RFR: 8298390: Implementing ML-KEM key encapsulation mechanism [v5]
Weijun Wang
weijun at openjdk.org
Mon Nov 4 18:55:59 UTC 2024
On Tue, 15 Oct 2024 22:17:26 GMT, Ben Perez <bperez at openjdk.org> wrote:
>> Java implementation of ML-KEM, the [FIPS 203](https://csrc.nist.gov/pubs/fips/203/final) post-quantum KEM scheme. Depends on https://github.com/openjdk/jdk/pull/21167
>
> Ben Perez has updated the pull request incrementally with one additional commit since the last revision:
>
> NamedParameterSpec constants
Please implement the key checks at the beginnings of sections 7.2 and 7.3 of FIPS 203 in `implCheckPublicKey` and `implCheckPrivateKey` so it can detected earlier in `newEcapsulator` and `newDecapsulator`.
The current `isValidDecapsulationKey` does not include the hash check.
src/java.base/share/classes/com/sun/crypto/provider/ML_KEM_Provider.java line 131:
> 129: public byte[][] implEncapsulate(String name, byte[] encapsulationKey, Object ek, SecureRandom secureRandom) {
> 130: byte[] randomBytes = new byte[32];
> 131: secureRandom.nextBytes(randomBytes);
`secureRandom` could be null. Provide a default one.
-------------
PR Comment: https://git.openjdk.org/jdk/pull/21478#issuecomment-2455448241
PR Review Comment: https://git.openjdk.org/jdk/pull/21478#discussion_r1828224071
More information about the security-dev
mailing list