RFR: 8298390: Implementing ML-KEM key encapsulation mechanism [v11]
Valerie Peng
valeriep at openjdk.org
Wed Nov 6 00:03:33 UTC 2024
On Tue, 5 Nov 2024 21:47:07 GMT, Ben Perez <bperez at openjdk.org> wrote:
>> Java implementation of ML-KEM, the [FIPS 203](https://csrc.nist.gov/pubs/fips/203/final) post-quantum KEM scheme. Depends on https://github.com/openjdk/jdk/pull/21167
>
> Ben Perez has updated the pull request incrementally with one additional commit since the last revision:
>
> Added key validity checks to ML_KEM_Provider
src/java.base/share/classes/sun/security/util/KnownOIDs.java line 319:
> 317: ML_KEM_512("1.3.6.1.4.1.22554.5.6.1", "ML-KEM-512"),
> 318: ML_KEM_768("1.3.6.1.4.1.22554.5.6.2", "ML-KEM-768"),
> 319: ML_KEM_1024("1.3.6.1.4.1.22554.5.6.3", "ML-KEM-1024"),
Where are these OIDs from? It seems that NIST has different OIDs assigned to ML-KEM: https://csrc.nist.gov/projects/computer-security-objects-register/algorithm-registration#KEM
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/21478#discussion_r1830227169
More information about the security-dev
mailing list