Markdown Version | Session Recording

Session Date/Time: 17 Mar 2025 10:00

pquip

Summary

The Pequip meeting covered document status updates, presentations on potential new working group documents related to stateful hash-based signature schemes and HSM adaptation for PQC, and a discussion on efficiency in post-quantum cryptography, leveraging stateful protocols. The meeting also included a presentation and subsequent discussion about the IETF's handling of cryptography and its implications for quantum resilience.

Key Discussion Points

• Document Status: Update on the terminology, hybrid schemes, hybrid signature spectrum, and post-quantum cryptography for engineers documents.
• Hackathon Interoperability Testing: Jean-Pierre Fizzé presented on recent hackathon activities focused on interoperability between different vendors and crypto libraries, specifically regarding MLDSA, ML-KEM, and SLH-DSA implementations.
• PQC Public Side Meeting Summary: A summary of the PQC public side meeting was presented, covering EU timelines, UK recommendations, discussions on FrodoKEM, NIST standards, and debates on hybrid approaches.
• Stateful Hash-Based Signature Schemes: Tom Meher presented on operational aspects of stateful hash-based signature schemes, highlighting the challenges of key management and reliability in systems requiring long-term key usage.
• Adapting HSMs for PQC: Thiru presented a draft on optimizing PQC integration in constrained HSMs, including seed-based key generation, message digestion for MLDSA, and firmware updates. The suitability of this work within the IETF charter was questioned.
• Efficiency in Post-Quantum Cryptography: Britta presented a strategy used within the MLS working group to achieve post-quantum confidentiality and authenticity efficiently using parallel sessions. It uses PSK drive from post quantum sessions and injects into standard sessions.
• Private Key Format Discussion: Deirdre Connolly presented on the recent decision in the LAMPS working group regarding private key formats for MLDSA and ML-KEM, settling on a choice of seed only, key only or both, within ASN.1 encoding due to legacy implementations.
• Critique of IETF Cryptographic Process: A presentation was given on the IETF's handling of cryptography with a critique of the CFRG and the delays in producing RFCs that are needed for PQC transitions.

Decisions and Action Items

• Stateful Hash-Based Signature Schemes: Discuss the draft on the mailing list for a month, followed by a call for adoption.
• Adapting HSMs for PQC: Further discussion on the mailing list regarding the scope, content, and potential adoption of the HSM adaptation draft, with consideration of OASIS PKCS11 involvement.
• IETF Cryptographic Process: AD Paul Hoffman will bring the concerns raised in the presentation about IETF cryptographic processes to the IESG retreat.

Next Steps

• Authors to address comments and suggestions on the respective drafts received during the meeting and on the mailing list.
• Continue discussion on the mailing list.