Automatic IETF Minutes

Markdown Version | Session Recording

Session Date/Time: 19 Mar 2024 07:30

# pquip

## Summary

The pquip working group meeting covered several topics related to post-quantum cryptography. Presentations included updates on the "PQC for Engineers" draft, the "Terminology" draft, the "Signature Spectrum" draft, and a "Post Quantum Migrations" draft. The meeting concluded with a discussion on hybrid signature schemes and potential standardization efforts.

## Key Discussion Points

*   **PQC for Engineers Draft:** Updates since IETF 118 include signature sizes for LMS schemes, clarification on cipher commitment in canVAS Diffie-Hellman, and name changes to ML-KEM/ML-DSA.
*   **Terminology Draft:** Working group last call revealed that the draft needs further work. Key considerations include the timing of publication relative to NIST's draft, the definition of "composite," and the specific terms to be included.
*   **Signature Spectrum Draft:** The draft is being updated based on feedback and a new version will be available soon.
*   **Post Quantum Migrations Draft:** The document aims to create a taxonomy of use cases and approaches for post-quantum crypto. It is currently focused on digital signatures. The chairs requested feedback on the draft.
*   **Stateful Hash-Based Signature Schemes:** Discussion on operational considerations for stateful hash-based signatures focusing on the challenges of managing state and ensuring reliable deployments and backups.
*   **Hybrid Signature Schemes:** In depth discussion of composite, unlinked multiple signatures, linked multiple signatures and counter signatures, and how they relate to existing RFCs. Security properties of each was explored.
*   **Standardization:** Explored potential benefits and drawbacks of standardization, including the potential for interoperability and the impact on combinatorics. There was a call for protocols to define their required security properties for hybrid schemes.
*   **Security Properties:** The working group agreed that it is essential to understand the security properties that IETF protocols need from hybrid schemes.

## Decisions and Action Items

*   **Terminology Draft:** Update the draft based on the working group last call comments and other comments on the list and present the draft at the April interim meeting.
*   **Steven:** Prime the mailing list with a named anti-pattern relevant to the terminology draft.
*   **Signature Spectrum Draft:** Authors to release a new draft incorporating feedback and trigger an adoption call.

## Next Steps

*   Continue discussion on the mailing list regarding the "PQC for Engineers" draft.
*   Update and continue discussion of terminology draft.
*   New draft of signature spectrum.
*   The Working Group will have 1 or 2 interims in the coming months before the next IETF meeting. The dates and times will be discussed on the list.
*   The Open PGP working group will discuss hybrid signatures.
*   Protocols should state required security properties.