Whew, I was getting nervous. A place I worked at had a developer implement Tripl...

Joel_Mckay · 2024-10-21T23:59:35.000000Z

libgpg will have Kyber / FIPS 203 working soon.

SPHINCS+ / FIPS 205 should be available soon.

FALCON ...unknown FIPS draft TBA soon.

These are newer quantum resistant algorithms, and should be considered in your future maintenance cycle as they become available in the libraries.

NIST has some of the brightest minds in the world. When they suggest something, than one should probably take the advice very seriously. =3

tptacek · 2024-10-22T00:00:58.000000Z

My understanding is that NIST has like 2 cryptographers sitting in a closet somewhere. They're good cryptographers, but there isn't much of them.

cperciva · 2024-10-22T01:52:46.000000Z

NIST is basically the publishing arm of the NSA, so it really depends on whether the NSA is taking the "protect national information assets" or the "attack foreign information assets" part of its mandate more seriously from year to year.

dfc · 2024-10-22T02:03:36.000000Z

NIST does a lot of really neat work outside of crypto standards. Judah Levine and all the other metrology folks are awesome. It's unfortunate that they get grouped together by comments like this.

cperciva · 2024-10-22T02:24:07.000000Z

Sorry, yes I only meant in the context of cryptography of course. NIST is a great organization and it's really a historical accident that they do anything with crypto.

Joel_Mckay · 2024-10-22T00:13:29.000000Z

One will find the pool of people that deal in esoteric problems tends to be rather small in every field. =3

deknos · 2024-10-22T05:03:37.000000Z

What's libgpg? i only know libgpg-error and libgcrypt.

Joel_Mckay · 2024-10-22T06:10:48.000000Z

In general, the stable build usually requires:

gnupg 2.4.3

libassuan 2.5.6

libgcrypt 1.10.3

libgpgerror 1.47

libksba 1.6.5

npth 1.6

pinentry 1.2.1

However, the Kyber algorithm was only committed recently in libgcrypt 1.11.0, and will not build on some platforms due to an libassuan 3.0.1 issue.

Did you have additional details on when a working packaged set of dependencies will be available for static .a builds that support Kyber?

Have a great day =3