| Thread Links | Date Links | ||||
|---|---|---|---|---|---|
| Thread Prev | Thread Next | Thread Index | Date Prev | Date Next | Date Index |
Looks like it is not a debate just in IEEE 802.11/bt. Still IETF and other folks in the industry are debating and according to the article
“It is true that 0x11EC is not marked as Recommended, mostly because it started out as an experimental combination that then somehow ended up as the thing everybody was doing, and while lots of digital ink was spilled on whether or not it should be recommended, nobody updated the flag before publishing the RFC. (technically the RFC is not published yet, but the rest is pretty much formality, and the flag is unlikely to change) So yes, technically the IETF did not recommend a hybrid algorithm”
In IETF ID, it is not recommended (https://www.ietf.org/archive/id/draft-kwiatkowski-tls-ecdhe-mlkem-03.txtz) but X25519 + ML KEM 768 (0x11EC) is still provided and it is marked as recommended in cloudefare (https://developers.cloudflare.com/ssl/post-quantum-cryptography/)
Not being a cryptographer, logically speaking, if x is the security level provided by pure ML KEM and y is the security level provided by the classical DH, can we say x + y >= y, assuming that classical does not reduce the security of the pure ML KEM… there is nothing to lose with hybrid? Granted, according to the article, NSA uses only pure ML KEM 1024…
Just ran across an interesting blog post by Sophie Schmieg, a cryptographer at Google. It discusses pure ML-KEM vs hybrid and dispels some of the myths that appeared in TGbt when we started discussing things beyond the simple “allowed” security profile—namely, “It will cause a downgrade attack!” and “it’s not secure enough”. Also, there is a hilarious gif which is the appropriate response to demands for “mandatory to implement” algorithms that you don’t want to support.
Enjoy: https://keymaterial.net/2025/11/27/ml-kem-mythbusting/
Regards,
Dan.
--
“the object of life is not to be on the side of the majority, but to
escape finding oneself in the ranks of the insane.” – Marcus Aurelius
To unsubscribe from the STDS-802-11-TGBT list, click the following link: https://listserv.ieee.org/cgi-bin/wa?SUBED1=STDS-802-11-TGBT&A=1
To unsubscribe from the STDS-802-11-TGBT list, click the following link: https://listserv.ieee.org/cgi-bin/wa?SUBED1=STDS-802-11-TGBT&A=1
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature