Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-131258

Implement and test support for composite (classical + PQ) signatures

Linking RHIVOS CVEs to...Migration: Automation ...SWIFT: POC ConversionSync from "Extern...XMLWordPrintable

    • Icon: Epic Epic
    • Resolution: Unresolved
    • Icon: Undefined Undefined
    • None
    • None
    • None
    • Implement and test support for composite (classical + PQ) signatures
    • None
    • None
    • None
    • False
    • False
    • Hide

      None

      Show
      None
    • None
    • None
    • None
    • None
    • Unspecified
    • Unspecified
    • Unspecified
    • None

      Description

      Since we are still skeptical about PQ algorithms that have not been battle tested, composite signatures have been proposed and defined as layered cryptographic algorithms that use both classical and PQ layers, and the whole thing needs to be broken to access the data. The exact definition is on its way to being published: https://datatracker.ietf.org/doc/draft-ietf-lamps-pq-composite-sigs/

      Once the standard has been specified, it will need to be implemented in cryptographic libraries, on the Signing Server.

      What SSTs and Layered Product teams should review this?

      Signing Server
      redhat-release
      OpenSSL
      nss
      pesign

              Unassigned Unassigned
              oksenzov@redhat.com Olga Ksenzova
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated: