Description

This task is used to track the implementation of PQC encryption in GnuPG. We plan to first deploy encryption support so that this can be used with subkeys. Implementation is guided by draft-wussler-openpgp-pqc-03.txt but using v5 keys as required by LibrePGP.

Revisions and Commits

rG GnuPG
		rG2958e5e4cfff gpg: New option --require-pqc-encryption
		rGdd650b2c7b7b gpg: Support Kyber with Brainpool512r1.
		rG32ec480024b3 gpg: Support encryption with kyber_bp256 and kyber_bp384
		rGf325d3277ec6 tests: Add two Kyber sample keys and messages.
		rGe591fd25adc3 gpg: Support encryption with kyber_cv448.
		rGba3c873934c9 gpg: Prepare Kyber encryption code for more variants.
		rGc736052e9cca gpg: Implement Kyber encryption.
		rGb48476bbefa7 gpg: Prepare to use the fingerprint as fixed-info for Kyber.
		rG813f8d1b8e4b gpg: Changed internal data format for Kyber.
		rG84ddb24e30c5 gpg: Make Kyber creation more flexible.
		rG52c4b0908043 gpg: Some support to allow Kyber decryption.
		rG1a37f0080b3e kbx: Support kyber in the blob parser.
		rG53c6b1e85854 gpg: Support dual keygrips.
		rG97f515949514 gpg: Initial support for generating Kyber subkeys.
		rG6fab7b075adf gpg: Implement a parser for Kyber encrypted packets.
rC libgcrypt
	Audited	rC005292cf9f41 cipher:kem:ecc: Support NIST curves.
		rC4fb99ec266e5 cipher:kem:ecc: Support brainpoolP512r1.

Related Objects
Search...

Status	Assigned	Task
Open	None	T6636 PQC Implementation
Open	None	T6638 PQC for GnuPG
Open	None	T6815 PQC encryption for GnuPG
Testing	None	T7014 agent: Enhancement of PKDECRYPT for KEM interface
Open	• gniibe	T7097 Support a key on smartcard for PQC

Event Timeline

• werner triaged this task as Normal priority.Nov 13 2023, 4:06 PM

• werner created this task.

• werner created this object with edit policy "Contributor (Project)".

• werner added a commit: rG6fab7b075adf: gpg: Implement a parser for Kyber encrypted packets..Nov 13 2023, 4:28 PM

• werner added a subtask: T7014: agent: Enhancement of PKDECRYPT for KEM interface.Feb 26 2024, 10:41 AM

• werner added a commit: rG97f515949514: gpg: Initial support for generating Kyber subkeys..Wed, Apr 3, 6:00 PM

• werner added a commit: rG53c6b1e85854: gpg: Support dual keygrips..Fri, Apr 5, 4:16 PM

• werner added a commit: rG1a37f0080b3e: kbx: Support kyber in the blob parser..Tue, Apr 9, 11:01 AM

• werner added a commit: rG52c4b0908043: gpg: Some support to allow Kyber decryption..

• werner added a commit: rG84ddb24e30c5: gpg: Make Kyber creation more flexible..Thu, Apr 11, 8:18 AM

Wit the test keys posted in T7014 it is now possible to decrypt the sample data. The test data has been slightly adjusted for the new format; see

pubkeyenc.hex2 KBDownload

for a hex dump and

pubkeyenc.bin1 KBDownload

for the binary version.

However further changes to the data passed to the key combiner are required. The test data will then not anymore decrypt unless the new --compatibility-flag t7014-old is used.

• werner added a commit: rG813f8d1b8e4b: gpg: Changed internal data format for Kyber..Thu, Apr 11, 4:01 PM

• werner added a commit: rGb48476bbefa7: gpg: Prepare to use the fingerprint as fixed-info for Kyber..Fri, Apr 12, 11:34 AM

• gniibe changed the status of subtask T7014: agent: Enhancement of PKDECRYPT for KEM interface from Open to Testing.Mon, Apr 15, 3:19 AM

• werner added a commit: rGc736052e9cca: gpg: Implement Kyber encryption..Mon, Apr 15, 1:24 PM

Here comes a new test key along with its 3 secret parts (one for the primary and two for the composite Kyber subkey).

pub   ed25519 2024-04-15 [SC] [expires: 2027-04-15]
      006029D5CF15267DA9A5B1DB43CCDCAB9315C984
      Keygrip = 196712A4E8B3489A4C501E4DA4074BFEF883E7E2
uid           [ultimate] pqc-test-april-15
sig!3        43CCDCAB9315C984 2024-04-15  [self-signature]
sub   ky768_cv25519 2024-04-15 [E]
      1364089C503A5D47F8ACC8D4C4C261132A96E9B653214A079481BC303B454E98
      Keygrip = 584B7F12D850328AC0F919F98F58978F4FB15DBC,593278A574AF31F52E5D86F1536B6A2A9963D6C1
sig!         43CCDCAB9315C984 2024-04-15  [self-signature]

first-kyber.pub1 KBDownload

196712A4E8B3489A4C501E4DA4074BFEF883E7E2.key227 BDownload

584B7F12D850328AC0F919F98F58978F4FB15DBC.key234 BDownload

593278A574AF31F52E5D86F1536B6A2A9963D6C1.key7 KBDownload

And here comes a sample encrypted message:

tasty-cookie.gpg1 KBDownload

• werner added a commit: rGba3c873934c9: gpg: Prepare Kyber encryption code for more variants..Thu, Apr 18, 2:39 PM

• werner added a commit: rGe591fd25adc3: gpg: Support encryption with kyber_cv448..Tue, Apr 23, 11:31 AM

• werner added a commit: rGf325d3277ec6: tests: Add two Kyber sample keys and messages..Tue, Apr 23, 2:05 PM

• werner added a commit: rG32ec480024b3: gpg: Support encryption with kyber_bp256 and kyber_bp384.Tue, Apr 23, 4:35 PM

• werner added a commit: rGdd650b2c7b7b: gpg: Support Kyber with Brainpool512r1..Tue, Apr 23, 5:40 PM

• werner added a commit: rC4fb99ec266e5: cipher:kem:ecc: Support brainpoolP512r1..Tue, Apr 23, 5:43 PM

Alright: We have support for all our combined algos ky{768,1024}_bp{256,384,512}and ky{768,1024}_cv{25519,448} as well as test keys and encrypted test messages.

• gniibe added a commit: rC005292cf9f41: cipher:kem:ecc: Support NIST curves..Wed, Apr 24, 4:19 AM

• werner added a commit: rG2958e5e4cfff: gpg: New option --require-pqc-encryption.Wed, Apr 24, 9:57 AM

Most things are done. Missing stuff

At some time we need status lines for non-compliance
Smartcard support for the ECC part.
Add a link into the .key files to show which of them belong together. This is for the case that we lost the public key.
Cleanup the language. For example replace dual or hybrid algo by composite algo.

• werner added a project: gnupg26.Wed, Apr 24, 10:02 AM

• werner moved this task from Backlog to QA on the gnupg26 board.Wed, Apr 24, 10:04 AM

PQC encryption for GnuPGOpen, NormalPublicActions

Description

Revisions and Commits

Related ObjectsSearch...

Event Timeline

PQC encryption for GnuPG
Open, NormalPublic
Actions

Related Objects
Search...