Camille Mougey

As a good practice, some buffer can be `zeroize` once they are no more needed. This is already done in some parts, but could be extended to more structures. These...

Using the `cfg feature` possibility of Rust, separates the Reading and the Writing part of `mla`. Thus, the production library could only contains needed parts (for instance, archive writers in...

In release build, Rust's operation are no more checked. Some operation made in MLA depends on "user" (ie. the archive data) input. For instance, seeking in the binary or getting...

Based on #217 Fix #214

Produce a secret key by combining two KEM-Encaps outputs, using a "Nested Dual-PRF Combiner", proved in [^6] (3.3) Arguments: - The use of concatenation scheme **including the ciphertext** keeps IND-CCA2...

Following #154, `mlar` is capable of producing deterministic keys based on an initial seed and a derivation path. Following #195, 2 secrets exists (the ECC and ML-KEM ones). The scheme...

- [x] HPKE (https://github.com/ANSSI-FR/MLA/issues/211) - https://github.com/ANSSI-FR/MLA/pull/220/commits/ce660ff93ca9c443ee9060e1db7d47bd2a2bdcf4 - https://github.com/ANSSI-FR/MLA/pull/220/commits/ba9b6756f5250d9ef12efb6d1ff054081ebb2009 - https://github.com/ANSSI-FR/MLA/pull/220/commits/fe6ada23c9d3878b4cc3432cd94d819b7a24b3cc - [ ] Hybrid KEM (ECC + MLKEM) (https://github.com/ANSSI-FR/MLA/issues/195) - [x] AES GCM key commitment (https://github.com/ANSSI-FR/MLA/issues/206) - https://github.com/ANSSI-FR/MLA/pull/209/commits/cf9897bbcad0788983cbbc20fc75764303765b4a - [x]...

## Context In order to encrypt for a recipient public key (Public Key Encryption, PKE) using elliptic curve encryption (ECC), MLA uses an ECIES-like scheme. As stated in [^1]: >...

Add the possibility to upgrade from a format v1 to a format v2 in `mlar`. This could be part of the `convert` command line or a dedicated `upgrade_v1_to_v2` sub-action. In...

Once the format v2 is finalized, `FORMAT.md` must be updated