Quantum-Safe Security

In the 1/23/2023 meeting, we agreed to hold weekly working meetings of this subgroup. If you do not have the meeting invite, please contact me or Hillary.

John

In the 1/23/2023 meeting, we agreed to hold weekly working meetings of this subgroup. If you do not have the meeting invite, please contact me or Hillary.

John

We had great turn out in the sub-group's working meeting. Two issues popped up without conclusion and need the ideas from the broader community. I file 2 support requests from the CSA as well:

1. Selecting security key exchange technologies is an important control for encryption in transit. But there seems to be no existing CCM control explicitly covering this. Should we invent a new control? Or is there an existing control implying this?
2. Control ID CEK-04 is about encryption algorithm. But its Implementation Guidelines in all versions of CCM we've checked are about key management. Are we wrong with this discovery?

In the 1/23/2023 meeting, we agreed to hold weekly working meetings of this subgroup. If you do not have the meeting invite, please contact me or Hillary.

John

Got both issues resolved with CSA support

1. Key exchanges are covered by two controls

• CEK-3 at the protocol (and version) level and
• CEK-4 at the encryption algorithm level.

2. The updated Implementation Guidelines of CEK-04 in the draft does not have the error.

We had great turn out in the sub-group's working meeting. Two issues popped up without conclusion and need the ideas from the broader community. I file 2 support requests from the CSA as well:

1. Selecting security key exchange technologies is an important control for encryption in transit. But there seems to be no existing CCM control explicitly covering this. Should we invent a new control? Or is there an existing control implying this?
2. Control ID CEK-04 is about encryption algorithm. But its Implementation Guidelines in all versions of CCM we've checked are about key management. Are we wrong with this discovery?

In the 1/23/2023 meeting, we agreed to hold weekly working meetings of this subgroup. If you do not have the meeting invite, please contact me or Hillary.

John

Went through the PQS CCM spreadsheet one more time. Hopefully, we can decide on the list of relevant controls for the first time this Friday. Hope we can move on to supply other fields e.g. guidelines. In 2-3 weeks, hope we can invite members of the WG to comment.

Got both issues resolved with CSA support

1. Key exchanges are covered by two controls

• CEK-3 at the protocol (and version) level and
• CEK-4 at the encryption algorithm level.

2. The updated Implementation Guidelines of CEK-04 in the draft does not have the error.

We had great turn out in the sub-group's working meeting. Two issues popped up without conclusion and need the ideas from the broader community. I file 2 support requests from the CSA as well:

1. Selecting security key exchange technologies is an important control for encryption in transit. But there seems to be no existing CCM control explicitly covering this. Should we invent a new control? Or is there an existing control implying this?
2. Control ID CEK-04 is about encryption algorithm. But its Implementation Guidelines in all versions of CCM we've checked are about key management. Are we wrong with this discovery?

In the 1/23/2023 meeting, we agreed to hold weekly working meetings of this subgroup. If you do not have the meeting invite, please contact me or Hillary.

John