Minutes of May 1st Meeting

[johngray-dev]

General Discussion:

• Kyber had fundamental changes proposed this week. Hashes used are changed, but the size of the keys does not change.

• Falcon standardization hasn't started yet. Dilithium will come first.

• The new NIST call for signatures has started. Sounds like they are expecting about 10-20 submissions.

• The standards are going to specify the byte encodings, rather than defining internal ASN.1 structures for the byte formats. That will allow us to continue with encoding the raw bytes into the ASN.1 structures we used for interoperability (either an OCTET STRING or BIT STRING). Some internet drafts have dissected these keys into ASN.1, but that is not the correct way forward.

Pull Requests Discussed:

• Discussed pull request OQS encoding as per IETF116 #44 - Lib OQS has been updated to support Falcon and uses the raw encoding which is wrapped in the Bitstring or OctetString encoding. As mentioned above, this format seems to be the way forward, and this pull request should be merged to our repository.
  Action: Everyone test out pull request artifacts and Merge.
  • (At NCCoE question was asked about new Falcon OIDs), this Merge request was pointed out at the NCCoE and it was noted Open Quantum Safe also added new OIDs for the updated Falcon version. At NCCoE it was agreed to use these new Falcon OIDs for prototype testing. Mike Ounsworth added the new Falcon OIDs in the oid_mapping.md table.
• update using QSC encoding RFCv00 as of IETF116 #43 Generating certificates in QSC RFC's. No one has use that data. This one doesn't seem to be the way forward, so this pull request will not be needed.

OID Mapping Table Updates:

• Updated table with latest OIDs moving forward. The older ones now have strike thru. See oid_mapping.md
• Kyber OIDs - There will be 2 or 3 kyber algorithms selected. Probably 512, 768 and 1024.
  The AES Kyber OIDS will not be going forward. Decided on using the Bouncy Castle OIDs (Thanks David). John Gray updated Kyber-AES with strike-thru to indicate they are not preferred.

Interoperability Testing Formats:

• Catalyst certificate format:

  • Bouncy Castle toolkit has a beta of the Catalyst certificate format. We can add a folder in the artifact format to testing this certificate format. This would allow other vendors to test.

• Becker Guthrie Draft - Had a couple discussions with that team. The purpose is not for certificate discovery. You must already have access to both keys. That draft is going to continue (it was adopted), certificate hash for a reference to each certificate. Originally we thought it was a discovery method for alternate certificate (it is not).

• CMP

  • Java tool for running Java server for CMP. Can this be hosted somewhere for interoperability testing?
  • Make a docker container available, and they have their own instance.
  • Test openQuantumSafe org, has a TLS server. Perhaps they would be able to enhance that to CMP.
    Action: Alexander to talk to Michael Baensch - IBM Cloud is another potential way forward.
    test.openquantumsafe.org

License Discussion:

• No License in the repository - What is the license in the repository? The answer may be the IETF trust. Action Mike Ounsworth to look at other formats. Some discussion on the MIT format. To discuss next month and decide.

New Members:
Emily Ratcliff
IBM systems - Working on a proprietary cryptographic library for about a year old. Would be great to do some interoperability tests using the outputs of this library. Also supports IBM's HSM - NCCoE

Kaori Tanaka - BTQ - Met Hackathon team in Yokohama. She is head of Japan for BTQ technologies and they have been working in Quantum computing industry. They would like to contribute.