Hybrid key exchange in Common Criteria and CSfC

40 views

Skip to first unread message

mike...@gmail.com

unread,

8:02 AM (2 hours ago) 8:02 AM

to pqc-forum

While there have been communications about how and when CNSA 2.0 algorithms will be allowed for common criteria and CSfC, I have not seen anything about the inclusion of PQC-related protocol standards. A few of interest include:

RFC 9370 (and related specifications) for IPsec/IKEv2
Hybrid key exchange for TLS (draft)
Post-quantum Hybrid Key Exchange in SSH (draft)

Many companies are pursuing the use of hybrid key exchange methods, at least initially, to address FIPS certification challenges (and other reasons). Going this route will allow companies to accelerate PQC offerings by 1 to 2 years by leveraging existing FIPS certified crypto libraries for the initial key exchange.

Do you expect these protocol standards to be allowed, at least initially, for CNSA 2.0 in common criteria and CSfC? Or stated another way, will anything be included in the requirements that prevent their use for common criteria and CSfC certifications?

Reply all

Reply to author

Forward

0 new messages