👮 major
irc2p
#i2p-dev #i2pd-dev #ls2 #saltr
ilita
#4rum #acetonevideo #dev #retroshare #torrent #video2p
IRCaBot 2.1.0
GPLv3 © acetone, 2021-2022
#ls2
/2025/04/22
+R4SAS
+RN
+RN_
+Xeha
+acetone
+orignal
Irc2PGuest33667
Onn4l7h
T3s|4_
aargh2
cumlord
leopold_
mareki2p_
not_bob_afk
profetikla
shiver_
u5657
vvx2
x74a6
zzz reminder: Proposal 169 2nd review today 7 PM UTC here
zzz to see the proposal changes since the review:
zzz git diff efc11074f4b65f473b78d6090d5aaec693bce170..HEAD 169-pq-crypto.rst
zzz if you're here for the review, please say hi, even if you're just planning to lurk
RN hi. just observing I think.
zzz welcome RN
not_bob_afk I'm here.
orignal hi
eyedeekay hi
altonen hi
RN *** plays drumroll for drozd's entrance with enhanced css ***
RN *** giggles and hushes up ***
zzz ok, welcome everybody
zzz this is the second review of proposal 169, first reviewed on March 18
zzz I'll summarize what's changed since the first review and then throw it open for discussion and comments
orignal fine
zzz THe first review focused mostly on the MLKEM ratchet parts, so we can open it up more to the other parts today if people want
zzz anyway, what changed:
zzz I flopped around the sigtype numbers 12-17 as agreed to last time
zzz minor fixes and comments throughout
dr|z3d sorry, hi.
dr|z3d *** pokes RN ***
zzz and added some references and discussion about the hash type open issue
zzz thats about it, really not any major changes
zzz I'll throw it open to the gang for discussion now
orignal ratchets more or less work. what's next?
orignal that's my question
zzz you mean what's next for implementation?
orignal yes
zzz my guess on the order of things and schedule is the 'priorities and rollout' section near the bottom, please take a look
zzz I continue to think that MLDSA is last.
orignal what about NTCP2/SSU2?
zzz I think we need guidance from the CAB forum and that may take a year or more
orignal CAB forum?
zzz well,taking a look at the chart I referenced, those are middle priority
zzz the CA/Browser forum that sets standards for SSL certificates. When they start mandating PQ they'll tell us what kind
zzz I think that's probably a year out
orignal so what we release? ratchets only?
zzz we haven't discussed any release plan at all, on any timetable. My guess is in the proposal, but we're ahead of that schedule
orignal I think you wanted to discuss hashes
zzz one of the main things todo before talking about releases is getting dual-protocol ratchet like 6,4 implemented and tested
zzz the other is hashes
zzz I don't have any more info about hashes, other than I found a good reference for the SSH RFC
zzz see SSH-HYBRID reference in our proposal
zzz in it, they make some choices and add some security analysis. Not a lot, but some
zzz anybody else had a chance to do any hash research since last week?
eyedeekay I did a little
zzz anything to report?
eyedeekay There are basically zero people who say SHA256 is going to be broken with collisions or preimage attacks
eyedeekay The concern if there is any seems to be slight, and about usability of the SHA2 for various applications
eyedeekay There seem to be no serious problems with SHA2 itself as long as you use it right
zzz tl;dr on the SSH RFC, they analyze whats important and what's not in noise handsakes.
zzz Their conculsion is two choices: MLKEM768+SHA256, and MLKEM1024+SHA384
eyedeekay But the argument for blake2 or some other hash construction is that it arguably improves upon the fairly mild shortcomings of sha256
zzz do we have any volunteers to lead the effort on further research and recommendations before the next meeting?
eyedeekay I can keep going and try to find some Noise-specific pitfall of SHA2 use but I don't think I will from what I've seen so far
zzz ok. the SSH reference may be helpful
eyedeekay Ack, I'll read it for the next meeting
zzz back to the rollout discussion for a moment
zzz orignal, I think the EARLIEST I'd be comfortable with, and that's if we continue to make good progress and decisions, is:
zzz beta in release this august, official in release this november
zzz if we hit problems or I run out of time that could easily slip into next year
zzz that's for MLKEM ratchet only
zzz that would be 6 months ahead of the schedule in the proposal
zzz what do you think?
zzz not seeing anything from orignal. anybody else have comments?
dr|z3d nothing from me.
orignal oops
orignal sec
zzz anybody else with discussion topics?
orignal my question what we do with ML-DSA,
orignal more practical
orignal if I release floodfill should it accept ML-DSA?
zzz I think we continue to play with it, but that's it for now
zzz according to the schedule in the propsal, we woudn't do that until late 2026
zzz we don't know what flavors
zzz big decision is straight MLDSA or hybrid
zzz nobody's going to have an answer for that this year
orignal but question is if we accept such signature or not?
zzz no, because we haven't agreed on anything yet. The specs may change
zzz maybe we don't do non-hybrid at all
zzz same thing with ratchet, we haven't finalized anything
zzz if we want to do a beta in august, we need to finalize the specs in about 3 months
zzz I'm not checking in anything until we agree on it
zzz anything else on proposal 169?
zzz orignal and I agreed we won't schedule another review yet, lets see how things go, maybe in a few weeks
zzz anything else to talk about while we're all together?
eyedeekay Nothing else from me
not_bob_afk I'm just here for the free popcorn.
zzz altonen, want to tell us anything about your progress?
orignal I will let you know next week
altonen nothing to report, i've skimmed the spec and verified that there is mlkem/mldsa crates available
altonen maybe i can do it by november but august is too soon
zzz congrats everybody, 6 reviews in two months, we got a lot done, even though we were out of practice
zzz haha we don't expect you to keep up altonen
dr|z3d congrats to you and orignal, mostly. :)
zzz also, my question was more general, not about PQ
altonen ah, ssu2 congestion control mostly
zzz eyedeekay, you promised working NTCP2 a couple days ago, I presume you got distracted by the gitlab stuff
zzz any update eyedeekay ?
eyedeekay I did get distracted by the gitlab stuff, I only meant I would be ready to check in the test against a local router(it might still be failing), which I suppose is a big step but still not quite there yet
zzz anyway, I'll baf the meeting closed, thanks everybody, we'll schedule more stuff in the coming weeks
zzz thanks to everyone for your support, we all have some more coding to do
eyedeekay I'll be getting back to it after I iron out the last few gitea issues
zzz good job altonen and eyedeekay for marching forward