Post-quantum hybrid ECDHE-MLKEM Key Agreement for TLSv1.3

Post-quantum hybrid ECDHE-MLKEM Key Agreement for TLSv1.3 PQShield

kris@amongbytes.com

AWS

kpanos@amazon.com

Cloudflare

bas@cloudflare.com

University of Waterloo

dstebila@waterloo.ca

Transport Layer Security ECDH hybrid ML-KEM post-quantum x25519 This draft defines two hybrid key agreements for TLS 1.3: X25519MLKEM768 and SecP256r1MLKEM768, which combine a post-quantum KEM with an elliptic curve Diffie-Hellman (ECDHE). About This Document The latest revision of this draft can be found at . Status information for this document may be found at . Discussion of this document takes place on the Transport Layer Security Working Group mailing list (), which is archived at . Subscribe at . Source for this draft and an issue tracker can be found at .

Introduction

Motivation ML-KEM is a key encapsulation method (KEM) defined in the . It is designed to withstand cryptanalytic attacks from quantum computers. This document introduces two new supported groups for hybrid post-quantum key agreements in TLS 1.3: X25519MLKEM768 and SecP256r1MLKEM768. Both combine ML-KEM-768 with ECDH in the manner of . The first one uses X25519 and is an update to X25519Kyber768Draft00 , the most widely deployed PQ/T hybrid combiner for TLS v1.3 deployed in 2024. The second one uses secp256r1 (NIST P-256) . The goal of this group is to support a use case that requires both shared secrets to be generated by FIPS-approved mechanisms. Both constructions aim to provide a FIPS-approved key-establishment scheme (as per ).

Conventions and Definitions The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 when, and only when, they appear in all capitals, as shown here.

Negotiated Groups Both groups enable the derivation of TLS session keys using FIPS-approved schemes. NIST's special publication 800-56Cr2 approves the usage of HKDF with two distinct shared secrets, with the condition that the first one is computed by a FIPS-approved key-establishment scheme. FIPS also requires a certified implementation of the scheme, which will remain more ubiqutous for secp256r1 in the coming years. For this reason we put the ML-KEM-768 shared secret first in X25519MLKEM768, and the secp256r1 shared secret first in SecP256r1MLKEM768.

Construction

Client share When the X25519MLKEM768 group is negotiated, the client's key_exchange value is the concatenation of the client's ML-KEM-768 encapsulation key and the client's X25519 ephemeral share. The size of the client share is 1216 bytes (1184 bytes for the ML-KEM part and 32 bytes for X25519). When the SecP256r1MLKEM768 group is negotiated, the client's key_exchange value is the concatenation of the secp256r1 ephemeral share and ML-KEM-768 encapsulation key. The ECDHE share is the serialized value of the uncompressed ECDH point representation as defined in Section 4.2.8.2 of . The size of the client share is 1249 bytes (65 bytes for the secp256r1 part and 1184 bytes for ML-KEM).

Server share When the X25519MLKEM768 group is negotiated, the server's key exchange value is the concatenation of an ML-KEM ciphertext returned from encapsulation to the client's encapsulation key, and the server's ephemeral X25519 share. The size of the server share is 1120 bytes (1088 bytes for the ML-KEM part and 32 bytes for X25519). When the SecP256r1MLKEM768 group is negotiated, the server's key exchange value is the concatenation of the server's ephemeral secp256r1 share encoded in the same way as the client share and an ML-KEM ciphertext returned from encapsulation to the client's encapsulation key. The size of the server share is 1153 bytes (1088 bytes for the ML-KEM part and 65 bytes for secp256r1). For both groups, the server MUST perform the encapsulation key check described in Section 7.2 of on the client's encapsulation key, and abort with an illegal_parameter alert if it fails.

Shared secret For X25519MLKEM768, the shared secret is the concatenation of the ML-KEM shared secret and the X25519 shared secret. The shared secret is 64 bytes (32 bytes for each part). For SecP256r1MLKEM768, the shared secret is the concatenation of the ECDHE and ML-KEM shared secret. The ECDHE shared secret is the x-coordinate of the ECDH shared secret elliptic curve point represented as an octet string as defined in Section 7.4.2 of . The size of the shared secret is 64 bytes (32 bytes for each part).

Security Considerations The same security considerations as those described in apply to the approach used by this document. The security analysis relies crucially on the TLS 1.3 message transcript, and one cannot assume a similar hybridisation is secure in other protocols. Implementers are encouraged to use implementations resistant to side-channel attacks, especially those that can be applied by remote attackers.

IANA Considerations This document requests/registers two new entries to the TLS Supported Groups registry, according to the procedures in . These identifiers are to be used with the final, ratified by NIST, version of ML-KEM which is specified in .

SecP256r1MLKEM768

Value:: 4587 (0x11EB)
Description:: SecP256r1MLKEM768
DTLS-OK:: Y
Recommended:: N
Reference:: This document
Comment:: Combining secp256r1 ECDH with ML-KEM-768

X25519MLKEM768

Value:: 4588 (0x11EC)
Description:: X25519MLKEM768
DTLS-OK:: Y
Recommended:: N
Reference:: This document
Comment:: Combining X25519 ECDH with ML-KEM-768

Obsoleted Supported Groups This document obsoletes 25497 and 25498 in the TLS Supported Groups registry.

References Normative References Elliptic Curves for Security This memo specifies two elliptic curves over prime fields that offer a high level of practical security in cryptographic applications, including Transport Layer Security (TLS). These curves are intended to operate at the ~128-bit and ~224-bit security level, respectively, and are generated deterministically based on a list of required properties. Module-Lattice-Based Key-Encapsulation Mechanism Standard National Institute of Standards and Technology Recommendation for Key-Derivation Methods in Key-Establishment Schemes National Institute of Standards and Technology Key words for use in RFCs to Indicate Requirement Levels In many standards track documents several words are used to signify the requirements in the specification. These words are often capitalized. This document defines these words as they should be interpreted in IETF documents. This document specifies an Internet Best Current Practices for the Internet Community, and requests discussion and suggestions for improvements. Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words RFC 2119 specifies common key words that may be used in protocol specifications. This document aims to reduce the ambiguity by clarifying that only UPPERCASE usage of the key words have the defined special meanings. The Transport Layer Security (TLS) Protocol Version 1.3 This document specifies version 1.3 of the Transport Layer Security (TLS) protocol. TLS allows client/server applications to communicate over the Internet in a way that is designed to prevent eavesdropping, tampering, and message forgery. This document updates RFCs 5705 and 6066, and obsoletes RFCs 5077, 5246, and 6961. This document also specifies new requirements for TLS 1.2 implementations. Informative References X25519Kyber768Draft00 hybrid post-quantum key agreement Cloudflare University of Waterloo This memo defines X25519Kyber768Draft00, a hybrid post-quantum key exchange for TLS 1.3. Hybrid key exchange in TLS 1.3 University of Waterloo Cisco Systems University of Haifa Hybrid key exchange refers to using multiple key exchange algorithms simultaneously and combining the result with the goal of providing security even if all but one of the component algorithms is broken. It is motivated by transition to post-quantum cryptography. This document provides a construction for hybrid key exchange in the Transport Layer Security (TLS) protocol version 1.3. Discussion of this work is encouraged to happen on the TLS IETF mailing list tls@ietf.org or on the GitHub repository which contains the draft: https://github.com/dstebila/draft-ietf-tls-hybrid-design. IANA Registry Updates for TLS and DTLS Venafi sn3rd This document updates the changes to TLS and DTLS IANA registries made in RFC 8447. It adds a new value "D" for discouraged to the recommended column of the selected TLS registries. This document updates the following RFCs: 3749, 5077, 4680, 5246, 5705, 5878, 6520, 7301, and 8447. HMAC-based Extract-and-Expand Key Derivation Function (HKDF) RFC Editor Public Key Cryptography for the Financial Services Industry: The Elliptic Curve Digital Signature Algorithm (ECDSA) American National Standards Institute Recommendations for Discrete Logarithm-based Cryptography:: Elliptic Curve Domain Parameters National Institute of Standards and Technology

Change log

draft-kwiatkowski-tls-ecdhe-mlkem-02:
- Adds section that mentions supported groups that this document obsoletes.
- Fix a reference to encapsulation in the FIPS 203.
draft-kwiatkowski-tls-ecdhe-mlkem-01:
- Add X25519MLKEM768
draft-kwiatkowski-tls-ecdhe-mlkem-00:
- Change Kyber name to ML-KEM
- Swap reference to I-D.cfrg-schwabe-kyber with FIPS-203
- Change codepoint. New value is equal to old value + 1.
draft-kwiatkowski-tls-ecdhe-kyber-01: Fix size of key shares generated by the client and the server
draft-kwiatkowski-tls-ecdhe-kyber-00: updates following IANA review