XMSS/LMS survey results.

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

XMSS/LMS survey results.

David Hook-5


Hi All,

Thanks to those who responded to our survey on XMSS/LMS

We sent emails to both our dev list and announce list (around 600 people/organisations). We got 6 replies.

The survey questions and answers are below:

1. Do you currently use the BC version of XMSS/XMSS^MT? Yes/No

Yes (2) No (4)

2. If the answer to 1 is no: do you expect to use XMSS/XMSS^MT in an
application in the next 12 months? Yes/No

Yes (1)

3. If the answer to 1 or 2 is yes : what kind of application is
XMSS/XMSS^MT used for? (a) financial sector (b) law/legal (c) government
(d) education/teaching (e) other

(a) 0 (b) 1 (c) 0 (d) 1 (e) 1

4. Would you like to see Bouncy Castle add an implementation of LMS as
well? Yes/No

Yes (2)

The No responses indicated "No opinion" in 2 cases, rather than simply No.
In the case of the other 2 that said No, they indicated they were waiting to see how the NIST PQC process played out before making any long term decisions as to what they wanted to use.

Our intention, for now, is to keep track of LMS and see how things pan out with it.

Regards,

David

Hi All,

As some of you are probably aware, the US body NIST are currently
seeking proposals on post-quantum cryptography algorithms.

NIST have just expressed an interest in stateful signature algorithms,
and have asked for feedback about the two algorithms currently been
standardized by the IETF. XMSS/XMSS^MT which has just recently been
published as RFC 8391, and LMS which is still going through the IETF
process.

We have had an implementation of XMSS for a while now so have offered to
do a quick survey, both to give NIST an idea of what people would like
to see, and also for our own purposes as we are now looking at LMS. If
you are either using XMSS/XMSS^MT or planning to make use of
XMSS/XMSS^MT please answer the questions below.

Here are the questions:

1. Do you currently use the BC version of XMSS/XMSS^MT? Yes/No

2. If the answer to 1 is no: do you expect to use XMSS/XMSS^MT in an
application in the next 12 months? Yes/No

3. If the answer to 1 or 2 is yes : what kind of application is
XMSS/XMSS^MT used for? (a) financial sector (b) law/legal (c) government
(d) education/teaching (e) other

4. Would you like to see Bouncy Castle add an implementation of LMS as
well? Yes/No

Please respond to [hidden email] by 21st July.

Assuming we get responses, we will make aggregate survey results, based
on the questions above, available on both these lists the week after as
well as passing the aggregate results on to NIST.

Individual responses will be deleted once the aggregate results have
been put together.

Any questions about the above, please feel free to contact us.

Thanks,

David

Reply | Threaded
Open this post in threaded view
|

Fips Java module BC-FJA 1.0.2 News.

David Hook-5

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256


We've started working towards the next FIPS Java update in order to have
it ready soon after Java 11 stabilizes.

I'm pleased to announce that Micro Focus (https://www.microfocus.com)
have stepped up as one of the sponsors to make the release possible.

For details on what is going into the release see
https://www.bouncycastle.org/fips_java_roadmap.html

More to follow.

Regards,

David

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iF4EAREIAAYFAltf+LwACgkQbqHzoYMuRw4SVAD+KAM0JBWA1pW1Gy/iuR8RDppv
kPBhoEO5JTMf93C9K+IA/2nG43ibTT0amO1mFijTUemfAsJ3L5uKZ8CF0NYUAC1X
=W65P
-----END PGP SIGNATURE-----


Reply | Threaded
Open this post in threaded view
|

More Good News on Fips Java module BC-FJA 1.0.2

David Hook-5
In reply to this post by David Hook-5


Work on the new Bouncy Castle Java FIPS release, BC-FJA 1.0.2, is
continuing and we are now grateful to acknowledge that VMware
(https://www.vmware.com) have stepped up as one of the sponsors to make
the release possible.

For further details on what is going into the release and its status
please see:

https://www.bouncycastle.org/fips_java_roadmap.html

More to follow.

Regards,

David


Reply | Threaded
Open this post in threaded view
|

Update on FIPS Java module BC-FJA 1.0.2

David Hook-5
In reply to this post by David Hook-5


Work on the new Bouncy Castle Java FIPS release, BC-FJA 1.0.2, is
continuing and we are now grateful to acknowledge that Tripwire
(https://www.tripwire.com) have stepped up again as one of the sponsors
to make the release possible.

For further details on what is in the release and its status
please see:

https://www.bouncycastle.org/fips_java_roadmap.html

The release is now available via our early access program and we expect
to be commencing testing soon.

Regards,

David