Merge pull request #14 from cyberstormdotmu/loganaden-patch-x25519mlkem768

verocri · web-flow · commit c051dcc7af90 · 2025-12-10T11:20:32.000+01:00
Expand on hybrid key exchanges
diff --git a/index.bs b/index.bs
@@ -209,6 +209,8 @@ ECDH is the most widely used today, described in [[RFC6090]]. The main aspect of
 
 Other common curves most used are the Montgommery curves Curve2559 and Curve448. ECDH with Curve2559 is named X25519 and ECDH with Curve448 is named X448. They are not a standard by NIST, but are widely used and recommended for their security and performance. They are defined in [[RFC7748]]. The difference betweem them is the security level and performance, with X25519 being faster and more efficient (128 security bits), while X448 offers a higher security level (224 security bits).
 
+Hybrid key exchanges combine both ECDH and post-quantum key exchange to reduce the security risks involved with post-quantum key exchanges implementations. An example is X25519MLKEM768 described in [[X25519MLKEM768]].
+
 Note: The output of a key exchange generally is not uniformly distributed, therefore it is descouraged using that as cryptographic key. Instead, a KDF is required to derive a symmetric key from the shared secret.
 
 An important aspect is that the public key of the counterparty must be validated before using it in the key exchange process, to ensure its authenticity and integrity. This validation process typically involves checking the format of the public key, verifying its parameters, and ensuring that it has not been tampered with or altered. Failure to validate the public key can lead to security vulnerabilities, such as small subgroup attack or invalid curve attack, which can compromise the security of the key exchange process and potentially expose sensitive information to unauthorized parties.
@@ -628,6 +630,18 @@ PBKDF2 is standardized in [[RFC8018]]. It is based on the HMAC construction and
         "publisher": "United Nations",
         "date": "2023"
     }
+    "X25519MLKEM768": {
+        "title": "Post-quantum hybrid ECDHE-MLKEM Key Agreement for TLSv1.3",
+        "authors": [
+            "K. Kwiatkowski",
+            "P. Kampanakis",
+            "B. E. Westerbaan",
+            "D. Steblia"
+        ],
+        "href": "https://datatracker.ietf.org/doc/draft-ietf-tls-ecdhe-mlkem/",
+        "publisher": "IETF",
+        "date": "2025"
+    }
 }
 
 </pre>
