Skip to content

ML-KEM key exchanges using Bouncy Castle 1.79#629

Merged
tomaswolf merged 4 commits into
apache:masterfrom
tomaswolf:gh-606
Nov 6, 2024
Merged

ML-KEM key exchanges using Bouncy Castle 1.79#629
tomaswolf merged 4 commits into
apache:masterfrom
tomaswolf:gh-606

Conversation

@tomaswolf
Copy link
Copy Markdown
Member

@tomaswolf tomaswolf commented Nov 3, 2024

Implement ML-KEM key exchanges; see https://datatracker.ietf.org/doc/html/draft-kampanakis-curdle-ssh-pq-ke-04 .
All three algorithms proposed in that draft RFC are implemented.

Includes an interoperability test for mlkem768x25519-sha256 against OpenSSH 9.9.

Fixes #606.

@tomaswolf
Re-add OpenSSH alias for sntrup761x25519-sha512
dfc12ba 
It was dropped by mistake when the plain alias was introduced in commit
ff9fc91.
@tomaswolf
Simplify aliases for DH factories
017bf00 
Avoid code duplication.
@tomaswolf
Bump Bouncy Castle version 1.78.1 -> 1.79
00fb9b6
@tomaswolf
apacheGH-606: ML-KEM key exchange implementation using Bouncy Castle
38bb2c6 
Refactor the KEM-based KEX paths a little bit; provide the ML-KEMs, and
add the DH factories combining the ML-KEMs with the base curves and
hashes.

KexTest tests that the new key exchanges do work between an Apache MINA
sshd client and server. Add an integration test that verifies that the
new ML-KEM kex works against an OpenSSH 9.9 server (it only has
mlkem768x25519, not the other two variants using ECDH nistp256/384, so
we can't test those).
@tomaswolf tomaswolf merged commit 38bb2c6 into apache:master Nov 6, 2024
@tomaswolf tomaswolf deleted the gh-606 branch April 25, 2025 15:34
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Support ML-KEM key exchanges

1 participant

@tomaswolf