-
Notifications
You must be signed in to change notification settings - Fork 727
Include both variants FrodoKEM #2192
Copy link
Copy link
Labels
enhancementNew feature or requestNew feature or requesthelp wantedAsking for support from non-core teamAsking for support from non-core teamwishlistOn the contribution wishlist (see wiki/Contribution-wishlist)On the contribution wishlist (see wiki/Contribution-wishlist)
Milestone
Description
Metadata
Metadata
Assignees
Labels
enhancementNew feature or requestNew feature or requesthelp wantedAsking for support from non-core teamAsking for support from non-core teamwishlistOn the contribution wishlist (see wiki/Contribution-wishlist)On the contribution wishlist (see wiki/Contribution-wishlist)
Type
Fields
Give feedbackNo fields configured for Feature.
Projects
Status
Done
Status
Done
Discussed in https://github.com/orgs/open-quantum-safe/discussions/2188
Originally posted by RodriM11 July 2, 2025
Hi! Current implementation of FrodoKEM present on
liboqsis based on the proposal for the first NIST PQC Standardization Process. After the selections made by NIST at the end of this round, the FrodoKEM team made important modifications to the submission: the NIST specification became the one named as "ephemeral" in which a salt is not included (and was renamed to eFrodoKEM). A new variant called FrodoKEM was constructed, which is suitable for applications in which many ciphertexts might be produced relative to a single public key, and includes further changes to address IND-CCA concerns.Since FrodoKEM is recommended by a number of standardization bodies beyond NIST (is on track to become an ISO standard, appears as an internet draft, is recommended by agencies such as BSI), I believe it would be interesting to include both variants as part of
liboqscapabilities