X25519/X448 testing #1486
Comments
|
You're right. We would not be able to offer certification, but this is something we can work on in the meantime. Unfortunately it would be a lower priority item than the other approved algorithms we need to complete, PQC, stateful hash-based signatures. I'll add it to our agenda, but due to the priority I cannot promise any completion date. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
What type of change is being proposed?
Implement testing for X25519/X448 (aka ECDH with Curve25519 and Curve448).
Details on suggestion
I am aware that X25519 and X448 are currently not yet FIPS-approved, as they are not specified in SP 800-56Ar3. However, it is my understanding that this omission is due to a lack of manpower in the NIST CT group, rather than any security concerns. Moreover, ACVP is not only used by FIPS validations, but also other standards-based evaluations (like Common Criteria under NIAP). It would be very useful to have X25519/X448 testing available for these evaluations, even if FIPS does not yet allow them. X25519 and X448 are also part of the TLS 1.3 specification, and therefore widely implemented in cryptographic libraries.
The text was updated successfully, but these errors were encountered: