RFR: 8297878: KEM: Implementation [v2]
Stephen Farrell
stephen.farrell at cs.tcd.ie
Fri Apr 14 00:27:23 UTC 2023
Hiya,
On 13/04/2023 23:35, Weijun Wang wrote:
>> Apologies for the interruption from the sidelines but I have a
>> query if that's ok.
>>
>> Is there any relationship between this work and RFC1980 which
>> defines HPKE, being a way of encrypting to a public value using a
>> KEM?
>
> We know about HPKE,
Of course:-)
> and it can makes use of the DHKEM implementation
> here (if the AuthEncap/AuthDecap functions are not used).
FWIW, I'm not aware of any protocol yet attempting to make
use of the authenticated HPKE modes, so that seems very
reasonable. (OTOH, it's not that hard for a library to
support all modes, so it may be worth some consideration.)
> However, we
> (Oracle's Java SE Security Team) don't have a plan to include HPKE
> inside OpenJDK yet.
Entirely fair. If doing so is of interest (to you or others),
I'd be happy to try help. (Ping me on/off-list if that is of
interest.)
> This PR is mainly about adding the KEM SPI so 3rd security providers
> can implement other KEM algorithms. DHKEM is included mainly to prove
> that the API is usable.
Grand. I'll get out of the way of this thread so:-) But
again, if interested, do reach out, as I'm keen to see ECH
support ending up widespread and HPKE is a fine precursor
for that.
Cheers,
S.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_0xE4D8E9F997A833DD.asc
Type: application/pgp-keys
Size: 1197 bytes
Desc: OpenPGP public key
URL: <https://mail.openjdk.org/pipermail/security-dev/attachments/20230414/418fe369/OpenPGP_0xE4D8E9F997A833DD.asc>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 236 bytes
Desc: OpenPGP digital signature
URL: <https://mail.openjdk.org/pipermail/security-dev/attachments/20230414/418fe369/OpenPGP_signature.sig>
More information about the security-dev
mailing list