Add paragraph clarifying key generation (#77)

* Add paragraph clarifying key generation Suggested-by: Carl Wallice * bad randomness is bad; good randomness is good Suggested by #77 (comment) * fix typo Co-authored-by: Mike Ounsworth <mike@ounsworth.ca> --------- Co-authored-by: Sean Turner <sean@sn3rd.com> Co-authored-by: Mike Ounsworth <mike@ounsworth.ca>
lamps-wg · Dec 11, 2024 · a87d058 · a87d058
1 parent 6d5894d
commit a87d058
Showing 1 changed file with 5 additions and 0 deletions.
diff --git a/draft-ietf-lamps-kyber-certificates.md b/draft-ietf-lamps-kyber-certificates.md
@@ -270,6 +270,11 @@ decapsulation key. The expanded private key (and public key)
 is computed from the seed using `ML-KEM.KeyGen_internal(d,z)` (algorithm 16)
 using the first 32 octets as *d* and the remaining 32 octets as *z*.
 
+A keypair is generated by sampling 64 octets uniformly at random
+for the seed (private key)  from a cryptographically secure
+pseudorandom number generator (CSPRNGs). The public key can then
+be computed using `ML-KEM.KeyGen_internal(d,z)` as described earlier.
+
 "Asymmetric Key Packages" {{!RFC5958}} describes how to encode a private
 key in a structure that both identifies what algorithm the private key
 is for and allows for the public key and additional attributes about the