| layout | title | parent | grand_parent | nav_exclude |
|---|---|---|---|---|
default |
2024-06-06 TSC Meeting Record |
Meeting Minutes |
PQCP TSC |
true |
-
Welcome
-
Updates from related communities:
-
Discussion - What does 'assured' mean?
-
Discussion - Common API
-
Review status of sub projects:
-
Review open TSC issues:
- any noteable progress
- topics for next meeting
-
Any other business
Apologies noted from Douglas, Matthias and Franziskus.
JP Lomas introduced himself as a developer with QRL Foundation. Jonas Schneider-Bensch introduced himself as a developer from Cryspen, and providing cover for Franziskus who can't make it today.
no formal votes
Outstanding issues: Will close API discussion action as we started that discussion. Minutes were approved via github.
We agreed not enough of the voting members were present, so we will continue on the existing schedule for now. (every two weeks, same time)
Ongoing discussions at PQCA
- Security workgroup
- CBOM workgroup
OQS
- new release coming out
- some vulnarabilities reported ie compiler optimization bug. Yarkin mentioned there was also an outstanding discussion in oqs about row-hammer attach on ML-KEM, and whether such attached featured in the threat model. Ry mentioned that if anyone wanted to see the draft advisories, they should contact him for access.
- See pq-code-package/documentation#8 for initial draft of docs
- Hanno: need more refinement about formal proof. Add more links ie to aarch64 repo. Long term strive for functional correctness of the assembly. For example assembley level guarantees, constant time, trusted computing base assumptions.
- Tiego - will look into discussion and see how he can contribute from the jasmine side, along with Manuel.
- Tiago/ Hanno- general agreement with proposal. Funcion names should be namespaced (same signature) as multiple parts of code package could be used together
- Should _derand functions be exposed to user? Diedre said that NIST explicitly stated redrand should not be part of full public api
- need to find out what level of hiding is sufficient for fips
- Discovery APIs are not usual in crypto libraries at runtime - mostly at runtime just protocol negotiation
-
aarch 64 is progressing (Hanno):
- CI has developed. 2 arm runners - one macOS, one Linux
- working with Rod on integrating cbmc (macOS). Some code changes. evaluating cbmc findings. Annotating code, trying not to diverge too much.
- Ry pointed out that to get cbmc for the arm runners we'd need to build and cache (pcp team need to do build. Ry can help with caching) - but agreed we don't need this currently
-
libjade (Tiago)
- formally verifying Kyber episode 5 - security and correctness proof down to assembly. Updated for ML-KEM. Artifact contains a docker image/file to make replication of proofs easier as dependencies can be tricky to get together
- Norm asked if this approach could be extended to other implementations
- Nigel suggested that when complete, presenting this at a future meeting would be useful
-
libcrux (Jonas)
- Hope to have a version in repo by end of month.
No other topics.
- Continue discussion on common API & Assurance
- open TSC issue on other suggestions
- Tiago will not be able to attend next meeting
No new action items
- Nigel to open issue to agree long-term meeting schedule
- Tiago, Matthias to Present API design/approach for embedded/arch64 (see Issue 4)
- Nigel to contact John Schanck about API needs
- Tiago, Matthias to Present API design/approach for embedded/arch64 (see Issue 4)
- Recordings are available on your Open Profile page under Past Meetings
The next meeting will be scheduled in 2 weeks time - 1300 UTC on 2024-06-20
- Manuel Barbosa, University of Porto
- Hanno Becker, AWS
- Nigel Jones, IBM
- Matthias J. Kannwischer, CHelpis Quantum Tech
- Franziskus Kiefer, Cryspen
- Tiago Oliveira, Sandbox AQ
- John Schanck, Mozilla
- Douglas Stebila, University of Waterloo
- Ry Jones, Linux Foundation
- Jonas Schneider-Bensch, Cryspen
- Yarkin Doroz, NVIDIA
- Normal Ashley, Cisco Systems
- Deirdre Connolly, SandboxAQ