This task is used to track the implementation of PQC encryption in GnuPG. We plan to first deploy encryption support so that this can be used with subkeys. Implementation is guided by draft-wussler-openpgp-pqc-03.txt but using v5 keys as required by LibrePGP.
Description
Description
Revisions and Commits
Revisions and Commits
Status | Assigned | Task | ||
---|---|---|---|---|
Open | None | T6636 PQC Implementation | ||
Open | None | T6638 PQC for GnuPG | ||
Testing | None | T6815 PQC encryption for GnuPG | ||
Testing | None | T7014 agent: Enhancement of PKDECRYPT for KEM interface | ||
Open | • gniibe | T7097 Support a key on smartcard for PQC | ||
Open | None | T7290 Kyber+ECC with smartcards | ||
Open | None | T7315 Allow exporting of PQC keys. | ||
Resolved | • gniibe | T7316 Curve25519/v5 key cannot be exported |
Event Timeline
Comment Actions
Wit the test keys posted in T7014 it is now possible to decrypt the sample data. The test data has been slightly adjusted for the new format; see
for a hex dump and for the binary version.However further changes to the data passed to the key combiner are required. The test data will then not anymore decrypt unless the new --compatibility-flag t7014-old is used.
Comment Actions
Here comes a new test key along with its 3 secret parts (one for the primary and two for the composite Kyber subkey).
pub ed25519 2024-04-15 [SC] [expires: 2027-04-15] 006029D5CF15267DA9A5B1DB43CCDCAB9315C984 Keygrip = 196712A4E8B3489A4C501E4DA4074BFEF883E7E2 uid [ultimate] pqc-test-april-15 sig!3 43CCDCAB9315C984 2024-04-15 [self-signature] sub ky768_cv25519 2024-04-15 [E] 1364089C503A5D47F8ACC8D4C4C261132A96E9B653214A079481BC303B454E98 Keygrip = 584B7F12D850328AC0F919F98F58978F4FB15DBC,593278A574AF31F52E5D86F1536B6A2A9963D6C1 sig! 43CCDCAB9315C984 2024-04-15 [self-signature]
And here comes a sample encrypted message:
Comment Actions
Alright: We have support for all our combined algos ky{768,1024}_bp{256,384,512}and ky{768,1024}_cv{25519,448} as well as test keys and encrypted test messages.
Comment Actions
Most things are done. Missing stuff
- At some time we need status lines for non-compliance
- Smartcard support for the ECC part.
- Add a link into the .key files to show which of them belong together. This is for the case that we lost the public key.
- Cleanup the language. For example replace dual or hybrid algo by composite algo.