Can we address UEF-CMA issues?

lamps-wg / cms-ml-dsa

ML-DSA in CMS

Other

0 stars 0 forks source link

Can we address UEF-CMA issues? #5

Open danvangeest opened 1 month ago

danvangeest commented 1 month ago

See whole thread: https://mailarchive.ietf.org/arch/msg/spasm/yM8kS1kCoizWCMjS8pdcV3IFaDg/ and https://mailarchive.ietf.org/arch/msg/spasm/uAwmfFDCP2gAggqYSu4ykRCk4mU/

Possible solutions:

(pure) ML-DSA for SignedArtifacts, HashML-DSA for non-signed artifacts.
Use context string, "CMW-with-SignedAttributes" and "CMS-without-SignedAttributes" (see also #2 ).
ML-DSA MUST be used with SignedAttributes.

adam-r-ncsc commented 1 week ago

As discussed in https://github.com/lamps-wg/cms-ml-dsa/pull/6#discussion_r1838288342, if we don't address the issue directly in the draft (as is looking likely), it could be mentioned in the Security Considerations alongside any interim mitigations prior to the issue being addressed for CMS more generally.