Merge pull request #103 from lamps-wg/99-add-ml-dsa-87-with-rsa-4096

Adds ML-DSA-87 with RSA 4096 combinations.
lamps-wg · Feb 5, 2025 · d48d6ab · d48d6ab
2 parents 5c49dab + 166fe54
commit d48d6ab
Show file tree

Hide file tree

Showing 3 changed files with 83 additions and 3 deletions.
diff --git a/.github/workflows/ghpages.yml b/.github/workflows/ghpages.yml
@@ -51,7 +51,7 @@ jobs:
         token: ${{ github.token }}
 
     - name: "Archive Built Drafts"
-      uses: actions/upload-artifact@v3
+      uses: actions/upload-artifact@v4
       with:
         path: |
           draft-*.html

diff --git a/Composite-MLDSA-2024.asn b/Composite-MLDSA-2024.asn
@@ -312,6 +312,19 @@ sa-MLDSA87-Ed448 SIGNATURE-ALGORITHM ::=
        id-MLDSA87-Ed448,
        pk-MLDSA87-Ed448 }
 
+-- TODO: OID to be replaced by IANA
+id-MLDSA87- OBJECT IDENTIFIER ::= {
+   joint-iso-itu-t(2) country(16) us(840) organization(1)
+   entrust(114027) algorithm(80) composite(8) signature(1) 75 }
+
+pk-MLDSA87-RSA4096-PSS PUBLIC-KEY ::=
+  pk-CompositeSignature{ id-MLDSA87-RSA4096-PSS,
+  CompositeMLDSAPublicKey}
+
+sa-MLDSA87-RSA4096-PSS SIGNATURE-ALGORITHM ::=
+    sa-CompositeSignature{
+       id-MLDSA87-RSA4096-PSS,
+       pk-MLDSA87-RSA4096-PSS }
 
 -- PreHash Version of the OIDs
 
@@ -539,6 +552,22 @@ sa-HashMLDSA87-Ed448-SHA512 SIGNATURE-ALGORITHM ::=
        id-HashMLDSA87-Ed448-SHA512,
        pk-HashMLDSA87-Ed448-SHA512 }
 
+
+-- TODO: OID to be replaced by IANA
+id-HashMLDSA87-RSA4096-PSS-SHA512 OBJECT IDENTIFIER ::= {
+   joint-iso-itu-t(2) country(16) us(840) organization(1)
+   entrust(114027) algorithm(80) composite(8) signature(1) 95 }
+
+pk-HashMLDSA87-RSA4096-PSS-SHA512 PUBLIC-KEY ::=
+  pk-CompositeSignature{ id-HashMLDSA87-RSA4096-PSS-SHA512,
+  CompositeMLDSAPublicKey}
+
+sa-HashMLDSA87-RSA4096-PSS-SHA512 SIGNATURE-ALGORITHM ::=
+    sa-CompositeSignature{
+       id-HashMLDSA87-RSA4096-PSS-SHA512,
+       pk-HashMLDSA87-RSA4096-PSS-SHA512 }
+
+
 SignatureAlgorithmSet SIGNATURE-ALGORITHM ::= {
   sa-MLDSA44-RSA2048-PSS |
   sa-MLDSA44-RSA2048-PKCS15 |
@@ -549,11 +578,29 @@ SignatureAlgorithmSet SIGNATURE-ALGORITHM ::= {
   sa-MLDSA65-RSA4096-PSS |
   sa-MLDSA65-RSA4096-PKCS15 |
   sa-MLDSA65-ECDSA-P256 |
+  sa-MLDSA65-ECDSA-P384 |
   sa-MLDSA65-ECDSA-brainpoolP256r1 |
   sa-MLDSA65-Ed25519 |
   sa-MLDSA87-ECDSA-P384 |
   sa-MLDSA87-ECDSA-brainpoolP384r1 |
-  sa-MLDSA87-Ed448,
+  sa-MLDSA87-Ed448 |
+  sa-MLDSA87-RSA4096-PSS |  
+  sa-HashMLDSA44-RSA2048-PSS-SHA256 |
+  sa-HashMLDSA44-RSA2048-PKCS15-SHA256 |
+  sa-HashMLDSA44-Ed25519-SHA512 |
+  sa-HashMLDSA44-ECDSA-P256-SHA256 |
+  sa-HashMLDSA65-RSA3072-PSS-SHA512 |
+  sa-HashMLDSA65-RSA3072-PKCS15-SHA512 |
+  sa-HashMLDSA65-RSA4096-PSS-SHA512 |
+  sa-HashMLDSA65-RSA4096-PKCS15-SHA512 |
+  sa-HashMLDSA65-ECDSA-P256-SHA512 |
+  sa-HashMLDSA65-ECDSA-P384-SHA512 |
+  sa-HashMLDSA65-ECDSA-brainpoolP256r1-SHA512 |
+  sa-HashMLDSA65-Ed25519-SHA512 |
+  sa-HashMLDSA87-ECDSA-P384-SHA512 |
+  sa-HashMLDSA87-ECDSA-brainpoolP384r1-SHA512 |
+  sa-HashMLDSA87-Ed448-SHA512 |
+  sa-HashMLDSA87-RSA4096-PSS-SHA512,
   ... }
 
