Hi All, We haven't gotten enough feedback on the proposed new APIs and decide to drop this JEP from JDK 21. It's still open and we can reconsider it in a future release.
We are still planning on an implementation on signature verification targeting JDK 21. You can read the CSR at https://bugs.openjdk.org/browse/JDK-8305973. Thanks, Max > On Mar 20, 2023, at 5:51 PM, Wei-Jun Wang <weijun.w...@oracle.com> wrote: > > Hi All, > > We propose to add support for HSS/LMS as a Signature algorithm to JCA/JCE. > > All currently widely used digital signature schemes, including DSA, RSA, > ECDSA, and EdDSA, have the potential to be broken if large scale quantum > computers are ever built. However, the security of HSS/LMS depends only on > the security of the underlying hash functions, and it is believed that the > security of hash functions will not be broken by the development of > large-scale quantum computers. > > We have drafted a JEP for adding this support (see link below). We propose to > add a new standard name and some new APIs. We will also provide an > implementation of signature verification which would be integrated into an > existing JDK security provider. > > We don’t plan to provide implementations of key pair generation and signature > generation out-of-box as they should be implemented in hardware. However, we > believe third party vendors will be interested in implementing them (in a > “hardware cryptographic module”) and exposing the functions through a Java > security provider. Thus we are proposing an HSSGenParameterSpec class to > initialize the KeyPairGenerator for HSS/LMS. We also are proposing to define > new interfaces named HSSLMSPrivateKey and HSSLMSPublicKey where you can read > parameters from the keys. There is a keysRemaining() method where you can > find out how many LM-OTS keys are left. > > You can read the draft JEP at https://openjdk.org/jeps/8303541. > > Feel free to add any comment here. > > Thanks, > Max >
