proposal: crypto/tls: add support for NIST curve based ML-KEM hybrids #71206
Labels
Milestone
Comments
ianlancetaylor
added
the
Proposal-Crypto
|
CC @golang/security |
|
We were planning to ship at least the P-256 one in #69985, but with all the noise around making backwards incompatible changes to draft-kwiatkowski-tls-ecdhe-mlkem, we ended up shipping only the X25519 one, which at least has a large deployed base to hopefully protect it from changes. |
|
Related Issues (Emoji vote if this was helpful or unhelpful; more detailed feedback welcome in this discussion.) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Proposal Details
The current version of the draft-kwiatkowski-tls-ecdhe-mlkem draft includes two hybrid ML-KEM groups that use NIST curves:
As explained in the draft, they are interesting for environments that require compliance, either with FIPS in general, or with higher security standards, like the Common Criteria Protection Profile v4.3 or CNSA 2.0.
I'd like to ask for their inclusion in a future Go release.
The text was updated successfully, but these errors were encountered: