We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Prepare a proposal for Option 2a from https://mailarchive.ietf.org/arch/msg/openpgp/NMTCy707LICtxIhP3Xt1U5C8MF0/ with the additions that
i.e.
KDF ( mlkemSS || tradSS || tradCT || tradPK || mlkemCT || mlkemPK || algid || "OpenPGP" )
At the same time propose to drop the final hashing step (introduced for CCA conversion) in the encap/decap of X25519 and X448 and adopt the corresponding reasoning in https://eprint.iacr.org/2024/039 in the security considerations. This further aligns with https://datatracker.ietf.org/doc/draft-ietf-lamps-pq-composite-kem/.
The text was updated successfully, but these errors were encountered:
Successfully merging a pull request may close this issue.
Prepare a proposal for Option 2a from https://mailarchive.ietf.org/arch/msg/openpgp/NMTCy707LICtxIhP3Xt1U5C8MF0/ with the additions that
i.e.
KDF ( mlkemSS || tradSS || tradCT || tradPK || mlkemCT || mlkemPK || algid || "OpenPGP" )
At the same time propose to drop the final hashing step (introduced for CCA conversion) in the encap/decap of X25519 and X448 and adopt the corresponding reasoning in https://eprint.iacr.org/2024/039 in the security considerations. This further aligns with https://datatracker.ietf.org/doc/draft-ietf-lamps-pq-composite-kem/.
The text was updated successfully, but these errors were encountered: