Releases · lamps-wg/draft-composite-sigs

21 Oct 20:40

Latest

Interop-affecting changes:

Compacted CompositeSignaturePrivateKey to SEQUENCE SIZE (2) OF OCTET STRING instead of OneAsymmetricKey to remove redundancy
Added support for the ML-DSA context String, and use the Composite Domain as the context for the underlying ML-DSA component algorithm.
Added Pre-Hash and Pure modes and changed the Message format to align with FIPS-204. This breaks backwards compatibility with all previous versions.
Updated the OID table for new Pre-Hash OIDs and added them to the IANA section.
Updated Use in CMS section to reflect content is hashed and pure Composite ML-DSA should be used.

Editorial changes:

Added the ASN.1 encodings for the component public keys and signature algorithm identifiers
ASN.1 Module changes:
- Renamed the module from Composite-Signatures-2023 -> Composite-MLDSA-2024
- Simplified the ASN.1 module to make it more compiler-friendly (thanks Carl!) -- should not affect wire encodings.
Updated Security Considerations about Non-separability, EUF-CMA and key reuse.

Assets 2

08 Jul 20:02

Added a "Use in CMS" section
Removed a Falon reference from the ASN.1 document (which was a typo in reference to Falcon)
Added SMIME-CAPS into the sa-CompositeSignature definition in the ASN.1 module
Fixed nits and other typos
Added PSS parameter Salt Lengths
Changed the OID concatenation section to Domain Separators for clarity
Accepted some edits by José Ignacio Escribano
Expanded description for KeyGen algorithm
Clarified the Subject Public Key Usage
Various editorial changes