Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Make RSA 4096 combos #24

Closed
ounsworth opened this issue Jul 12, 2024 · 7 comments
Closed

Make RSA 4096 combos #24

ounsworth opened this issue Jul 12, 2024 · 7 comments
Assignees
@johngray-dev

Comments

@ounsworth
Copy link
Contributor

ounsworth commented Jul 12, 2024
edited
Loading

We have been asked to add RSA-4096 combos for existing infrastructures where deployed software or policy requires 4096 bit keys.

Suggestion is that since RSA 4096 is not much above 128 bit security (certainly not as much as AES-192 or SHA-384), we should pair it with the same cipher suites as the RSA-3072 combo. Or maybe even replace the 3072 combo?
@janklaussner
Copy link
Collaborator

@ounsworth I would rather add combinations, and yes, the same as with RSA 3072.

  1. RSA 4096 is expensive when I think of our smart card products
  2. RSA 3072 is expected to be secure enough at least till 2030 by BSI
  3. not even RSA 1024 is cracked till now (80 bits security) so I expect it to last 10 more years... without CRQC of course

@janklaussner janklaussner mentioned this issue Jul 19, 2024
Closed
@ounsworth
Copy link
Contributor Author

Should we drop the key size from the OID at all?

Yes: Piotr, Scott
No: Tim, Sophie, Mike

@johngray-dev
Copy link
Collaborator

Group decided to add two new RSA 4096 combinations... one for PKCS 1.5, and PSS...

This was referenced Aug 16, 2024
Closed
Closed
@johngray-dev johngray-dev self-assigned this Sep 25, 2024
@johngray-dev
Copy link
Collaborator

We decided to add these combinations:

MLDSA65-RSA4096-PKCS15-SHA512
MLDSA65-RSA4096-PSS-SHA512

We decided to keep the RSA keysize in the OID definiton

@johngray-dev
Copy link
Collaborator

closes #23

@johngray-dev johngray-dev reopened this Sep 25, 2024
@johngray-dev
Copy link
Collaborator

Didn't mean to close

johngray-dev added a commit that referenced this issue Sep 25, 2024
@johngray-dev
Update draft-ietf-lamps-pq-composite-sigs.md
16c1d9a 
Closes #22    -  Updated text to match correctly also accounting for #23 and #24
@johngray-dev
Copy link
Collaborator

4096 combinations added in pull #51 - Closing this ticket

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@johngray-dev johngray-dev

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@ounsworth @johngray-dev @janklaussner