Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add paragraph clarifying key generation #77

Merged
merged 3 commits into from
Dec 11, 2024
Merged
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 5 additions & 0 deletions draft-ietf-lamps-kyber-certificates.md
Original file line number Diff line number Diff line change
Expand Up @@ -270,6 +270,11 @@ decapsulation key. The expanded private key (and public key)
is computed from the seed using `ML-KEM.KeyGen_internal(d,z)` (algorithm 16)
using the first 32 octets as *d* and the remaining 32 octets as *z*.

A keypair is generated by sampling 64 octets uniformly at random
for the seed (private key) from a cryptographically secure
pseudorandom number generator (CSPRNGs). The public key can then
be computed using `ML-KEM.KeyGen_internal(d,z)` as described earlier.

"Asymmetric Key Packages" {{!RFC5958}} describes how to encode a private
key in a structure that both identifies what algorithm the private key
is for and allows for the public key and additional attributes about the
Expand Down
Loading