Closed rjzak closed 1 year ago
We eventually proposed 4 different sections in the list of algorithms
required (rsa_*_2048_sha256, rsa_*_3072_sha384, rsa_*_4096_sha512, *sha*, *aes*)
recommended (chachapoly, other rsa options, secp256k1, p256, p384, x25519 & ed25519 should be there, they are all required by TLS 1.3)
optional (curve448, xoodyak, kyber)
reserved (xchachapoly, aegis, aes-cbc, aes-gcm-siv, aes-siv, cshake, kmac, whatever we think people may need)
Isn't Ed25519 FIPS compliant now?
In addition, we are adding new elliptic curve signature algorithms (deterministic
ECDSA and EdDSA) and new elliptic curves (Edwards25519 and Edwards448).
(and: https://csrc.nist.gov/News/2017/Transition-Plans-for-Key-Establishment-Schemes )
Also, what document mentions that elliptic curves have been removed from FIPS?
https://csrc.nist.gov/csrc/media/publications/fips/140/2/final/documents/fips1402annexa.pdf still refers to ECDSA and https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf (which documents p256, p384, p521).
@jedisct1 It was added in the FIPS 186-5
draft. However, it remains to be seen if it will be added in the released edition.
@jedisct1 Further, numerous organizations will be governed by 186-4
for years to come. Not all institutions adopt the new standards immediately.
- Which Kyber to list? https://pq-crystals.org/kyber/ And how is it stored?
NSA Suite 2 says that Level V parameters should be used for all classification levels, so it should be Kyber-1024.
Encoding should only be raw
for now until the specification is finalized.
- Could some of the blanks be filled in? I don't know how a lot of these algorithms work or how the data is represented.
Most of these are symmetric algorithms, not signature algorithms, so this is irrelevant.
The main table I was suggesting to update with the different tiers is this one, not the one with encodings for signature systems.
Gimme a sec, I'm going to suggest a change to your PR
Is what you were thinking @npmccallum @jedisct1? Which algorithms should be in which section?
Signed-off-by: Richard Zak richard@profian.com