Support Cryptographic Right Answers Post Quantum Edition (2024) #2315
Description
Many things not mentioned in the Support Cryptographic Right Answers Post Quantum Edition (2024) post are not mentionned in the crypto appendix.
For example:
- ML-DSA-, Falcon-, Ed25519
- ML-KEM-
- X25519
- XSalsa20
Should these at least be mentioned as "approved"?
This is relevant for post quantum cryptography support.
Disclaimer: I don't know much about these.
Other topics
- Random IDs Use 256-bit random numbers → at least for L3, the length requirements should probably be upped when possible.
Possibly other things to consider, I've only skimmed the post for now.
| Topic | What is in the document | What we have | Comments |
|---|---|---|---|
| Encrypting Data | XSalsa20+Poly1305 | ChaCha20 | Mention Salsa20, XSalsa20, XChaCha20? Mention Poly1305 in the MAC section? |
| Symmetric key length | 256 bit keys | 128 bits / 112 bits | Should we increase the 128/112 bits at least for L3? |
| Hashing Algorithm | SHA-2 | SHA-2, etc. | OK |
| Symmetric “Signatures” | HMAC | HMAC, etc . | OK |
| Random IDs | 256 bit | We talk about UUID | Explicitely increase this value (for L2? L3?) |
| Password Handling | argon2id, scrypt, bcrypt, PBKDF2 | OK | |
| Key Exchange | X25519+ML-KEM-768 or P256+ML-KEM-768 | DH including Curve25519 | Shall we add ML-KEM-768 somewhere? |
| Asymmetric Signatures | Nacl, Ed25519, Ed25519+ML-DSA-65, P256+ML-DSA-65 | Add ML-DSA-65? |