IETF Logo Mail Archive

Re: [CFRG] How will Kyber be added to HPKE (9180)?

Peter Gutmann <pgut001@cs.auckland.ac.nz> Sat, 26 November 2022 04:57 UTC

Return-Path: <pgut001@cs.auckland.ac.nz>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3AD58C14CEE3 for <cfrg@ietfa.amsl.com>; Fri, 25 Nov 2022 20:57:05 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=unavailable autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0ArVU09YK4Kt for <cfrg@ietfa.amsl.com>; Fri, 25 Nov 2022 20:57:03 -0800 (PST)
Received: from au-smtp-delivery-117.mimecast.com (au-smtp-delivery-117.mimecast.com [103.96.23.117]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4D772C14CEE1 for <cfrg@irtf.org>; Fri, 25 Nov 2022 20:57:02 -0800 (PST)
Received: from AUS01-SY4-obe.outbound.protection.outlook.com (mail-sy4aus01lp2172.outbound.protection.outlook.com [104.47.71.172]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id au-mta-91-KzE3pWmjPpSVQTDkHqN6Wg-1; Sat, 26 Nov 2022 15:55:35 +1100
X-MC-Unique: KzE3pWmjPpSVQTDkHqN6Wg-1
Received: from SY4PR01MB6251.ausprd01.prod.outlook.com (2603:10c6:10:10b::10) by MEYPR01MB7917.ausprd01.prod.outlook.com (2603:10c6:220:17b::9) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5857.21; Sat, 26 Nov 2022 04:55:32 +0000
Received: from SY4PR01MB6251.ausprd01.prod.outlook.com ([fe80::6050:5e8b:2d37:8df7]) by SY4PR01MB6251.ausprd01.prod.outlook.com ([fe80::6050:5e8b:2d37:8df7%2]) with mapi id 15.20.5857.021; Sat, 26 Nov 2022 04:55:32 +0000
From: Peter Gutmann <pgut001@cs.auckland.ac.nz>
To: Mike Ounsworth <Mike.Ounsworth=40entrust.com@dmarc.ietf.org>, "Kampanakis, Panos" <kpanos=40amazon.com@dmarc.ietf.org>
CC: "cfrg@irtf.org" <cfrg@irtf.org>
Thread-Topic: [CFRG] How will Kyber be added to HPKE (9180)?
Thread-Index: AQHZAPDDqG/7+Iw0N0C0yCV1aO0+Wq5P6guAgAC6iVc=
Date: Sat, 26 Nov 2022 04:55:32 +0000
Message-ID: <SY4PR01MB62512F0EC147B19017538759EE119@SY4PR01MB6251.ausprd01.prod.outlook.com>
References: <CH0PR11MB57392DCA742E5F9D3D30EF6F9F0F9@CH0PR11MB5739.namprd11.prod.outlook.com> <Y3+PkLzkHFFFG0Hi@LK-Perkele-VII2.locald> <A8593A5F-3345-42FC-A34A-0DBC3DC873F1@gmail.com> <CH0PR11MB5739444E17F33F29F6CB71689F0F9@CH0PR11MB5739.namprd11.prod.outlook.com> <CA+_8ft5SxUjEMuWXACd_yF6H5DUwBYFA=VeGXeOzSFhdNw_NvQ@mail.gmail.com> <CH0PR11MB57396EC3AC2E028CC187E44A9F0F9@CH0PR11MB5739.namprd11.prod.outlook.com> <0a5ff423dc904171bcfdfc8423edf3ee@amazon.com> <CH0PR11MB5739E0AB4BA9F60D43B8653E9F0E9@CH0PR11MB5739.namprd11.prod.outlook.com>
