| Thread Links | Date Links | ||||
|---|---|---|---|---|---|
| Thread Prev | Thread Next | Thread Index | Date Prev | Date Next | Date Index |
|
Hi Nehru, On 10/14/25, 3:04 PM, "Nehru Bhandaru" <nehru.bhandaru@xxxxxxxxxxxx> wrote:
Thanks Dan for the quick response. And again, thank you for engaging on the reflector!
Other exchanges seem fine with their use of ML-KEM level determining the SHA2 hash function to use, except the transcript. This clarifies what is used for PTK. We have not looked at 11bi support for encrypting
the association frames, but expect that is already specified by 11bi and your PQC document if the keys are available prior to association. That is the intent. 11bt is going to follow 11bi and whatever 11bi does wrt encrypted association, 11bt will comply to the extend necessary.
Another minor quirk is the random padding of various sizes (16, 24, 32) when encoding the Kyber public key using Kemeleon. The total length is a bit shorter and different from the Kyber public key size (797
instead of 800, say). It might be okay to extend the random padding to make the encoded size the same as normal Kyber public key size. But only if there is some advantage. I'm not sure what that the advantage would be. An adversary is going to know that the blob of bits in the exchange is an encrypted kemeleon output regardless of the size. The point of kemeleon is not to make its output be the size of a
kyber public key, it's to hide the structure of the kyber public key and make it look indistinguishable from a random bit stream. Provided that goal is met (and I believe it is) then the size of the output doesn't matter. regards, Dan. -- "the object of life is not to be on the side of the majority, but to escape finding oneself in the ranks of the insane." – Marcus Aurelius
-N On Tue, Oct 14, 2025 at 8:35 AM Harkins, Dan <daniel.harkins@xxxxxxx> wrote:
To unsubscribe from the STDS-802-11-TGBT list, click the following link: https://listserv.ieee.org/cgi-bin/wa?SUBED1=STDS-802-11-TGBT&A=1 |