 
@@ -576,11 +623,29 @@ SMimeCaps SMIME-CAPS ::= {
   sa-MLDSA65-RSA4096-PSS.&smimeCaps |
   sa-MLDSA65-RSA4096-PKCS15.&smimeCaps |
   sa-MLDSA65-ECDSA-P256.&smimeCaps |
+  sa-MLDSA65-ECDSA-P384.&smimeCaps |
   sa-MLDSA65-ECDSA-brainpoolP256r1.&smimeCaps |
   sa-MLDSA65-Ed25519.&smimeCaps |
   sa-MLDSA87-ECDSA-P384.&smimeCaps |
   sa-MLDSA87-ECDSA-brainpoolP384r1.&smimeCaps |
-  sa-MLDSA87-Ed448.&smimeCaps,
+  sa-MLDSA87-Ed448.&smimeCaps |
+  sa-MLDSA87-RSA4096-PSS.&smimeCaps |  
+  sa-HashMLDSA44-RSA2048-PSS-SHA256.&smimeCaps |
+  sa-HashMLDSA44-RSA2048-PKCS15-SHA256.&smimeCaps |
+  sa-HashMLDSA44-Ed25519-SHA512.&smimeCaps |
+  sa-HashMLDSA44-ECDSA-P256-SHA256.&smimeCaps |
+  sa-HashMLDSA65-RSA3072-PSS-SHA512.&smimeCaps |
+  sa-HashMLDSA65-RSA3072-PKCS15-SHA512.&smimeCaps |
+  sa-HashMLDSA65-RSA4096-PSS-SHA512.&smimeCaps |
+  sa-HashMLDSA65-RSA4096-PKCS15-SHA512.&smimeCaps |
+  sa-HashMLDSA65-ECDSA-P256-SHA512.&smimeCaps |
+  sa-HashMLDSA65-ECDSA-P384-SHA512.&smimeCaps |
+  sa-HashMLDSA65-ECDSA-brainpoolP256r1-SHA512.&smimeCaps |
+  sa-HashMLDSA65-Ed25519-SHA512.&smimeCaps |
+  sa-HashMLDSA87-ECDSA-P384-SHA512.&smimeCaps |
+  sa-HashMLDSA87-ECDSA-brainpoolP384r1-SHA512.&smimeCaps |
+  sa-HashMLDSA87-Ed448-SHA512.&smimeCaps |
+  sa-HashMLDSA87-RSA4096-PSS-SHA512.&smimeCaps,
   ... }
 
 END
diff --git a/draft-ietf-lamps-pq-composite-sigs.md b/draft-ietf-lamps-pq-composite-sigs.md
@@ -1081,6 +1081,7 @@ Pure Composite-ML-DSA Signature public key types:
 | id-MLDSA87-ECDSA-P384            | &lt;CompSig&gt;.72  | id-ML-DSA-87 | ecdsa-with-SHA384 with secp384r1 |
 | id-MLDSA87-ECDSA-brainpoolP384r1 | &lt;CompSig&gt;.73 | id-ML-DSA-87 | ecdsa-with-SHA384 with brainpoolP384r1 |
 | id-MLDSA87-Ed448                        | &lt;CompSig&gt;.74 | id-ML-DSA-87 | id-Ed448 |
+| id-MLDSA87-RSA4096-PSS           | &lt;CompSig&gt;.75 | id-ML-DSA-87 | id-RSASA-PSS with id-sha384 |
 {: #tab-sig-algs title="Pure ML-DSA Composite Signature Algorithms"}
 
