Minutes of the October 1st, 2024 Meeting

[johngray-dev]

Present:
Christopher Wildfeuer, Markku-Juhani Saarinen, Austin Lin, Abel C. H. Chen, James Tung, Daniel Van Geest, Carl Wallace, Julien Prat, Varun Chatterji, Piotr Popis, David Hook, Okubu Tomofumi, Corey Bonnell, John Gray

Welcomed new Members: Varun Chatterji and Piotr Popis

• Varan is working on Faced Based AI (used biometrics to re-compute private keys)
• Peter working at a company called Enigma and working on certificates

Items Discussed:

• Next Hackathon is November 2nd and 3rd. In person in Dublin or Online. John will send out a invite by e-mail.
• Discussed the v4 certificate format. Differences are we have standard algorithms, it is now in DER format and - is used.
• Artifacts should be submitted in a pull request, and use the v4 format
• Did a round table to discuss what we are planning to work on for the next hackathon:

Mike Ounsworth - Automation of Github Repo

John Gray - Work to update Composite Signatures and possibly KEM artifacts

David Hook - Update to the Delta Certificate format to get rid of implicit. Also working on getting BouncyCastle users that make use of external certificates. Submit some artifacts using the external format. Will use a prefix with "external" in the format. The public key would have to be in a separate file (so it can be externally retrieved).

Daniel Van Geest - Not sure if he can attend the hackathon. NIST artifacts are ready. Verified against what David Hook did with Pre-hash. Draft Dilithium certs, use an empty context string or empty?

• Marrku says the standard says the empty String is the default. For interoperability keep the empty String.
• Pre-Hash OIDs - Use case is only CRL's or large exoteric stuff.

Julian Pratt - Working on integrating the new algorithms, hash and sign. Will be able to push artifacts soon.

Varun - Will try to submit artifacts - will test with output from Carl's Rust tool - https://github.com/codespree/quantcrypt. Will at least do KEM and composites. Need them for his own work. Lot of tests in the library. Anyone with experience with Rust, people can join and contribute.

Piotr Popis - Will attend Hackathon in December. Discussed Composite - use internal layer hash. Pure ML-DSA is good since we use internal layer hash. Support that point of view. The _internal functions (using it might be confusing), not supposed to used internal. ACVP test does internal things. Lets hope they publish test vectors. Context String is optional and default - suggestion to put context string.

Felipe Ventura - Not able to be at Hackathon - Might be able to hop in to talk about what we are doing.

Corey Bonnell - He will think about what to do at the Hackathon

James Tung, Abel Chen - We will send new artifacts to the repository.

Christopher Wildfeuer - Will ask if some of his students to attend hackathon. Use of external keys in satellite communications would be extremely useful. We encourage Christopher to submit this to the IETF mailing list.

Carl Wallace - Still in holding pattern for ML-DSA in PQClean or RustCrypto for use in Rust crypto. Once available will submit updated artifacts. Has successfully verified BouncyCastle's SLH-DSA certificates. Will test composite KEM with Varun. Draft composite KEM support is here https://github.com/carl-wallace/kemri_toy/tree/composite.

Additional Discussion (Context Strings)

• Context String of ML-DSA - Context String in a certificate, you don't need to sign it again. Usual way of passing it would be an attribute. Application dependent, say a hard coded string. Kind of like Domain separator. Also Like a shared-secret. If one can present the same data within a certificate, then it makes sense to use it. What about SSL certificates? We don't think this will be used.
• Piotr Popis mentioned ETSI Technical specification 101733 makes use of context string. Maybe take a look there.