Thanks Dirk for the review. The comments have been addressed in PR https://github.com/tireddy2/pqc-for-engineers/pull/95.
-Tiru
On Tue, 29 Jul 2025 at 00:07, Dirk Von Hugo via Datatracker <noreply@xxxxxxxx> wrote:
Document: draft-ietf-pquip-pqc-engineers
Title: Post-Quantum Cryptography for Engineers
Reviewer: Dirk Von Hugo
Review result: Ready with Nits
Dear all,
I am an assigned INT directorate reviewer for draft-ietf-pquip-pqc-engineers-13.
These comments were written primarily for the benefit of the Internet Area
Directors. Document editors and shepherd(s) should treat these comments just
like they would treat comments from any other IETF contributors and resolve
them along with any other Last Call comments that have been received. For more
details on the INT Directorate, see
https://datatracker.ietf.org/group/intdir/about/
<https://datatracker.ietf.org/group/intdir/about/>.
As I am no expert neither in cryptography nor Quantum Computing my comments
mostly deal with general observations and suggestion for possible clarification.
The document gives a quite broad overview on threats of future Post Quantum
Computing means used by potential attackers on cryptographically secured
communication. IMO the document may improve by adding clarifications and
correcting nits/typos as follow below: Thanks and BR Dirk
P.4:
so too will quantum computers have a niche => so will quantum computers, too,
have a niche
p.5:
into expected key, ciphertext and => into expected key, ciphertext, and
p.6:
Shor's algorithm ... Grover's algorithm : I suggest to add a reference here,
e.g. [] P.W. Shor. "Polynomial-time algorithms for prime factorization and
discrete logarithms on a quantum computer". SIAM review, 41(2):303–332, 1999.
[] L.K. Grover. "A fast quantum mechanical algorithm for database search". In
Proceedings of the twenty-eighth annual ACM symposium on Theory of computing,
page 219. ACM, 1996.
p.8:
AES-128, 192, and 256 =>AES-128, AES-192, and AES-256
National Agency ... => (French) National Agency ...
p.9:
factorization, finite field discrete logarithms or elliptic curve =>
factorization, finite field discrete logarithms, or elliptic curve
cryptography and is therefore vulnerable => cryptography and are therefore
vulnerable
p.11:
[HQC]: This algorithm is => [HQC]: Hamming Quasi-Cyclic coding algorithm
which is
p.14:
HDNL attacks => HDNL ("harvest now, decrypt later") attacks
October, 2024 => October 2024
p.15:
number of required oracle queries => number of required oracle queries, i.e. of
(unique) queries to a cryptographic black box resulting in random uniformly
distributed responses [or add a better short explanation of the idiom here]
p.23:
11.1. Security Properties of PQC Signatures - there is no text for this
section! Formatting error??
p.26:
(i.e., XMSS-MT and HSS respectively) => (i.e., XMSS-MT and HSS, respectively)
p.27ff:
I suggest to add descriptive captions to tables 1 - 6 and refer to them
accordingly in the text
p.34:
[I-D.ietf-lamps-pq-composite-sigs]can => [I-D.ietf-lamps-pq-composite-sigs] can
p.35/40:
vs => vs.
p.36:
needed ([I-D.draft-bonnell-lamps-chameleon-certs]. => needed
([I-D.draft-bonnell-lamps-chameleon-certs]). OR needed
[I-D.draft-bonnell-lamps-chameleon-certs].
p.39:
PQ algorithms ... PQ overhead ... PQ costs : I assume this is identical to PQC
algorithms, overhead, costs?
p.45:
[QuantSide] "QuantSide", n.d., <https://arxiv.org/pdf/2304.03315> =>
[QuantSide] "QuantSide", 2023, <https://arxiv.org/pdf/2304.03315> see:
https://dl.acm.org/doi/10.1145/3576915.3623118 for (meanwhile) available
details of this reference ...
--
Pqc mailing list -- pqc@xxxxxxxx
To unsubscribe send an email to pqc-leave@xxxxxxxx
-- last-call mailing list -- last-call@xxxxxxxx To unsubscribe send an email to last-call-leave@xxxxxxxx
