Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-64745

Support ML-DSA signatures in TLS in OpenSSL/oqsprovider

Linking RHIVOS CVEs to...Migration: Automation ...SWIFT: Generate New Ti...SWIFT: POC ConversionSync from "Extern...XMLWordPrintable

    • No
    • Low
    • 1
    • rhel-security-crypto
    • ssg_security
    • 26
    • 1
    • QE ack
    • False
    • False
    • Hide

      None

      Show
      None
    • No
    • Crypto25Q1
    • Hide

      AC1: using openssl tools it's possible to generate ML-DSA keys (ML-DSA-44, ML-DSA-65, and ML-DSA-87), the generated PEM files use NIST OIDs
      AC2: using openssl tools it's possible to create certificates that include ML-DSA keys and ML-DSA signatures.
      AC3: openssl is able to use ML-DSA certificates in TLS, as specified in the draft-tls-westerbaan-mldsa-00, both for server and client authentication

      Show
      AC1: using openssl tools it's possible to generate ML-DSA keys (ML-DSA-44, ML-DSA-65, and ML-DSA-87), the generated PEM files use NIST OIDs AC2: using openssl tools it's possible to create certificates that include ML-DSA keys and ML-DSA signatures. AC3: openssl is able to use ML-DSA certificates in TLS, as specified in the draft-tls-westerbaan-mldsa-00, both for server and client authentication
    • None
    • Needed
    • Automated
    • Unspecified Release Note Type - Unknown
    • None

      OpenSSL/oqsprovider should support ML-DSA signatures in TLS.

      https://github.com/bwesterb/tls-mldsa

              hkario@redhat.com Alicja Kario
              hkario@redhat.com Alicja Kario
              Dmitry Belyavskiy Dmitry Belyavskiy
              Alicja Kario Alicja Kario
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Created:
                Updated:
                Resolved: