Re: [pqc-forum] Abridged summary of pqc-forum@list.nist.gov - 7 updates in 4 topics

141 views
Skip to first unread message

Tushar Patel

unread,
Sep 10, 2024, 9:01:36 AM9/10/24
to pqc-...@list.nist.gov
A suggestion for embedded systems would be to enforce ACVTS, in this case all testing will be online and prevents the need for storing any vectors, or alternatively use a device specific storage scheme so that systems cannot mimic the results, wish we could design processor if  or device id specific vectors.

Even if they are not networked they can support it through the low level firmware, processor bridge, JTAG, etc., and requiring an approved ACTVS intermediary.



On Tue, Sep 10, 2024 at 5:25 AM <pqc-...@list.nist.gov> wrote:
Sofia Ramirez <sofarm...@gmail.com>: Sep 10 12:50AM -0700

Hi all,
 
For FIPS 204 (level 5) the size of public key, secret key and signature are
about 12KB in total. For KAT on a embedded system, it needs to store at
lease these amounts as test vectors! ...more
Stephan Mueller <smue...@chronox.de>: Sep 10 06:57AM -0500

Am Dienstag, 10. September 2024, 02:50:27 GMT-5 schrieb Sofia Ramirez:
 
Hi Sofia,
 
> However, memory resources in embedded system are often limited. Do you have
> any suggestion or best practices ...more
Scott Fluhrer (sfluhrer) <sflu...@cisco.com>: Sep 10 12:09PM

And, instead of storing the expected signature for the KAT, would it be sufficient to store the (approved) hash of that signature?
 
With that and Stephan's suggestion (and with the message being ...more
Stephan Mueller <smue...@chronox.de>: Sep 10 07:15AM -0500

Am Dienstag, 10. September 2024, 07:09:14 GMT-5 schrieb 'Scott Fluhrer
(sfluhrer)' via pqc-forum:
 
Hi Scott,
 
> And, instead of storing the expected signature for the KAT, would it be ...more
D. J. Bernstein <d...@cr.yp.to>: Sep 10 07:46AM +0200

We have run CAT to obtain high-assurance predictions for the cost of
various non-quasi-cyclic ISD attacks against the following parameters:
 
* (24646,134), as in attacking BIKE-1 messages. ...more
Moody, Dustin (Fed) <dustin...@nist.gov>: Sep 09 05:58PM

Everybody,
 
NIST is planning for our 6th PQC Standardization Conference. The tentative dates will be September 24-26, 2025, and the conference will be held at NIST. We will announce further ...more
ahmed alotaibi <alou...@gmail.com>: Sep 09 09:28AM -0700

Hello,
 
I am researching lattice-based cryptography and fully homomorphic
encryption, and I have a question regarding the use of prime numbers in
these systems.
 
Specifically, I am interested ...more
You received this digest because you're subscribed to updates for this group. You can change your settings on the group membership page.
To unsubscribe from this group and stop receiving emails from it send an email to pqc-forum+...@list.nist.gov.

COSTA Graham

unread,
Sep 10, 2024, 9:14:42 AM9/10/24
to Tushar Patel, pqc-...@list.nist.gov

THALES GROUP LIMITED DISTRIBUTION to email recipients

 

I don’t think this works if you were to pursue FIPS 140.  The logic related to performing the KAT needs to be within the boundary of the module.  For ACVTS, the logic dictating pass or fail is an external dependency.

 

I endorse the suggestions made by Stephan and Scott.

--
You received this message because you are subscribed to the Google Groups "pqc-forum" group.
To unsubscribe from this group and stop receiving emails from it, send an email to pqc-forum+...@list.nist.gov.
To view this discussion on the web visit https://groups.google.com/a/list.nist.gov/d/msgid/pqc-forum/CAE3Q5jfoCF%2BF1RYa%2B3fkOV3_rRx04sYCZUhnrGrvTN-Ok_Q7sw%40mail.gmail.com.

Reply all
Reply to author
Forward
0 new messages