Post-quantum additions to PRIds, public keys, and encrypted User Data#307
Open
wesbiggs wants to merge 3 commits into
Open
Post-quantum additions to PRIds, public keys, and encrypted User Data#307wesbiggs wants to merge 3 commits into
wesbiggs wants to merge 3 commits into
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Problem
Current DSNP cryptography relies on elliptic-curve algorithms (X25519, Ed25519) that are broken by Shor's algorithm on a cryptographically-relevant quantum computer. NIST completed standardization of post-quantum algorithms in 2024 (FIPS 203 ML-KEM, FIPS 204 ML-DSA). This proposal enables implementations to begin publishing PQ keys and using PQ-protected data types while preserving full interoperability with classical-only implementations during a transition period.
Solution
This proposal adds optional post-quantum cryptography (PQC) support to DSNP, addressing the long-term vulnerability of the current X25519/Ed25519/XSalsa20-Poly1305 constructions to quantum attacks. It introduces:
mlkem768-pub) keys for key agreement, alongside the existing X25519 keysmldsa65-pub) keys for digital signatures, alongside the existing Ed25519 keysprivateFollowsPQandprivateConnectionsPQUser Data types encrypted with the X-Wing hybrid KEM (X25519 + ML-KEM-768) and ChaCha20-Poly1305All changes are backward-compatible; existing classical types and implementations are unaffected.
Change summary:
keyAgreementPublicKeysandassertionMethodPublicKeys