Re: [pqc-forum] Abridged summary of pqc-forum@list.nist.gov - 8 updates in 1 topic

[Tushar Patel]

Though unrelated, there are other challenges relating to using floating point which can be hardware, software, software emulation forcing NIST to then include the specific FPU /IEEE /ISO precision types in CAVP and CMVP and also then a complete new set of requirements on sub components like SSE, AVX versions and also related to complete functionality within Enclaves ( or equivalents like common/approved enclave instruction sets), RTL, etc. Finally, it will be required to validate Software modules to make sure the floating point instructions do not extend beyond the SW or HW license ( my prediction is that we would need to start such testing to prevent future multi year licensing court cases so that business can function with the least IP related stress, slip-ins leading to vulnerabilities ( for lack of a more precise adversarial term) )

On Wed, Sep 10, 2025 at 8:07 PM <pqc-...@list.nist.gov> wrote:

pqc-...@list.nist.gov

Google Groups

Today's topic summary
View all topics

• Query on progress of FN-DSA. - 8 Updates

Query on progress of FN-DSA.

niux_d...@icloud.com: Sep 09 05:31PM +0800 My two cents here:   Make integer/fixed-point arithmetic Gaussian sampler a 'baseline' choice for implementations and specify in sufficient detail for secure and portable implementation. ...more

niux_d...@icloud.com: Sep 10 06:42AM +0800 I guess what I mean is: since we aim for crypto algorithm agility, crypto API agility, we might as well also aim for crypto implementation *technique* agility.   So the disclaimer: I'm not a ...more

dustin...@nist.gov <dustin...@nist.gov>: Sep 10 11:02AM -0700 All,     NIST seeks to make our cryptographic standards as self-contained contained as possible. We are happy to share that for FIPS 206, the draft standard for FN-DSA (Falcon), we have ...more

Sophie Schmieg <ssch...@google.com>: Sep 10 11:50AM -0700 > Cheers, > -markku   > Consider adding support for exp in particular, that is fairly tricky to get right otherwise, unless the spec specifically talks about what algorithm to use to avoid ...more

Sophie Schmieg <ssch...@google.com>: Sep 10 11:58AM -0700 Oh and, div. Basically go through the FN-DSA spec and look at all the floating point operations required that I needed to dust off my old numerical analysis lecture notes for, I'd much rather have ...more

Blumenthal, Uri - 0553 - MITLL <u...@ll.mit.edu>: Sep 10 07:03PM Wouldn't it still be better to ditch the Floating Point?   —   Regards,   Uri   Secure Resilient Systems and Technologies   MIT Lincoln Laboratory   On Sep 10, 2025, at 14:59, 'Sophie Schmieg' ...more

Sophie Schmieg <ssch...@google.com>: Sep 10 12:08PM -0700 Definitely, but at that point you are no longer talking about Falcon. I'm just pointing to the specific, very difficult to implement in constant time, algorithms that are used in the spec. ...more

Blumenthal, Uri - 0553 - MITLL <u...@ll.mit.edu>: Sep 10 08:52PM ZjQcmQRYFpfptBannerEnd   Definitely, but at that point you are no longer talking about Falcon.   I’d rather have a strong and validate-able algorithm/standard, than try to preserve the minutia of ...more

Back to top

You received this digest because you're subscribed to updates for this group. You can change your settings on the group membership page. To unsubscribe from this group and stop receiving emails from it send an email to pqc-forum+...@list.nist.gov.