Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-64277

oqsprovider provides experimental TLS IDs for ML-KEM

Linking RHIVOS CVEs to...Migration: Automation ...SWIFT: Generate New Ti...SWIFT: POC ConversionSync from "Extern...XMLWordPrintable

    • oqsprovider-0.7.0-2.el10
    • No
    • Moderate
    • 2
    • rhel-security-crypto
    • 21
    • 0
    • QE ack
    • False
    • False
    • Hide

      None

      Show
      None
    • No
    • Crypto24Q4, Crypto25Q1
    • Hide
      • using any algorithm name from openssl list -kem-algorithms list for with the -groups option, with the exception of X25519MLKEM768 and SecP256r1MLKEM768 fails
      • negotiating pure ML-KEM key exchange is not possible with openssl server
      Show
      using any algorithm name from openssl list -kem-algorithms list for with the -groups option, with the exception of X25519MLKEM768 and SecP256r1MLKEM768 fails negotiating pure ML-KEM key exchange is not possible with openssl server
    • Pass
    • Needed
    • Automated
    • Unspecified Release Note Type - Unknown
    • None

      oqsprovider assigned TLS group IDs to all the KEMs it supports:

        mlkem768 @ oqsprovider
  p384_mlkem768 @ oqsprovider
  x448_mlkem768 @ oqsprovider
  X25519MLKEM768 @ oqsprovider
  SecP256r1MLKEM768 @ oqsprovider
  mlkem1024 @ oqsprovider
  p521_mlkem1024 @ oqsprovider
  p384_mlkem1024 @ oqsprovider

      no groups, except X25519MLKEM768, SecP256r1MLKEM768 (and once it's included, SecP384r1MLKEM1024) should have TLS group IDs defined

              hkario@redhat.com Alicja Kario
              hkario@redhat.com Alicja Kario
              Dmitry Belyavskiy Dmitry Belyavskiy
              Alicja Kario Alicja Kario
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated:
                Resolved: