-
Type:
Enhancement
-
Resolution: Unresolved
-
Priority:
P3
-
None
-
Affects Version/s: None
-
Component/s: security-libs
Add support for Composite ML-DSA which is being standardized in the IETF LAMPS working group and specified in Internet Draft: https://datatracker.ietf.org/doc/draft-ietf-lamps-pq-composite-sigs/.
From the Abstract: "This document defines combinations of ML-DSA [FIPS.204] in hybrid with traditional algorithms RSASSA-PKCS1-v1_5, RSASSA-PSS, ECDSA, Ed25519, and Ed448. These combinations are tailored to meet security best practices and regulatory guidelines. Composite ML-DSA is applicable in any application that uses X.509 or PKIX data structures that accept ML-DSA, but where the operator wants extra protection against breaks or catastrophic bugs in ML-DSA."
From the Abstract: "This document defines combinations of ML-DSA [FIPS.204] in hybrid with traditional algorithms RSASSA-PKCS1-v1_5, RSASSA-PSS, ECDSA, Ed25519, and Ed448. These combinations are tailored to meet security best practices and regulatory guidelines. Composite ML-DSA is applicable in any application that uses X.509 or PKIX data structures that accept ML-DSA, but where the operator wants extra protection against breaks or catastrophic bugs in ML-DSA."