From 42652e59fd41ae890bb51dcb88742127b6f5a87f Mon Sep 17 00:00:00 2001 From: Aritra Banerjee Date: Tue, 21 May 2024 11:48:04 +0200 Subject: [PATCH] Update draft-ietf-pquip-pqc-engineers.md --- draft-ietf-pquip-pqc-engineers.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/draft-ietf-pquip-pqc-engineers.md b/draft-ietf-pquip-pqc-engineers.md index 6879a13..7836432 100644 --- a/draft-ietf-pquip-pqc-engineers.md +++ b/draft-ietf-pquip-pqc-engineers.md @@ -466,7 +466,7 @@ Any digital signature scheme that provides a construction defining security unde Understanding EUF-CMA security is essential for individual involved in designing or implementing cryptographic systems to ensure the security, reliability, and trustworthiness of digital signature schemes. It allows for informed decision-making, vulnerability analysis, compliance with standards, and designing systems that provide strong protection against forgery attacks. Understanding EUF-CMA security is generally not necessary for developers migrating to using an IETF-vetted post-quantum cryptography (PQC) signature scheme within a given protocol or flow. IETF specification authors should include all security concerns in the 'Security Considerations' section of the relevant RFC and should not assume that implementers are deep experts in cryptographic theory -## Details of FN-DSA, ML-DSA, and SLH-DSA+ {#sig-scheme} +## Details of FN-DSA, ML-DSA, and SLH-DSA {#sig-scheme} ML-DSA [ML-DSA] is a digital signature algorithm (part of the CRYSTALS suite) based on the hardness lattice problems over module lattices (i.e., the Module Learning with Errors problem (MLWE)). The design of the algorithm is based on the "Fiat-Shamir with Aborts" {{Lyu09}} framework introduced by Lyubashevsky, that leverages rejection sampling to render lattice based FS schemes compact and secure. ML-DSA uses uniform distribution over small integers for computing coefficients in error vectors, which makes the scheme easier to implement.