Minutes of the February 6th Meeting

[johngray-dev]

Minutes from February 6th Meeting

• Welcomed Julien Prat to the meeting.
• Asked who is planning to attend the 116 hackathon in person:
  • John, Mike O, Corey, Tomofumi, Alexander (possible).
  • Virtual: Carl, Julian, Pat, others

Round Table:

Alexander - Key Serialization Format Questions: The QSC draft (https://datatracker.ietf.org/doc/html/draft-uni-qsckeys-00.html) is now split into 4 drafts (Kyber, SPHINCS+, Dilithium and Falcon). The original draft was presented this at lamps IETF 113 and presented by Mike Osborne.

Markku - Has started writing a Falcon draft with the Falcon authors - Not posted yet. Keys and Certs trying to match what is in OQS. and the OIDs need to be decided. Markku mentioned the Falcon team is still working on tweaks to the Falcon algorithm and it doesn't look like it will be compatible with the current Falcon implementation (which is what we all have been using).

Julien Prat - Github repository - Will sent github username. Asked about the concatenation used in OQS. John mentioned the special build Michael Baentsch had completed, and will send information to Julien's. Also will add Julien's username to github.

Max Pala - Not much time to work on stuff - working on the composite with PQC, some internal implementation issue. Some hash-then-sign.

Mike Ounsworth - Working on updating the composite keys, KEMS and signatures. Will post drafts soon and then call for adoption of those drafts.

Corey - Working on an interoperability format python script. A list of all the key algorithm OIDS. A Yes/No is produced if artifact is successfully verified. The output will be in markdown based format. Each implementation produces .csv or .json file. Corey showed us an example of what this will look like. It will provide more granularity on each test result (with either a checkmark in green or an X in red). Looks like great progress!

Tomofumi - Cert binding text, and the Cert binding draft. https://datatracker.ietf.org/doc/draft-becker-guthrie-cert-binding-for-multi-auth/. John to add Tomofumi as a champion.

Felipe is getting close to creating explicit composite, include in OQS provider.

Carl Wallace - Added encoders and decoders for CMS and CMPv2. Will add KEM stuff.

John G - Added Composite Key and Composite Signature OIDs to the oid_mappings.md file. Also mentioned #26 for CMS since the a new KEMRecipientInfo draft is being worked on.

David Hook - Had connection issues, but sent this update: Not sure what I'll do next, there's been a lot of distractions with the JEP which I think are now finished, may go back to composites, should be seeing Russ next week so I may look at CMS again.

Question about explicit composite combinations: Question came up about which SPHINCS+ is being specified since there are 36 variations. We picked one algorithm as using many more would be OID explosion anyway. Likely SPHINCS+-SHA256-128s-simple -as it uses only 7856 byte signatures (The smallest for SPHINCS+).

Current Issues Tracked:
#26 David Hook added some samples. John updated with latest from KEMRecipientInfo which is here: https://www.ietf.org/id/draft-housley-lamps-cms-kemri-00.html
#24 Corey is making great progress as mentioned above
#25 Nothing to update for this one except Alexander is interested in looking at this one.
#14 No updates this week from Michael

NEW Issues
#30 Tomofumi asked to expand scope to include artifacts to support certificate binding. Also the authors of this draft have asked to join the Hackathon as well.

Parked Issues
#3 This one is parked at the moment.