Looks like this NIST document talks about transition to PQC - https://nvlpubs.nist.gov/nistpubs/ir/2024/NIST.IR.8547.ipd.pdf
In Summary:
It recommends > 112 bits of security after 2030
It deprecates current ECC algorithms after 2030
It disallows current ECC algorithms after 2035
So, we have some time - and can use ECC/DH till the Quantum resistant algorithm use for 802.11 is specified, probably only after 802.11bn (guessing)...
- Nehru
We've recently had presentations on the threats to crypto presented by
quantum computers. DH is, as I understand it, vulnerable to quantum
computer attacks. Is it a good idea to use DH here? Are we assuming
that the data exposed by any crack of the DHss is not sensitive
enough to worry about for some reason?
Thanks,
Mark
--
Mark RISON, Standards Architect, WLAN English/Esperanto/Français
Samsung Cambridge Solution Centre Tel: +44 1223 434600
1 Cambridge Square, Cambridge CB4 0AE Fax: +44 1223 434601
ROYAUME UNI WWW: http://www.samsung.com/uk
From: Chittabrata Ghosh <chitta.ghosh@xxxxxxxxx>
Sent: Thursday, 13 March 2025 13:12
To: STDS-802-11-TGBN@xxxxxxxxxxxxxxxxx
Subject: Re: [STDS-802-11-TGBN] Motion Request MAC - Roaming
Hi Alfred,
Could you please add the following to the Motions for MAC?
Move to add the following to the 11bn SFD
•TBD request frame initiating roaming preparation carries the DH parameter element of the non-AP MLD when new PTK is derived
•TBD response frame during roaming preparation carries DH parameter element generated by the target AP MLD when new PTK is derived
•Non-AP MLD and the target AP MLD derive the PTK based on the shared PMK and DHss in TBD request and TBD response frames?
Supporting list: [24/1882, 24/1883]
Result: No objection
Regards,
Chitto
On Wed, Mar 12, 2025 at 6:08 PM Giovanni Chisci <00002b657bbbbed7-dmarc-request@xxxxxxxxxxxxxxxxx> wrote:
Dear Alfred,
Could you please add the following to the Motions for MAC?
Move to add the following to the 11bn SFD
- Do you support allowing a second mode for security in roaming (in addition to the first mode with single TK used across all AP MLDs of the SMD) where a non-AP MLD can derive a new TK under the same PTKSA with the target AP MLD?
- The new TK is derived as part of the single PTKSA
- The PN is maintained per PTKSA: The new TK negotiated with the target AP MLD shares the same PN space with the TK of the current AP MLD (PN is monotonically increasing)
Supporting list: [24/1882, 24/1883, 24/1884, 24/1874]
Result: No objection
Move to add the following to the 11bn SFD
- During the TBD time for retrieving DL from the Current AP MLD, the non-AP MLD may provide an indication to the Target AP MLD that the TBD time for DL retrieval is early-terminated before the TBD time?
- TBD signaling of the indication
Supporting list: [24/1882, 24/1883, 24/1884, 24/1898, 24/1874]
Result: No objection
To all, please let me know if you wish to add your DCNs as supporting documents.
Thanks,
Giovanni
To unsubscribe from the STDS-802-11-TGBN list, click the following link: https://listserv.ieee.org/cgi-bin/wa?SUBED1=STDS-802-11-TGBN&A=1
To unsubscribe from the STDS-802-11-TGBN list, click the following link: https://listserv.ieee.org/cgi-bin/wa?SUBED1=STDS-802-11-TGBN&A=1
To unsubscribe from the STDS-802-11-TGBN list, click the following link: https://listserv.ieee.org/cgi-bin/wa?SUBED1=STDS-802-11-TGBN&A=1