logoalt Hacker News

mswphdtoday at 5:33 PM0 repliesview on HN

The IETF has published the russian TLS 1.2 standard (RFC 9189). This includes Kuznyechik, which is has a certain design choice consistent with it being backdoored.

https://en.wikipedia.org/wiki/Kuznyechik#Cryptanalysis

(the work by Perrin that is mentioned is what I'm referring to).

The (pure) mlkem standard is also marked "recommended to implement = No". people are interested in implementing it. The IETF can't change that. They can try to ensure such implementations are interoperable though.