Page MenuHome GnuPG
Create Task
Maniphest T6815

PQC encryption for GnuPG
Testing, NormalPublic
Actions

Description

This task is used to track the implementation of PQC encryption in GnuPG. We plan to first deploy encryption support so that this can be used with subkeys. Implementation is guided by draft-wussler-openpgp-pqc-03.txt but using v5 keys as required by LibrePGP.

Revisions and Commits

rG GnuPG
rG8896bbd0f99c gpg: Switch Kyber to the final algo id and add it to the menu.
rG2958e5e4cfff gpg: New option --require-pqc-encryption
rGdd650b2c7b7b gpg: Support Kyber with Brainpool512r1.
rG32ec480024b3 gpg: Support encryption with kyber_bp256 and kyber_bp384
rGf325d3277ec6 tests: Add two Kyber sample keys and messages.
rGe591fd25adc3 gpg: Support encryption with kyber_cv448.
rGba3c873934c9 gpg: Prepare Kyber encryption code for more variants.
rGc736052e9cca gpg: Implement Kyber encryption.
rGb48476bbefa7 gpg: Prepare to use the fingerprint as fixed-info for Kyber.
rG813f8d1b8e4b gpg: Changed internal data format for Kyber.
rG84ddb24e30c5 gpg: Make Kyber creation more flexible.
rG52c4b0908043 gpg: Some support to allow Kyber decryption.
rG1a37f0080b3e kbx: Support kyber in the blob parser.
rG53c6b1e85854 gpg: Support dual keygrips.
rG97f515949514 gpg: Initial support for generating Kyber subkeys.
rG6fab7b075adf gpg: Implement a parser for Kyber encrypted packets.
rC libgcrypt
AuditedrC005292cf9f41 cipher:kem:ecc: Support NIST curves.
rC4fb99ec266e5 cipher:kem:ecc: Support brainpoolP512r1.

Related Objects
Search...

Event Timeline

werner triaged this task as Normal priority.Nov 13 2023, 4:06 PM
werner created this task.
werner created this object with edit policy "Contributor (Project)".
werner added a commit: rG6fab7b075adf: gpg: Implement a parser for Kyber encrypted packets..Nov 13 2023, 4:28 PM
werner added a subtask: T7014: agent: Enhancement of PKDECRYPT for KEM interface.Feb 26 2024, 10:41 AM
werner added a commit: rG97f515949514: gpg: Initial support for generating Kyber subkeys..Apr 3 2024, 6:00 PM
werner added a commit: rG53c6b1e85854: gpg: Support dual keygrips..Apr 5 2024, 4:16 PM
werner added a commit: rG1a37f0080b3e: kbx: Support kyber in the blob parser..Apr 9 2024, 11:01 AM
werner added a commit: rG52c4b0908043: gpg: Some support to allow Kyber decryption..
werner added a commit: rG84ddb24e30c5: gpg: Make Kyber creation more flexible..Apr 11 2024, 8:18 AM
werner added a comment.EditedApr 11 2024, 4:00 PM

Wit the test keys posted in T7014 it is now possible to decrypt the sample data. The test data has been slightly adjusted for the new format; see

pubkeyenc.hex2 KBDownload
for a hex dump and
pubkeyenc.bin1 KBDownload
for the binary version.

However further changes to the data passed to the key combiner are required. The test data will then not anymore decrypt unless the new --compatibility-flag t7014-old is used.

werner added a commit: rG813f8d1b8e4b: gpg: Changed internal data format for Kyber..Apr 11 2024, 4:01 PM
werner added a commit: rGb48476bbefa7: gpg: Prepare to use the fingerprint as fixed-info for Kyber..Apr 12 2024, 11:34 AM
gniibe changed the status of subtask T7014: agent: Enhancement of PKDECRYPT for KEM interface from Open to Testing.Apr 15 2024, 3:19 AM
werner added a commit: rGc736052e9cca: gpg: Implement Kyber encryption..Apr 15 2024, 1:24 PM
werner added a comment.Apr 15 2024, 5:42 PM

Here comes a new test key along with its 3 secret parts (one for the primary and two for the composite Kyber subkey).

pub   ed25519 2024-04-15 [SC] [expires: 2027-04-15]
      006029D5CF15267DA9A5B1DB43CCDCAB9315C984
      Keygrip = 196712A4E8B3489A4C501E4DA4074BFEF883E7E2
uid           [ultimate] pqc-test-april-15
sig!3        43CCDCAB9315C984 2024-04-15  [self-signature]
sub   ky768_cv25519 2024-04-15 [E]
      1364089C503A5D47F8ACC8D4C4C261132A96E9B653214A079481BC303B454E98
      Keygrip = 584B7F12D850328AC0F919F98F58978F4FB15DBC,593278A574AF31F52E5D86F1536B6A2A9963D6C1
sig!         43CCDCAB9315C984 2024-04-15  [self-signature]

first-kyber.pub1 KBDownload

196712A4E8B3489A4C501E4DA4074BFEF883E7E2.key227 BDownload

584B7F12D850328AC0F919F98F58978F4FB15DBC.key234 BDownload

593278A574AF31F52E5D86F1536B6A2A9963D6C1.key7 KBDownload

And here comes a sample encrypted message:

tasty-cookie.gpg1 KBDownload

werner added a commit: rGba3c873934c9: gpg: Prepare Kyber encryption code for more variants..Apr 18 2024, 2:39 PM
werner added a commit: rGe591fd25adc3: gpg: Support encryption with kyber_cv448..Apr 23 2024, 11:31 AM
werner added a commit: rGf325d3277ec6: tests: Add two Kyber sample keys and messages..Apr 23 2024, 2:05 PM
werner added a commit: rG32ec480024b3: gpg: Support encryption with kyber_bp256 and kyber_bp384.Apr 23 2024, 4:35 PM
werner added a commit: rGdd650b2c7b7b: gpg: Support Kyber with Brainpool512r1..Apr 23 2024, 5:40 PM
werner added a commit: rC4fb99ec266e5: cipher:kem:ecc: Support brainpoolP512r1..Apr 23 2024, 5:43 PM
werner added a comment.Apr 23 2024, 5:47 PM

Alright: We have support for all our combined algos ky{768,1024}_bp{256,384,512}and ky{768,1024}_cv{25519,448} as well as test keys and encrypted test messages.

gniibe added a commit: rC005292cf9f41: cipher:kem:ecc: Support NIST curves..Apr 24 2024, 4:19 AM
werner added a commit: rG2958e5e4cfff: gpg: New option --require-pqc-encryption.Apr 24 2024, 9:57 AM
werner added a comment.Apr 24 2024, 10:01 AM

Most things are done. Missing stuff

  • At some time we need status lines for non-compliance
  • Smartcard support for the ECC part.
  • Add a link into the .key files to show which of them belong together. This is for the case that we lost the public key.
  • Cleanup the language. For example replace dual or hybrid algo by composite algo.
werner added a project: gnupg26.Apr 24 2024, 10:02 AM
werner moved this task from Backlog to QA on the gnupg26 board.Apr 24 2024, 10:04 AM
werner mentioned this in T7189: Release GnuPG 2.5.0.Jul 5 2024, 2:42 PM
werner added a commit: rG8896bbd0f99c: gpg: Switch Kyber to the final algo id and add it to the menu..Aug 27 2024, 11:08 AM
werner mentioned this in T7191: Release GnuPG 2.5.1.Sep 12 2024, 12:22 PM
werner changed the task status from Open to Testing.Sep 12 2024, 2:32 PM

See new subtask T7290 for smartcards and the link entries mentioned above.