specify behaviour in light of KEMs with a non-zero failure probability?

lamps-wg / draft-composite-kem

IETF draft specifying PQC composite KEM algorithms for use in X.509 and CMS

Other

6 stars 3 forks source link

specify behaviour in light of KEMs with a non-zero failure probability? #67

Closed ounsworth closed 1 month ago

ounsworth commented 2 months ago

TODO: as per https://www.enisa.europa.eu/publications/post-quantum-cryptography-integration-study section 4.2, might need to specify behaviour in light of KEMs with a non-zero failure probability.

ounsworth commented 1 month ago

We probably need to at least mention that decapsulation failure is a possible result of calling CompositeML-KEM.decaps(). Borrow language from, or reference, draft-ietf-lamps-cms-kyber ?