Specification for Kyber in GnuPG
Werner Koch
wk at gnupg.org
Mon May 6 14:59:08 CEST 2024
On Mon, 6 May 2024 14:49, Simon Josefsson said:
> Werner Koch via Gnupg-devel <gnupg-devel at gnupg.org> writes:
>
>> + - Prepare fixedInfo as specified above
>>
>> - Compute KEK := multiKeyCombine(eccKeyShare, eccCipherText,
>> mlkemKeyShare, mlkemCipherText, fixedInfo, 256) as defined in
>> - Section [](#KEM-Key-Combiner).
>> + Section [](#kem-key-combiner).
>
> Where is multiKeyCombine defined? I can't find it in
Line 6133 in the draft I posted today to librepgp-discuss
https://lists.gnupg.org/pipermail/librepgp-discuss/2024/000068.html
> draft-koch-librepgp-00 nor in your patch. I'm happy you included the
> ciphertext in the combiner, but I'm trying to work out how strong the
> binding to the Kyber public key material this has.
That is the same as in draft-wussler-openpgp-pqc-03.txt.
> Is the source code of the file this patch is against public? It is
> easier to review a patched version of an entire document than a patch
> against an unknown file.
git://git.gnupg.org/people/wk/rfc4880bis.git
and take rfc4880bis.md
Shalom-Salam,
Werner
--
The pioneers of a warless world are the youth that
refuse military service. - A. Einstein
-------------- next part --------------
A non-text attachment was scrubbed...
Name: openpgp-digital-signature.asc
Type: application/pgp-signature
Size: 247 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-devel/attachments/20240506/47fdb385/attachment.sig>
More information about the Gnupg-devel
mailing list