Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Added mention of pure ML-DSA and text about CRLs. #31

Closed
wants to merge 2 commits into from
Closed

Added mention of pure ML-DSA and text about CRLs. #31

wants to merge 2 commits into from

Conversation

csosto-pk
Copy link
Contributor

Added text to mention pure ML-DSA.

Also added text while pure ML-DSA is fine for X.509 and CRLs.

@bwesterb , @seanturner please check.

@csosto-pk csosto-pk mentioned this pull request Oct 3, 2024
Closed
jakemas
jakemas reviewed Oct 3, 2024
View reviewed changes
draft-ietf-lamps-dilithium-certificates.xml Outdated
@@ -119,6 +119,12 @@
<xref target="RFC3279" format="default"></xref> did for classic cryptography and
<xref target="RFC5480" format="default"></xref> did for elliptic curve cryptography.
The private key format is also specified.</t>
<t><xref target="FIPS204" format="default"></xref> defines two versions of ML-DSA, the pure and the
pre-digest version. Only the former is specified for use in this document.
The size of the X.509 content signed in most certificates is small enought to not pose a
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

typo "enough"

bwesterb
bwesterb reviewed Oct 15, 2024
View reviewed changes
draft-ietf-lamps-dilithium-certificates.xml
@@ -119,6 +119,12 @@
<xref target="RFC3279" format="default"></xref> did for classic cryptography and
<xref target="RFC5480" format="default"></xref> did for elliptic curve cryptography.
The private key format is also specified.</t>
<t><xref target="FIPS204" format="default"></xref> defines two versions of ML-DSA, the pure and the
pre-digest version. Only the former is specified for use in this document.
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I propose we remove "The size [...] ML-DSA performance.", and add

Pure ML-DSA (in contrast to SLH-DSA) allows for streaming the message that has to be signed. The only advantage of the pre-digest version, is that it allows a different hash to be used for hashing the message.

Copy link
Contributor Author

@csosto-pk csosto-pk Oct 15, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The pre-digest people do not argue that you cannot stream the message. Their point is that maybe I don't want to stream it to the HSM over its slow bus. I may want to just send the digest of the message and sign that especially if the message will be signed a lot of times. I don't fully buy it, but that is their main argument.

@seanturner
Copy link
Contributor

Where did we end up on this one? Are we going to add some tweaked text?

@csosto-pk
Copy link
Contributor Author

csosto-pk commented Oct 28, 2024
edited
Loading

Give me a little time.

I think we will need HashML-DSA support in our draft although I was against it all along. I recently found out that some HSMs are very much against large MB or even KB size messages.

I am trying to confirm with other vendors to make sure this is not unique to the things I am hearing here and there we will have to tweak the text.

@danvangeest danvangeest mentioned this pull request Oct 29, 2024
Closed
@bwesterb
Copy link
Collaborator

bwesterb commented Dec 4, 2024

Closing this old PR.

@bwesterb bwesterb closed this Dec 4, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jakemas jakemas jakemas left review comments

@seanturner seanturner seanturner left review comments

@bwesterb bwesterb bwesterb left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@csosto-pk @seanturner @bwesterb @jakemas