Specification for Kyber in GnuPG

Simon Josefsson simon at josefsson.org
Mon May 6 14:49:46 CEST 2024


Werner Koch via Gnupg-devel <gnupg-devel at gnupg.org> writes:

> +  - Prepare fixedInfo as specified above
>  
>    - Compute KEK := multiKeyCombine(eccKeyShare, eccCipherText,
>      mlkemKeyShare, mlkemCipherText, fixedInfo, 256) as defined in
> -    Section [](#KEM-Key-Combiner).
> +    Section [](#kem-key-combiner).

Where is multiKeyCombine defined?  I can't find it in
draft-koch-librepgp-00 nor in your patch.  I'm happy you included the
ciphertext in the combiner, but I'm trying to work out how strong the
binding to the Kyber public key material this has.

Is the source code of the file this patch is against public?  It is
easier to review a patched version of an entire document than a patch
against an unknown file.

/Simon
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 255 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-devel/attachments/20240506/fa652de0/attachment.sig>


More information about the Gnupg-devel mailing list