In-Reply-To: <CH0PR11MB5739E0AB4BA9F60D43B8653E9F0E9@CH0PR11MB5739.namprd11.prod.outlook.com>
Accept-Language: en-NZ, en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels:
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: SY4PR01MB6251:EE_|MEYPR01MB7917:EE_
x-ms-office365-filtering-correlation-id: e8162c77-f566-45b0-f38b-08dacf6a72ba
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0
x-microsoft-antispam-message-info: rh4aaIREXVKrS/nuovvhv+0hnkyH8OsKD9O+HSJhH7M961HFAhMgIjTCJ/ifleKiS1vEIhB6R1kAKVum8V8jOTl5sqIe4IDyIjHpcF1AYVtxZA/5JTSR0RPl9nju/W6jroURf3r4HgXGXAhEeqWj+Fh6iQZ9e8AwOCQqGh4aTfDxm8SFwKlkTk6amd798PsZhH49c/1uwG5MvKh0Ebp3CuhjfB0GhEx+/0suPzmBNwu0ij7Eu4WWRPMhNQVi/GAFKz8TKd5zmIe4D0qwTIVqH5DMHjcPrPqoPAAtC5u3rMpt4Cc1z3F0q8VcNBZrARGxUUH7IApPFagSGStCT8ZDbAnacvD5ES2A5iDAUCBsHi+1bLc569q2hTFjLpM87kiKc84x610jumQMjm13AsV2ycSfns2apA21PDfi98NxR4RnsOiVzDo4zyaJGeYfTn8UW6l+0UnaNPKrOZk4CyQM9D2y1pLDJmknNaL+VuSnMuJiFdqt87JAFZv5CXs3b2/2DrAOIlCO7ZH6Oj4q7mhTQnHLstW1PaP1HaNEK9Pvgh5vOdglhjoRrl3pzfK2DTG7goAs8w2x94lZJW5QyCncauOfMP4MeYGun3mz7ZUm8sGJ9IHTqPIBxCZ/jTE9+1To2vL7mCjo+ZCi3YaQ0/08X1enbemiMd7B8unyWXgu02P62NrcoYKbYyQS9l5VC1PgA4i4zSMr5KulIkGaxcpo6A==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:SY4PR01MB6251.ausprd01.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230022)(4636009)(346002)(39860400002)(136003)(376002)(396003)(366004)(451199015)(83380400001)(86362001)(110136005)(6506007)(7696005)(71200400001)(33656002)(55016003)(38070700005)(9686003)(38100700002)(186003)(122000001)(52536014)(4744005)(8936002)(26005)(478600001)(8676002)(66556008)(2906002)(64756008)(66946007)(786003)(66446008)(76116006)(66476007)(5660300002)(4326008)(41300700001)(316002); DIR:OUT; SFP:1101
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: R5PhwJNJ44LvGtEnX34aWAoO7ePgWD5umWDkJRwnY0fWWtz3sAp/+b+aBSSKrwrTSvpyyM7/EgTPXYrbk+0Crh2GS+fOLQadWk+70Yp4Mv5OM/IehAwRuVnS37zBUzrKmFkuF21ykjoGVqerwQgSp9uerR1baK8AWh02d1sk9aZr4qb0HWF7/bPi3lHKzS3Tlp5+tWUmrR4GHyKVuqjakoORaxnhAUM3KjahacJGwa+6HoZ4/h2lcEChp3qmocf4Ea82ftoYVKn0L0id6L3ty5AZeHm2OF5ogeDYJjPJdWxLM4WjJo5rA1rLowmcttWqsJouVQPOawWHK8pGEmbFz0IcwO9DUJBIAEFejY4fqi32VzW92cAfuVaGqOVdyD2b9AfuU+IRevlYchffZqzgvgHj3UQhmDijZzAHokzleo+hSwDjSBJAZHObKl3nfcBdJ0ZgdcRLdjuh1ABSB4KC4q75eD4f/0JyQ/zSUOahTPqYRgRA2fe6n5VoCG560Z9mcJsVCtFFbsjD3xpr+nRzVKaUIRusZaml5qnmNGRxyrDkYxA3LhBEd6V3Zf+Mp+aOKEGE1CCVPgm+WwJ/om8m8h+ibXEHEYlNdu7zkHU9VJoxz9wvuV4a/pKBekOZLrEtpcENchld5P6NZmsQor2kWZzFcOEJXn8+2ThrutXeZ5sNnPaOFKsXnWq20tjd42FK8oBvEf6qIZMIzzNPDgMyabGPX62VIaS4cEVuB70UacBOLsdxZKMOU1dXOGm6glcnEMRvfoK9k0sRGFl5m4VelasA3Cj4Xa32o6wwmOm3gzSTUKrw5rhX6nwQaDZZFDwZTHE5x3gBBwNn6Ecn+KJjOID581zsgQPgIFLowzuAPFF1xcYVqiriwvYeOssFXLe+vzzTo2YmKtt6EGdNDeLX/lhpQpiwxq52qQJW6h96g4ksERbz5fpbpA3+pnvezJNgrsSaDGKny2FcT9wVg+Fkp6H03YndIaFzZfMboeefH7Zkqo0fJezs6KjsbJFeNHgpQuCk6kyw8cPZkfeIsgivy1vYse0dAwB4nrw6j29rfxt5Z4jgovu0+BaBZEozad+iDzyua8Ewtta3aYy/ftrWBQyM/bMTvB2ron6ANWsC8QFfGFYsD2nEHvYHE33Ic0tg1Box6FghtBOuc6kmSXlLxABzNIs6yHo+a/Q8AI+8PDaT8+2M3/Gq6Ea7ROGg1oPF5LZN04Vgulun0XZTpDjJX2TBFbywfx4g86pt+z7aABisYv1PXEzPRT+whDGSrsUmIGDQFgBq9RBFXHnuB8Zdj161zgPASRq6FcPkxFIU6GcynjBrEPHGwBkGSbF4Ms6jAKbOs6vd1hP6lRx0s26AByhd8zkbp3XXoXyyhNF3K2NrJEdWvuVS9Yk9jQzl0JnBcxSPWwI8EtzCgJNkgMRI9uvlDF5YYFr4wVfklvqckEQ5YvGTv3I+yIug9/plcIMb9bl9ETmr5VKx4terD6MRIWvQE+7jTrPbbLJfT6yWdmyS2a4FaP64RhOi+mWu/oUuVI+e0qcy9zrC4jd7cqE0kjrIbHEtwof8I4TVBXwOc9DdKd0xt44pXFZTPjYzMa0X4JzhNfbHn3Cql9q1i3aJiA==
MIME-Version: 1.0
X-OriginatorOrg: cs.auckland.ac.nz
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: SY4PR01MB6251.ausprd01.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: e8162c77-f566-45b0-f38b-08dacf6a72ba
X-MS-Exchange-CrossTenant-originalarrivaltime: 26 Nov 2022 04:55:32.4058 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: d1b36e95-0d50-42e9-958f-b63fa906beaa
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: S3O/m3fBXA32yCv0Vca0/iAVyxclLxjhBRe3XUFl1s/AMjy523f6lInWmu0SP9VSdQVRDisF6E/Mye0QXUefc4yZl+OIMAL1vXQvtIVoJWU=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MEYPR01MB7917
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: cs.auckland.ac.nz
Content-Language: en-NZ
Content-Type: text/plain; charset="WINDOWS-1252"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/Hjyzy8QRzyghqP4CxmelFMmwcuU>
Subject: Re: [CFRG] How will Kyber be added to HPKE (9180)?
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Sat, 26 Nov 2022 04:57:05 -0000

Mike Ounsworth <Mike.Ounsworth=40entrust.com@dmarc.ietf.org> writes:

>I believe if you have an RSA key marked with keyUsage:keyEncipherment then
>you just cheat and sign with it anyway.

That'll only work if you've got a badly-written implementation
*cough*CryptoAPI*cough* that ignores key usages, for anything that does
enforce them it won't work.  It's bad enough having to kludge around this
issue for PKCS #10 without introducing the same problem into CMP.

Peter.

v2.23.0 | Report a Bug | By Email