Post-Quantum Discussion

[zamicol]

This is the location for all discussion related to post-quantum algorithms and Coze.

[zamicol]

This is a copy/paste from a previous discussion:

Supporting quantum-safe cryptographic signing algorithms is a good idea.

I should probably get document written up on what supporting a new signing algorithm entails. Some aspects on the top of my head:

0. Implementations of the primitives should be production ready for Coze. CozeX is the place for not-production ready implementations. (For example, liboqs states that it is not production ready)
1. The primitives should be implemented in CozeX first, and then after testing/adoption be moved into Coze.
2. The Go version should have a pure Go implementation of algorithm primitives. Similarly, a C implementation of Coze should use the C implementation. (The only new dependencies Go Coze should have is for algorithm primitives.)
3. Signing algorithms need to specify a partner hashing algorithm. SPHINCS specifies hashing algorithms (The SHA2 and SHAKE of corresponding size). I'm not sure if there's a standard choice for hashing algorithm for Dilithium2, Dilithium3, Dilithium5, although they use SHAKE and SHA3. It appears Falcon is using SHAKE-256.

I'm not sure if Coze is currently a good fit for Kyber as it is a key encapsulation mechanism (KEM) and not a signature scheme.