 See the ASN.1 module in section {{sec-asn1-module}} for the explicit definitions of the above Composite ML-DSA algorithms.
@@ -1108,6 +1109,7 @@ HashComposite-ML-DSA Signature public key types:
 | id-HashMLDSA87-ECDSA-P384-SHA512            | &lt;CompSig&gt;.92  | id-ML-DSA-87 | ecdsa-with-SHA384 with secp384r1 | id-sha512|
 | id-HashMLDSA87-ECDSA-brainpoolP384r1-SHA512 | &lt;CompSig&gt;.93 | id-ML-DSA-87 | ecdsa-with-SHA384 with brainpoolP384r1 | id-sha512 |
 | id-HashMLDSA87-Ed448-SHA512              | &lt;CompSig&gt;.94 | id-ML-DSA-87 | id-Ed448 | id-sha512 |
+| id-HashMLDSA87-RSA4096-PSS-SHA512           | &lt;CompSig&gt;.95 | id-ML-DSA-87 | id-RSASA-PSS with id-sha384 | id-sha512 |
 {: #tab-hash-sig-algs title="Hash ML-DSA Composite Signature Algorithms"}
 
 
@@ -1138,6 +1140,8 @@ As mentioned above, the OID input value is used as a domain separator for the Co
 | id-MLDSA87-ECDSA-P384 |060B6086480186FA6B50080148|
 | id-MLDSA87-ECDSA-brainpoolP384r1 |060B6086480186FA6B50080149|
 | id-MLDSA87-Ed448 |060B6086480186FA6B5008014A|
+| id-MLDSA87-RSA4096-PSS |060B6086480186FA6B5008014B|
+
 {: #tab-sig-alg-oids title="Pure ML-DSA Composite Signature Domain Separators"}
 
 | Composite Signature Algorithm | Domain Separator (in Hex encoding)|
@@ -1157,6 +1161,7 @@ As mentioned above, the OID input value is used as a domain separator for the Co
 | id-HashMLDSA87-ECDSA-P384-SHA512 |060B6086480186FA6B5008015C|
 | id-HashMLDSA87-ECDSA-brainpoolP384r1-SHA512 |060B6086480186FA6B5008015D|
 | id-HashMLDSA87-Ed448-SHA512 |060B6086480186FA6B5008015E|
+| id-HashMLDSA87-RSA4096-PSS-SHA512 |060B6086480186FA6B5008015F|
 {: #tab-hash-sig-alg-oids title="Hash ML-DSA Composite Signature Domain Separators"}
 
 ## Rationale for choices
@@ -1430,6 +1435,11 @@ EDNOTE to IANA: OIDs will need to be replaced in both the ASN.1 module and in {{
   - Description:  id-MLDSA87-Ed448
   - References: This Document
 
+- id-MLDSA87-RSA4096-PSS
+  - Decimal: IANA Assigned
+  - Description:  id-MLDSA87-RSA4096-PSS
+  - References: This Document
+
 - id-HashMLDSA44-RSA2048-PSS-SHA256
   - Decimal: IANA Assigned
   - Description:  id-HashMLDSA44-RSA2048-PSS-SHA256
@@ -1505,6 +1515,11 @@ EDNOTE to IANA: OIDs will need to be replaced in both the ASN.1 module and in {{
   - Description:  id-HashMLDSA87-Ed448-SHA512
   - References: This Document
 
+- id-HashMLDSA87-RSA4096-PSS-SHA512
+  - Decimal: IANA Assigned
+  - Description:  id-HashMLDSA87-RSA4096-PSS-SHA512
+  - References: This Document
+
 <!-- End of IANA Considerations section -->
 
 # Security Considerations