I2P_Developers/i2p.www
3
0
Fork 5
Code Issues 27 Pull Requests Actions 2 Packages Projects Releases Wiki Activity

prop. 169 updates

Browse Source
This commit is contained in:
zzz
2025-04-23 12:42:45 -04:00
parent 5a7090310b
commit 27c7158784
1 changed files with 49 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

73
i2p2www/spec/proposals/169-pq-crypto.rst
View File

@ -5,7 +5,7 @@ Post-Quantum Crypto Protocols
:author: zzz, orignal, drzed, eyedeekay :author: zzz, orignal, drzed, eyedeekay
:created: 2025-01-21 :created: 2025-01-21
:thread: http://zzz.i2p/topics/3294 :thread: http://zzz.i2p/topics/3294
:lastupdated: 2025-04-17 :lastupdated: 2025-04-23
:status: Open :status: Open
:target: 0.9.80 :target: 0.9.80
@ -72,6 +72,31 @@ Threat Model
or other structures or other structures
Affected Protocols
==================
We will modify the following protocols, roughly in order
of development. The overall rollout will probably be from late 2025 through mid-2027.
See the Priorities and Rollout section below for details.
================================== ======
Protocol / Feature Status
================================== ======
Hybrid EncTypes 5-7 Preliminary, final hash choices pending
Hybrid Dests, Ratchet Tested on live net, no net upgrade required
Select preferred combo Probably 6,4
Combo Hybrid/X25519 Dests, Ratchet
Combo Hybrid/X25519 NTCP2
Combo Hybrid/X25519 SSU2
Hybrid Routers, Dests, Ratchet
MLDSA SigTypes 12-14 Probably final
MLDSA Dests Tested on live net, requires net upgrade for floodfill support
Hybrid SigTypes 15-17 Preliminary
Hybrid Dests
================================== ======
Design Design
====== ======
@ -85,17 +110,17 @@ CRYSTALS-Kyber and CRYSTALS-Dilithium (versions 3.1, 3, and older).
Key Exchange Key Exchange
------------- -------------
We will support key exchange in the following protocols: We will support hybrid key exchange in the following protocols:
======= ========== ============== =============== ======= ========== ================ ===============
Proto Noise Type Support PQ? Support Hybrid? Proto Noise Type Support PQ only? Support Hybrid?
======= ========== ============== =============== ======= ========== ================ ===============
NTCP2 XK no yes NTCP2 XK no yes
SSU2 XK no yes SSU2 XK no yes
Ratchet IK no yes Ratchet IK no yes
TBM N no no TBM N no no
NetDB N no no NetDB N no no
======= ========== ============== =============== ======= ========== ================ ===============
PQ KEM provides ephemeral keys only, and does not directly support PQ KEM provides ephemeral keys only, and does not directly support
static-key handshakes such as Noise XK and IK. static-key handshakes such as Noise XK and IK.
@ -131,19 +156,19 @@ Signatures
We will support PQ and hybrid signatures in the following structures: We will support PQ and hybrid signatures in the following structures:
========================== ============== =============== ========================== ================ ===============
Type Support PQ? Support Hybrid? Type Support PQ only? Support Hybrid?
========================== ============== =============== ========================== ================ ===============
RouterInfo yes yes RouterInfo yes yes
LeaseSet yes yes LeaseSet yes yes
Streaming SYN/SYNACK/Close yes yes Streaming SYN/SYNACK/Close yes yes
Repliable Datagrams yes yes Repliable Datagrams yes yes
Datagram2 (prop. 163) yes yes Datagram2 (prop. 163) yes yes
I2CP create session msg yes yes I2CP create session msg yes yes
SU3 files yes yes SU3 files yes yes
X.509 certificates yes yes X.509 certificates yes yes
Java keystores yes yes Java keystores yes yes
========================== ============== =============== ========================== ================ ===============
So we will support both PQ-only and hybrid signatures. So we will support both PQ-only and hybrid signatures.