Algorithms included by CycloneDX that might turn into candidates for SPDX #43
Description
This is a list of 28 algorithms (families) included by CycloneDX in their Cryptography registry that we do not currentlyy have in our list or we have but in different forms, names.....
- 3GPP-XOR - Telecom-specific (3GPP), not in SPDX
- A5/1 - GSM encryption, not in SPDX
- A5/2 - GSM encryption, not in SPDX
- Ascon - NIST lightweight crypto winner, not in SPDX
- ASN1 - Notation system, not cryptographic algorithm
- BLS - Boneh-Lynn-Shacham signatures, not in SPDX
- blum-goldwasser - Not in SPDX
- ECDSA - Elliptic Curve DSA, surprisingly not in SPDX
- ECIES - EC Integrated Encryption, not in SPDX
- EdDSA - Edwards-curve DSA, not in SPDX
- HC - Stream cipher family, not in SPDX (though hc128/hc256 exist separately)
- HKDF - Key derivation function, not in SPDX
- HMAC - Message authentication code, not in SPDX as standalone
- IKE-PRF - IKE pseudo-random function, not in SPDX
- KMAC - Keccak MAC, not in SPDX
- LMS - Leighton-Micali Signature, not in SPDX
- MILENAGE - Telecom-specific (3GPP), not in SPDX
- ML-DSA - Post-quantum (CRYSTALS-Dilithium), not in SPDX
- ML-KEM - Post-quantum (CRYSTALS-Kyber), not in SPDX
- PBMAC1 - Password-Based MAC, not in SPDX
- pkcs12 - PKCS categories added and commonkeySize vs securityStrength #12, not a cryptographic algorithm per se
- Poly1305 - One-time authenticator, not in SPDX
- SipHash - Fast PRF, not in SPDX
- SLH-DSA - Post-quantum (SPHINCS+), not in SPDX
- SP800-108 - NIST KDF framework, not in SPDX
- TUAK - Telecom-specific (3GPP), not in SPDX
- X3DH - Signal Protocol key agreement, not in SPDX
- XMSS - Extended Merkle Signature, not in SPDX
The following ones could be the following candidates for the SPDX List:
- Post-quantum algorithms: ML-DSA, ML-KEM, SLH-DSA, LMS, XMSS
- Modern standards: EdDSA, ECDSA, HKDF, HMAC
- Telecom: 3GPP-XOR, MILENAGE, TUAK