issue).
I see a couple of ways of solving this:
Pre 3.0, we would be restricted to 2 or 3. Adding the function does generate some questions, though:
The link for the message sent to the KMIP reflector is https://www.oasis-open.org/apps/org/workgroup/kmip/email/archives/202301/msg00005.html
If for some reason you are not able to access this link, I have duplicated the message at the end of this email.
Greg==
Subject: 'Hash then Sign' Discussions
- From: "Furlong, Judith" <Judith.Furlong@dell.com>
- To: kmip <kmip@lists.oasis-open.org>
- Date: Sat, 14 Jan 2023 01:23:08 +0000
At yesterdayâs KMIP TC meeting I mentioned Iâd send out links to some of the âHash then Signâ discussions associated with the PQC algorithms that have been happening on the NIST PQC Forum and within the IETF.ÂNIST PQC Forum
- Integration of Post-Quantum Signatures
- Design rationale for keyed message digests in SPHNICS+, Dilithium, FALCON? [cross with IETF CFRG]
- Whether to hash-then-sign with Dilithium and Falcon? [cross with IETF CFRG]
- Parameter selection for the selected algorithms
ÂIETF Crypto Forum Research Group (CFRG) has had several long email discussions on the topic
- Whether to hash-then-sign with Dilithium and Falcon? [cross with NIST PQC Forum and IETF LAMPS]
- Design rationale for keyed message digests in SPHNICS+, Dilithium, FALCON? [cross with NIST PQC Forum]
ÂIETF (Limited Additional Mechanisms for PKIX and SMIME (LAMPS)
- Whether to hash-then-sign with Dilithium and Falcon? [cross with IETF CFRG]
- How do we plan to solve the hash-then-sign paradigm in Dilithium, Falcon and Sphincs+)
ÂJudyÂJudith FurlongSenior Distinguished Engineer, SecurityDell Technologies | ISG Chief Technology and Innovation OfficeOffice:Â +1-774-350-6287Â
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]