https://community.isc2.org/t5/Tech-Talk/TLS-v1-3-for-PQC/m-p/66593#M4258 <P>Hi All</P><P>&nbsp;</P><P><SPAN class=""><SPAN>What's the issue?<BR />Everything in TLS, including versions 1.2 and 1.3 is sent using data records with a limit in size. That limit was established long ago, but PQC algorithms may have larger public key sizes and cyphertexts. So, a modification to TLS1.3 might be needed to allow for larger data records.<BR /><BR />The discussion section of the "Hybrid key exchange in TLS 1.3" draft RFC (<A href="https://lnkd.in/da5vbMac" target="_self">https://lnkd.in/da5vbMac</A>, draft-ietf-tls-hybrid-design-09) by <A href="https://www.linkedin.com/in/ACoAAAIwv0gBY4TCfqto30IMW3fj7-cdlZwIAAU" target="_blank" rel="noopener">Douglas Stebila</A>, <A href="https://www.linkedin.com/in/ACoAAEEIsAIBWhcCr955VG_7P5VejMEV29tdtnc" target="_blank" rel="noopener">Scott Fluhrer</A> and <A href="https://www.linkedin.com/in/ACoAAAEMGIgBQdsgldMP3_0AJHLx6M4LU92qsM8" target="_blank" rel="noopener">Shay Gueron</A> explains that, although some post-quantum KEMs have larger public keys and/or ciphertexts (Classic McEliece's smallest parameter set has public key size 261,120 bytes), all defined parameter sets for Kyber have public keys and ciphertexts that fall within the TLS constraints (2^16-1 bytes).</SPAN></SPAN></P><P>&nbsp;</P><P><SPAN class=""><SPAN>Regards</SPAN></SPAN></P><P>&nbsp;</P><P><SPAN class=""><SPAN>Caute_Cautim</SPAN></SPAN></P> Thu, 25 Jan 2024 22:52:28 GMT Caute_cautim 2024-01-25T22:52:28Z https://community.isc2.org/t5/Tech-Talk/TLS-v1-3-for-PQC/m-p/66593#M4258 <P>Hi All</P><P>&nbsp;</P><P><SPAN class=""><SPAN>What's the issue?<BR />Everything in TLS, including versions 1.2 and 1.3 is sent using data records with a limit in size. That limit was established long ago, but PQC algorithms may have larger public key sizes and cyphertexts. So, a modification to TLS1.3 might be needed to allow for larger data records.<BR /><BR />The discussion section of the "Hybrid key exchange in TLS 1.3" draft RFC (<A href="https://lnkd.in/da5vbMac" target="_self">https://lnkd.in/da5vbMac</A>, draft-ietf-tls-hybrid-design-09) by <A href="https://www.linkedin.com/in/ACoAAAIwv0gBY4TCfqto30IMW3fj7-cdlZwIAAU" target="_blank" rel="noopener">Douglas Stebila</A>, <A href="https://www.linkedin.com/in/ACoAAEEIsAIBWhcCr955VG_7P5VejMEV29tdtnc" target="_blank" rel="noopener">Scott Fluhrer</A> and <A href="https://www.linkedin.com/in/ACoAAAEMGIgBQdsgldMP3_0AJHLx6M4LU92qsM8" target="_blank" rel="noopener">Shay Gueron</A> explains that, although some post-quantum KEMs have larger public keys and/or ciphertexts (Classic McEliece's smallest parameter set has public key size 261,120 bytes), all defined parameter sets for Kyber have public keys and ciphertexts that fall within the TLS constraints (2^16-1 bytes).</SPAN></SPAN></P><P>&nbsp;</P><P><SPAN class=""><SPAN>Regards</SPAN></SPAN></P><P>&nbsp;</P><P><SPAN class=""><SPAN>Caute_Cautim</SPAN></SPAN></P> Thu, 25 Jan 2024 22:52:28 GMT https://community.isc2.org/t5/Tech-Talk/TLS-v1-3-for-PQC/m-p/66593#M4258 Caute_cautim 2024-01-25T22:52:28Z https://community.isc2.org/t5/Tech-Talk/TLS-v1-3-for-PQC/m-p/66598#M4259 Need to get my TLS OOB ready for PQC or my TLAs might require LMW and my data be SOI just as my CEO goes AFK!<BR /><BR />Once the business lingo is fixed with the bigwigs I can have a nice leisurely digest of Pot Quantum Cryptography via the Request For Comments… <span class="lia-unicode-emoji" title=":face_with_tongue:">😛</span><BR /> Fri, 26 Jan 2024 01:44:13 GMT https://community.isc2.org/t5/Tech-Talk/TLS-v1-3-for-PQC/m-p/66598#M4259 Early_Adopter 2024-01-26T01:44:13Z