IETF Logo Mail Archive

[Cfrg] I-D Action: draft-irtf-cfrg-hpke-06.txt

Jean-Philippe Aumasson <jeanphilippe.aumasson@gmail.com> Mon, 26 October 2020 14:09 UTC

Return-Path: <jeanphilippe.aumasson@gmail.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 361193A0BA1 for <cfrg@ietfa.amsl.com>; Mon, 26 Oct 2020 07:09:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LkI2ES8gTq4g for <cfrg@ietfa.amsl.com>; Mon, 26 Oct 2020 07:09:08 -0700 (PDT)
Received: from mail-wr1-x42a.google.com (mail-wr1-x42a.google.com [IPv6:2a00:1450:4864:20::42a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3E3B83A0B82 for <cfrg@ietf.org>; Mon, 26 Oct 2020 07:09:08 -0700 (PDT)
Received: by mail-wr1-x42a.google.com with SMTP id s9so12707135wro.8 for <cfrg@ietf.org>; Mon, 26 Oct 2020 07:09:08 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=zMsQ9PRC078T+z34JkDlktM3vlCfMVMUnSVHLgZEpzI=; b=hGM9plBS6YPC+o5nj0KT27+SsDJIfCyY1WM6lxTe3pIYLuIOrp7/sFAcerLXsn8LOg 0SlweXj2f+4kAfYj5eiMCnP/fi5hqqnZyL9raJPcuXMSmpYua5rS5AKy0KmMLpytPo3b 97T9H4bqrKcjT5WsldIJYPi8aJ8VMCr/l7iELSFrRlgOmw09ywa9oRoKqYXTi3++Lu73 8vZSqJhFzXEQORtyAOYHz45VNwE5MrMWMrH26iPqytAabU5HS2Inf0Dt4x3ycNFiq0qJ U6qxi8jOiCdgvvjwB/YsLc/3gL7dmkfBBhhEjqDZKRIF1W/fadA6aF6wPI0zNTXhnH71 v9Cw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=zMsQ9PRC078T+z34JkDlktM3vlCfMVMUnSVHLgZEpzI=; b=WV9vg9X+LBkuWvaRCNfwabGx2IiGCTO28eBq7QPc/7S7vHjI3lIx63afKRTEGx2+0G yCmU1qAsT6LL7kuW0LOpy8hpCNJMC39fHey4m2R38B2PEZagXO0bEDZa4B45z2l+dL7o COBb74BS1J/M4jAgshJxe//Rg/KBgEL/rJ4TiKS/je45R7UjHnkz3ZSBoSznqQIzW4XH qO4sPpvlUwLGdwQApEyXMOWO/eDU0HJ1iNrBMLJqNGwIz8NCxnNxcAvKNZ4/tYttWDxs bLQJMGsR4gaHVT73VCVXJZgQatCPw93AQ1eUIved9n8wZUuOn1KqftrWBzXzZfHiWOR5 UFQg==
X-Gm-Message-State: AOAM530qr2Glx2PkFqJ+i8KJwQ8w7IzEFwUOI2ChYAtBp9dqKlqNKGZv vUZsIKPBlDSdCO6xLUeqFjEHeFjzTMLXrgDS5DiUv5MXyx7mog==
X-Google-Smtp-Source: ABdhPJwMcyFnH8JC0rWPbLq/J87mjKV2ztus4jfc8oiZUD96GPQXq5fq3XTM1iGVIittCVLRjUTIbHHR9DbcbJU9baA=
X-Received: by 2002:a5d:5701:: with SMTP id a1mr17892024wrv.414.1603721346378; Mon, 26 Oct 2020 07:09:06 -0700 (PDT)
MIME-Version: 1.0
From: Jean-Philippe Aumasson <jeanphilippe.aumasson@gmail.com>
Date: Mon, 26 Oct 2020 15:08:55 +0100
Message-ID: <CAGiyFdejssUBrs3wmQL7QVKS_YkAr4aoOjow9wOgPHfcsPv+UA@mail.gmail.com>
To: cfrg@ietf.org
Content-Type: multipart/alternative; boundary="0000000000002b8a1a05b29379f3"
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/HDn-N7qH5a0FMfXvdzLMPWhUU2c>
Subject: [Cfrg] I-D Action: draft-irtf-cfrg-hpke-06.txt
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Mon, 26 Oct 2020 14:09:10 -0000

Hi!

quick comments on the new draft, as solicited by the chairs (thanks for
reminding me of this!):

as commented in my review, and as discussed more recently with Ben Lipp, I
just find that directly defining the KDR in terms extract/expand internal
operations will prevent the adoption of other KDFs than HKDF. The
construction could be defined in terms of a generic KDF block and retain
its security properties (KeySchedule() might have to be adapted).

Otherwise no objection :)

Cheers,

JP

--

A New Internet-Draft is available from the on-line Internet-Drafts
directories.
This draft is a work item of the Crypto Forum RG of the IRTF.

        Title           : Hybrid Public Key Encryption
        Authors         : Richard L. Barnes
                          Karthik Bhargavan
                          Benjamin Lipp
                          Christopher A. Wood
Filename        : draft-irtf-cfrg-hpke-06.txt
Pages           : 87
Date            : 2020-10-23

Abstract:
   This document describes a scheme for hybrid public-key encryption
   (HPKE).  This scheme provides authenticated public key encryption of
   arbitrary-sized plaintexts for a recipient public key.  HPKE works
   for any combination of an asymmetric key encapsulation mechanism
   (KEM), key derivation function (KDF), and authenticated encryption
   with additional data (AEAD) encryption function.  We provide
   instantiations of the scheme using widely-used and efficient
   primitives, such as Elliptic Curve Diffie-Hellman key agreement,
   HKDF, and SHA2.


The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-irtf-cfrg-hpke/

There is also an HTML version available at:
https://www.ietf.org/archive/id/draft-irtf-cfrg-hpke-06.html

A diff from the previous version is available at:
https://www.ietf.org/rfcdiff?url2=draft-irtf-cfrg-hpke-06


Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.

Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/


[Cfrg] I-D Action: draft-irtf-cfrg-hpke-06.txt  internet-drafts

v2.23.0 | Report a Bug | By Email