Dear all, I have submitted another new draft, called Composite ML-DSA Authentication in the IKEv2.
The basic idea is to collectively introduce a category of hybrid signatures in the IKEv2, by following the 27 variants of composite ML-DSA signatured specified in [draft-ietf-lamps-pq-composite-sigs]. Again, this is also achieve by employing the SUPPORTED_AUTH_METHODS Notify defined in RFC 9539, via adding a new value (15) (TBD) for composite ML-DSA Authentication, as the authentication method in the " IKEv2 Authentication Method" registry, maintained by IANA. It seems better to not directly defining separate authentication methods for all these composite ML-DSA, I think. In this way, the " IKEv2 Authentication Method" registry looks simpler and all of these concrete algorithms will belong to the same category of authentication method. This may help authentication negation in the IKEv2 as well. [draft-ietf-lamps-pq-composite-sigs] M. Ounsworth, M., Gray, J., Pala, M., J. Klaussner, J., and S. S. Fluhrer Composite ML-DSA For use in X.509 Public Key Infrastructure and CMS https://datatracker.ietf.org/doc/draft-ietf-lamps-pq-composite-sigs/. Welcome to comment! Guilin -----Original Message----- From: internet-dra...@ietf.org <internet-dra...@ietf.org> Sent: Tuesday, 4 March 2025 6:40 am To: Wang Guilin <wang.gui...@huawei.com>; Wang Guilin <wang.gui...@huawei.com> Subject: New Version Notification for draft-wang-ipsecme-composite-mldsa-auth-ikev2-00.txt A new version of Internet-Draft draft-wang-ipsecme-composite-mldsa-auth-ikev2-00.txt has been successfully submitted by Guilin Wang and posted to the IETF repository. Name: draft-wang-ipsecme-composite-mldsa-auth-ikev2 Revision: 00 Title: Composite ML-DSA Authentication in the IKEv2 Date: 2025-03-03 Group: Individual Submission Pages: 12 URL: https://www.ietf.org/archive/id/draft-wang-ipsecme-composite-mldsa-auth-ikev2-00.txt Status: https://datatracker.ietf.org/doc/draft-wang-ipsecme-composite-mldsa-auth-ikev2/ HTML: https://www.ietf.org/archive/id/draft-wang-ipsecme-composite-mldsa-auth-ikev2-00.html HTMLized: https://datatracker.ietf.org/doc/html/draft-wang-ipsecme-composite-mldsa-auth-ikev2 Abstract: This draft specifies composite ML-DSA authentication in the Internet Key Exchange Protocol Version 2 (IKEv2) [RFC7296]. Namely, the authenticaiton in the IKEv2 is completed by using a compiste signature of ML-DSA [FIPS203], the newly post-quantum digital singature standard, and one of the following traditional singature algorithms, SA-PKCS#1v1.5, RSA-PSS, ECDSA, Ed25519, and Ed448. These concrete composite algorithm specifications follow [OGPKF24]. Composite ML-DSA authenticatio is achieved by asking to add a new value in the "IKEv2 Authentication Method" registry [IANA-IKEv2], mantained by IANA. After that, two peers MUST send the SUPPORTED_AUTH_METHODS Notify, defined in [RFC9593], to negotiate the specific composite ML-DSA algoithms. [EDNOTE: Code points for composite ML-DSA authentication may need to be assigned in the "IKEv2 Authentication Method" registry, maintained by IANA] The IETF Secretariat _______________________________________________ IPsec mailing list -- ipsec@ietf.org To unsubscribe send an email to ipsec-le...@ietf.org
