cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Caute_cautim
Community Champion

TLS v1.3 for PQC

Hi All

 

What's the issue?
Everything in TLS, including versions 1.2 and 1.3 is sent using data records with a limit in size. That limit was established long ago, but PQC algorithms may have larger public key sizes and cyphertexts. So, a modification to TLS1.3 might be needed to allow for larger data records.

The discussion section of the "Hybrid key exchange in TLS 1.3" draft RFC (https://lnkd.in/da5vbMac, draft-ietf-tls-hybrid-design-09) by Douglas Stebila, Scott Fluhrer and Shay Gueron explains that, although some post-quantum KEMs have larger public keys and/or ciphertexts (Classic McEliece's smallest parameter set has public key size 261,120 bytes), all defined parameter sets for Kyber have public keys and ciphertexts that fall within the TLS constraints (2^16-1 bytes).

 

Regards

 

Caute_Cautim

1 Reply
Early_Adopter
Community Champion

Need to get my TLS OOB ready for PQC or my TLAs might require LMW and my data be SOI just as my CEO goes AFK!

Once the business lingo is fixed with the bigwigs I can have a nice leisurely digest of Pot Quantum Cryptography via the Request For Comments… 😛