Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support Cryptographic Right Answers Post Quantum Edition (2024) #2315

Open
randomstuff opened this issue Nov 7, 2024 · 7 comments
Open

Support Cryptographic Right Answers Post Quantum Edition (2024) #2315

randomstuff opened this issue Nov 7, 2024 · 7 comments
Assignees
@danielcuthbert
Labels
1) Discussion ongoing Issue is opened and assigned but no clear proposal yet enhancement V6 _5.0 - prep This needs to be addressed to prepare 5.0

Comments

@randomstuff
Copy link
Contributor

randomstuff commented Nov 7, 2024
edited
Loading

Many things not mentioned in the Support Cryptographic Right Answers Post Quantum Edition (2024) post are not mentionned in the crypto appendix.

For example:

  • ML-DSA-, Falcon-, Ed25519
  • ML-KEM-
  • X25519
  • XSalsa20

Should these at least be mentioned as "approved"?

This is relevant for post quantum cryptography support.

Disclaimer: I don't know much about these.

Other topics

  • Random IDs Use 256-bit random numbers → at least for L3, the length requirements should probably be upped when possible.

Possibly other things to consider, I've only skimmed the post for now.

Topic What is in the document What we have Comments
Encrypting Data XSalsa20+Poly1305 ChaCha20 Mention Salsa20, XSalsa20, XChaCha20? Mention Poly1305 in the MAC section?
Symmetric key length 256 bit keys 128 bits / 112 bits Should we increase the 128/112 bits at least for L3?
Hashing Algorithm SHA-2 SHA-2, etc. OK
Symmetric “Signatures” HMAC HMAC, etc . OK
Random IDs 256 bit We talk about UUID Explicitely increase this value (for L2? L3?)
Password Handling argon2id, scrypt, bcrypt, PBKDF2 OK
Key Exchange X25519+ML-KEM-768 or P256+ML-KEM-768 DH including Curve25519 Shall we add ML-KEM-768 somewhere?
Asymmetric Signatures Nacl, Ed25519, Ed25519+ML-DSA-65, P256+ML-DSA-65 Add ML-DSA-65?
@randomstuff
Copy link
Contributor Author

Related to #2293

@danielcuthbert
Copy link
Collaborator

Good catch and ill add this to my sprint

@danielcuthbert danielcuthbert self-assigned this Nov 7, 2024
@tghosth tghosth added 1) Discussion ongoing Issue is opened and assigned but no clear proposal yet _5.0 - prep This needs to be addressed to prepare 5.0 labels Nov 7, 2024
@tghosth
Copy link
Collaborator

tghosth commented Nov 7, 2024

@randomstuff is this for the appendix or for the chapter itself?

@randomstuff
Copy link
Contributor Author

The list of ciphers and other cryptographic mechanisms would be for the appendix. Other considerations might motivate changes in the crypto requirements (eg. the random ID thing).

@danielcuthbert danielcuthbert mentioned this issue Nov 13, 2024
Open
@danielcuthbert
Copy link
Collaborator

Amended 6.9.1 to be more reflective of current efforts in the PQC space. #2371
The random ID one still needs to be looked into further

@randomstuff
Copy link
Contributor Author

@danielcuthbert, Does it make it sense to include references to ML-DSA-, Falcon-, ML-KEM-, XSalsa20 in the allowed mechanisms?

@randomstuff
Copy link
Contributor Author

Updated the issue description with a table recapitulating the content of the the post compared to what we have.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@danielcuthbert danielcuthbert

Labels
1) Discussion ongoing Issue is opened and assigned but no clear proposal yet enhancement V6 _5.0 - prep This needs to be addressed to prepare 5.0
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@randomstuff @danielcuthbert @tghosth