| rfc9881v6.txt | rfc9881.txt | |||
|---|---|---|---|---|
| skipping to change at line 884 ¶ | skipping to change at line 884 ¶ | |||
| elected to define security levels by picking a reference scheme, | elected to define security levels by picking a reference scheme, | |||
| which NIST expects to offer notable levels of resistance to both | which NIST expects to offer notable levels of resistance to both | |||
| quantum and classical attacks. To wit, an algorithm that achieves | quantum and classical attacks. To wit, an algorithm that achieves | |||
| NIST PQC security level 1 must require computational resources to | NIST PQC security level 1 must require computational resources to | |||
| break the relevant security property, which are greater than those | break the relevant security property, which are greater than those | |||
| required for a brute-force key search on AES-128. Levels 3 and 5 use | required for a brute-force key search on AES-128. Levels 3 and 5 use | |||
| AES-192 and AES-256 as references, respectively. Levels 2 and 4 use | AES-192 and AES-256 as references, respectively. Levels 2 and 4 use | |||
| collision search for SHA-256 and SHA-384 as references. | collision search for SHA-256 and SHA-384 as references. | |||
| The parameter sets defined for NIST security levels 2, 3, and 5 are | The parameter sets defined for NIST security levels 2, 3, and 5 are | |||
| listed in Figure 1, along with the resulting signature size, public | listed in Table 2, along with the resulting signature size, public | |||
| key, and private key sizes in bytes. Note that these are the sizes | key, and private key sizes in bytes. Note that these are the sizes | |||
| of the raw keys, not including ASN.1 encoding overhead from | of the raw keys, not including ASN.1 encoding overhead from | |||
| OneAsymmetricKey and SubjectPublicKeyInfo wrappers. Private key | OneAsymmetricKey and SubjectPublicKeyInfo wrappers. Private key | |||
| sizes are shown for both the seed format and expanded format. | sizes are shown for both the seed format and expanded format. | |||
| +=======+=======+=====+==========+========+=========+===========+ | +=======+=======+=====+==========+========+=========+===========+ | |||
| | Level | (k,l) | eta | Sig. (B) | Public | Private | Private | | | Level | (k,l) | eta | Sig. (B) | Public | Private | Private | | |||
| | | | | | Key(B) | Seed(B) | Expand(B) | | | | | | | Key(B) | Seed(B) | Expand(B) | | |||
| +=======+=======+=====+==========+========+=========+===========+ | +=======+=======+=====+==========+========+=========+===========+ | |||
| | 2 | (4,4) | 2 | 2420 | 1312 | 32 | 2560 | | | 2 | (4,4) | 2 | 2420 | 1312 | 32 | 2560 | | |||
| skipping to change at line 2653 ¶ | skipping to change at line 2653 ¶ | |||
| 2a632048eaf89e5cb4a88debc53a595103acce4f1cff18acff07afe1eb5716aa | 2a632048eaf89e5cb4a88debc53a595103acce4f1cff18acff07afe1eb5716aa | |||
| 1e40b63134c3a3ae9579fa87f515be093c2d29db6d6b65c93661e00636b59270 | 1e40b63134c3a3ae9579fa87f515be093c2d29db6d6b65c93661e00636b59270 | |||
| 4d093cc6716c2342eb1853d48c85c63ac8a2854462c7b77e7e3bd1eac5bca28f | 4d093cc6716c2342eb1853d48c85c63ac8a2854462c7b77e7e3bd1eac5bca28f | |||
| faa00b5d349f8a547ad875b96a8c2b2910c9301309a3f9138a5693111f55b3c0 | faa00b5d349f8a547ad875b96a8c2b2910c9301309a3f9138a5693111f55b3c0 | |||
| 09ca947c39dfc82d98eb1caa4a9cbe885f786fa86e55be062222f8ba90a97407 | 09ca947c39dfc82d98eb1caa4a9cbe885f786fa86e55be062222f8ba90a97407 | |||
| 3326b31212aece0a34a60` } | 3326b31212aece0a34a60` } | |||
| } | } | |||
| C.3. Example Certificates | C.3. Example Certificates | |||
| | The example certificates in this section have key usage bits | | NOTE: The example certificates in this section have key usage | |||
| | set to digitalSignature, keyCertSign, and cRLSign to lessen the | | bits set to digitalSignature, keyCertSign, and cRLSign to | |||
| | number of examples, i.e., brevity. Certificate Policies (CPs) | | lessen the number of examples, i.e., brevity. Certificate | |||
| | [RFC3647] for production CAs should consider whether this | | Policies (CPs) [RFC3647] for production CAs should consider | |||
| | combination is appropriate. | | whether this combination is appropriate. | |||
| NOTE: The following is a self-signed certificate for the ML-DSA-44 | The following is a self-signed certificate for the ML-DSA-44 public | |||
| public key in the previous section. The textual encoding [RFC7468] | key in the previous section. The textual encoding [RFC7468] is | |||
| is followed by the so-called "pretty print"; the certificates are the | followed by the so-called "pretty print"; the certificates are the | |||
| same. | same. | |||
| -----BEGIN CERTIFICATE----- | -----BEGIN CERTIFICATE----- | |||
| MIIPlDCCBgqgAwIBAgIUFZ/+byL9XMQsUk32/V4o0N44804wCwYJYIZIAWUDBAMR | MIIPlDCCBgqgAwIBAgIUFZ/+byL9XMQsUk32/V4o0N44804wCwYJYIZIAWUDBAMR | |||
| MCIxDTALBgNVBAoTBElFVEYxETAPBgNVBAMTCExBTVBTIFdHMB4XDTIwMDIwMzA0 | MCIxDTALBgNVBAoTBElFVEYxETAPBgNVBAMTCExBTVBTIFdHMB4XDTIwMDIwMzA0 | |||
| MzIxMFoXDTQwMDEyOTA0MzIxMFowIjENMAsGA1UEChMESUVURjERMA8GA1UEAxMI | MzIxMFoXDTQwMDEyOTA0MzIxMFowIjENMAsGA1UEChMESUVURjERMA8GA1UEAxMI | |||
| TEFNUFMgV0cwggUyMAsGCWCGSAFlAwQDEQOCBSEA17K0clSq4NtF55MNSpjSyX2P | TEFNUFMgV0cwggUyMAsGCWCGSAFlAwQDEQOCBSEA17K0clSq4NtF55MNSpjSyX2P | |||
| E5fReJ2voXAksxbpvslPyZRtQvGbeadBO7qjPnFJy0LtURVpOsBB+suYit61/g4d | E5fReJ2voXAksxbpvslPyZRtQvGbeadBO7qjPnFJy0LtURVpOsBB+suYit61/g4d | |||
| hjEYSZW1ksOX0ilOLhT5CqQUujgmiZrEP0zMrLwm6agyuVEY1ctDPL75ZgsAE44I | hjEYSZW1ksOX0ilOLhT5CqQUujgmiZrEP0zMrLwm6agyuVEY1ctDPL75ZgsAE44I | |||
| F/YediyidMNq1VTrIqrBFi5KsBrLoeOMTv2PgLZbMz0PcuVd/nHOnB67mInnxWEG | F/YediyidMNq1VTrIqrBFi5KsBrLoeOMTv2PgLZbMz0PcuVd/nHOnB67mInnxWEG | |||
| End of changes. 3 change blocks. | ||||
| 9 lines changed or deleted | 9 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. | ||||