Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="o8T19kGZzVbKuRlq" --o8T19kGZzVbKuRlq Content-Type: text/plain; charset="UTF-8" Content-Disposition: inline One of NIST's July announcements was "As part of the drafting process, NIST will seek input on specific parameter sets to include, particularly for security category 1." Procedurally, how is this supposed to work? The round-3 Kyber-512 security analysis is two years old and obviously doesn't account for newer attack papers such as the Guo--Johansson paper, the MATZOV paper, and the paper https://cr.yp.to/papers.html#lprrr that I've just posted. Is NIST still seriously considering Kyber-512? Does NIST have a schedule for the Kyber team to issue revised security claims for comment by the community? Or does "NIST will seek input" mean that NIST is already asking the community to comment? There are reports that NIST is considering another round of tweaks to Kyber, not just throwing away Kyber-512. Are these reports correct? If so, when will tweaks be made available for public security evaluation? As a separate matter, does "particularly for security category 1" mean that NIST doesn't want input from the community regarding category-5 parameters? Previously, NIST wrote that it "strongly encourages" submissions to include category-5 parameters, and wrote the following: A controversial assessment of category 5 runs the risk that the submission will not meet the needs of any users who actually want category 5. https://media.defense.gov/2022/Sep/07/2003071834/-1/-1/0/CSA_CNSA_2.0_ALGORITHMS_.PDF now says "Use Level V parameters for all classification levels", which fits the idea that some users "actually want category 5", but then what's supposed to happen if Kyber-1024 doesn't meet category 5? ---D. J. Bernstein -- You received this message because you are subscribed to the Google Groups "pqc-forum" group. To unsubscribe from this group and stop receiving emails from it, send an email to pqc-forum+unsubscribe@list.nist.gov. To view this discussion on the web visit https://groups.google.com/a/list.nist.gov/d/msgid/pqc-forum/20221115152834.204619.qmail%40cr.yp.to. --o8T19kGZzVbKuRlq Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEE3QolqQXydru4e4ITsMANTjsOVFkFAmNzsCIACgkQsMANTjsO VFlWSxAAyyLLv/dm4gIGgeXaPEonJaUINNAwSi5yfzW5PgUSX1ddXJgMOPUMMchB FBXY4ZLoFpEUgICjoSLlVn9M6AURNf4fzE5wYCr69mnG/oMbVs5N9Kxb6JAacj3e viaSerrD8dle61ANeBUXCCTbbD3PSYoF/A4KPDKpSlgnlKQ4Jos+53NX+XN3VTI1 5Lzu3n+8FXGbt00PhyHclUDXQ1rx5POSnqOU35pwDvB2/x3E3LBxoFBhE5DWtFdz v0OoYnCSGe6vjBcabonxDKUBtlph8ns70XB2r5MolQepfMQj7qhnlorsG3lgCnHN CXSQyGpiBeVGf85lo03OteR3jxtZ5bikyCFlgKxj638GRmpHDetlipXqEM4ZvMSN AIIqxyN1HbLA14mbxN7BgmEvjJdPOUgIvkA6Oa1hTmB14RvqxwbwT0+Qeca+JNXi emp6pPgs+HQsPpj8CAaweBH1LSu31R8iMd5keSnnuMzRN40N/ecKJQheKyTsgDkd H2fKwfIxf6b+Cvi4V4QCVGVSmDf5xxAF6AQqbM9n2DQrowxM6kUBjiJIzyHEicAV uyiehmTgjPh/AVwX/EGo/2BiqnxYDvS9Vajg/mbJjwM5qcXatnq0OKXSLNcuev7H EUJtxT8SORE+HBjWjpGbLdSxf/B4DR/KyN56ydAY1/E4nbl0krU= =0hn0 -----END PGP SIGNATURE----- --o8T19kGZzVbKuRlq--