**Session Date/Time:** 17 Mar 2025 10:00

# pquip

## Summary
The Pequip meeting covered document status updates, presentations on potential new working group documents related to stateful hash-based signature schemes and HSM adaptation for PQC, and a discussion on efficiency in post-quantum cryptography, leveraging stateful protocols. The meeting also included a presentation and subsequent discussion about the IETF's handling of cryptography and its implications for quantum resilience.

## Key Discussion Points

*   **Document Status:** Update on the terminology, hybrid schemes, hybrid signature spectrum, and post-quantum cryptography for engineers documents.
*   **Hackathon Interoperability Testing:** Jean-Pierre Fizzé presented on recent hackathon activities focused on interoperability between different vendors and crypto libraries, specifically regarding MLDSA, ML-KEM, and SLH-DSA implementations.
*   **PQC Public Side Meeting Summary:** A summary of the PQC public side meeting was presented, covering EU timelines, UK recommendations, discussions on FrodoKEM, NIST standards, and debates on hybrid approaches.
*   **Stateful Hash-Based Signature Schemes:** Tom Meher presented on operational aspects of stateful hash-based signature schemes, highlighting the challenges of key management and reliability in systems requiring long-term key usage.
*   **Adapting HSMs for PQC:** Thiru presented a draft on optimizing PQC integration in constrained HSMs, including seed-based key generation, message digestion for MLDSA, and firmware updates. The suitability of this work within the IETF charter was questioned.
*   **Efficiency in Post-Quantum Cryptography:** Britta presented a strategy used within the MLS working group to achieve post-quantum confidentiality and authenticity efficiently using parallel sessions. It uses PSK drive from post quantum sessions and injects into standard sessions.
*   **Private Key Format Discussion:** Deirdre Connolly presented on the recent decision in the LAMPS working group regarding private key formats for MLDSA and ML-KEM, settling on a choice of seed only, key only or both, within ASN.1 encoding due to legacy implementations.
*   **Critique of IETF Cryptographic Process:** A presentation was given on the IETF's handling of cryptography with a critique of the CFRG and the delays in producing RFCs that are needed for PQC transitions.

## Decisions and Action Items

*   **Stateful Hash-Based Signature Schemes:** Discuss the draft on the mailing list for a month, followed by a call for adoption.
*   **Adapting HSMs for PQC:** Further discussion on the mailing list regarding the scope, content, and potential adoption of the HSM adaptation draft, with consideration of OASIS PKCS11 involvement.
*   **IETF Cryptographic Process:** AD Paul Hoffman will bring the concerns raised in the presentation about IETF cryptographic processes to the IESG retreat.

## Next Steps

*   Authors to address comments and suggestions on the respective drafts received during the meeting and on the mailing list.
*   Continue discussion on the mailing list.