RFR: 8298390: Implementing ML-KEM key encapsulation mechanism [v15]
Kevin Driver
kdriver at openjdk.org
Thu Nov 7 16:50:43 UTC 2024
On Thu, 7 Nov 2024 00:47:33 GMT, Ben Perez <bperez at openjdk.org> wrote:
>> Java implementation of ML-KEM, the [FIPS 203](https://csrc.nist.gov/pubs/fips/203/final) post-quantum KEM scheme. Depends on https://github.com/openjdk/jdk/pull/21167
>
> Ben Perez has updated the pull request incrementally with two additional commits since the last revision:
>
> - default random for encaps, supported alg in SunJCE
> - copyright header
src/java.base/share/classes/com/sun/crypto/provider/ML_KEM.java line 500:
> 498: byte[] kem_d, byte[] kem_z)
> 499: throws NoSuchAlgorithmException, DigestException {
> 500: var mlKemH = MessageDigest.getInstance("SHA3-256");
Should this algorithm be pulled out into a constant? Keccak is new-ish, but it may not be this forever and/or the output size may change from 256.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/21478#discussion_r1833020568
More information about the security-dev
mailing list