IETF Logo Mail Archive

Re: [CFRG] How will Kyber be added to HPKE (9180)?

Mike Ounsworth <Mike.Ounsworth@entrust.com> Sun, 27 November 2022 13:52 UTC

Return-Path: <Mike.Ounsworth@entrust.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 968CFC14CEFC for <cfrg@ietfa.amsl.com>; Sun, 27 Nov 2022 05:52:26 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.096
X-Spam-Level:
X-Spam-Status: No, score=-2.096 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=entrust.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lA8g5vSQrXEQ for <cfrg@ietfa.amsl.com>; Sun, 27 Nov 2022 05:52:22 -0800 (PST)
Received: from mx07-0015a003.pphosted.com (mx07-0015a003.pphosted.com [185.132.183.227]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6AA92C14F743 for <cfrg@irtf.org>; Sun, 27 Nov 2022 05:52:22 -0800 (PST)
Received: from pps.filterd (m0242864.ppops.net [127.0.0.1]) by mx08-0015a003.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 2ARBRFO5007335; Sun, 27 Nov 2022 07:52:11 -0600
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=entrust.com; h=from : to : cc : subject : date : message-id : references : in-reply-to : content-type : content-transfer-encoding : mime-version; s=mail1; bh=etK5q0WzkAktxEsAOHz5EbNztY/3/0jqRdABvWYECG0=; b=dpF8L7653E1TuougNgVIUMYWfgyV+gRBE+DgPeruc0gRoJMwE1sQGs1/tcXjfoNlQiFw 8z718esDb7MTGpeyj0t8zB4gScLZ0kCbv2D53Cl8eI2KqIl/zy+BrEI99wjxdAg2kUEF ivI2AZbNXHoKt5RPn2aa7LtEas0MurRaUGpsQQAsOjAOd/3nadyS9wKdqsGuEuDJo4Bh +t5oTOFRkWkFswIs+REUj/WVHJyS8S2qKioOUM1q929fyL/429BCFNHmEMfVS41MckSy ZDE8vqJLFdyeEP0EeqBVJ6ECbFb32e+xOnHS+9vx55SQIqll0Pmc/3T8wvP3UVpwAjs7 wA==
Received: from nam10-bn7-obe.outbound.protection.outlook.com (mail-bn7nam10lp2108.outbound.protection.outlook.com [104.47.70.108]) by mx08-0015a003.pphosted.com (PPS) with ESMTPS id 3m3gc8avk9-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Sun, 27 Nov 2022 07:52:11 -0600
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=dq0ydBLusjDlzg3OL49yeU7LQZvf5/6WhpLho8dcTgmH4oBDZpIEtTzUP9K832uRkgikN5El0BEtvXm3OodJ628WL5swYwn+Y0b7TEPIwl6wdjKqh83oPApM777ziccinPnglzwnh3+NLkFnkDwED0uUo8OLmc13cUZTUTICEpKky8c2Yoeu/+EB5PbtwNLRUbnz1BdQUteAcqzrr+7XgqyAziwz2hvh16iwSXDrJIIjnL3sQxNHX5x7hTTwfzxFFfj+zXMmw64hP6vpxnAlekegPjAMRwlXdgRrAKqWhFZtkggVC128ow9xe7NyO7pD7kq41ena7zokTIV4Wff1UA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=etK5q0WzkAktxEsAOHz5EbNztY/3/0jqRdABvWYECG0=; b=JH0lL8s3Vjt5glWvNQKThR4T2ERlwfiUw8kYxVlF0uZouA8Ub9/MhtDTywoI0Rgj29o516R06jrxHpe1O7ACaX7JV26USM6OSHFOMZSGzSj+fuUHic8+tFkrmjs03cadBcSTkbRie/CwWlsVObnQpYAtyKOWT+t7rGuyU3R6aHjFG45BHpk1gb2Q84HWtE4z4c5KFAItHiZQQ1E4NShPSlshm8vqlRwosyLvBfncIDgVUEjPdpQJHzW52JwrLCf35k+KKQJ6oNP5sEkGFo7nNTBiXtfyPZjvb9lWLzoo+ITufyIeO00cB6R35z97XOtAurHBZZ5kS4sNxc8vNXJ1Mw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=entrust.com; dmarc=pass action=none header.from=entrust.com; dkim=pass header.d=entrust.com; arc=none
Received: from CH0PR11MB5739.namprd11.prod.outlook.com (2603:10b6:610:100::20) by SA1PR11MB5803.namprd11.prod.outlook.com (2603:10b6:806:23e::8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5857.20; Sun, 27 Nov 2022 13:52:06 +0000
Received: from CH0PR11MB5739.namprd11.prod.outlook.com ([fe80::a95:6d:ab71:f8e1]) by CH0PR11MB5739.namprd11.prod.outlook.com ([fe80::a95:6d:ab71:f8e1%9]) with mapi id 15.20.5857.022; Sun, 27 Nov 2022 13:52:06 +0000
From: Mike Ounsworth <Mike.Ounsworth@entrust.com>
To: Peter Gutmann <pgut001@cs.auckland.ac.nz>, "Kampanakis, Panos" <kpanos@amazon.com>
CC: "cfrg@irtf.org" <cfrg@irtf.org>
Thread-Topic: [CFRG] How will Kyber be added to HPKE (9180)?
Thread-Index: AQHZAVNesS5ZiXx93UqkzsP4+pTbOa5ROmFggAF4KICAABkT4A==
Date: Sun, 27 Nov 2022 13:52:06 +0000
Message-ID: <CH0PR11MB5739243478129435AC7AEE0B9F109@CH0PR11MB5739.namprd11.prod.outlook.com>
References: <CH0PR11MB57392DCA742E5F9D3D30EF6F9F0F9@CH0PR11MB5739.namprd11.prod.outlook.com> <Y3+PkLzkHFFFG0Hi@LK-Perkele-VII2.locald> <A8593A5F-3345-42FC-A34A-0DBC3DC873F1@gmail.com> <CH0PR11MB5739444E17F33F29F6CB71689F0F9@CH0PR11MB5739.namprd11.prod.outlook.com> <CA+_8ft5SxUjEMuWXACd_yF6H5DUwBYFA=VeGXeOzSFhdNw_NvQ@mail.gmail.com> <CH0PR11MB57396EC3AC2E028CC187E44A9F0F9@CH0PR11MB5739.namprd11.prod.outlook.com> <0a5ff423dc904171bcfdfc8423edf3ee@amazon.com> <CH0PR11MB5739E0AB4BA9F60D43B8653E9F0E9@CH0PR11MB5739.namprd11.prod.outlook.com> <SY4PR01MB62512F0EC147B19017538759EE119@SY4PR01MB6251.ausprd01.prod.outlook.com> <CH0PR11MB5739FF1CCE3F3B0981A5526C9F119@CH0PR11MB5739.namprd11.prod.outlook.com> <SY4PR01MB625194B91EF1254D1AAF24A4EE109@SY4PR01MB6251.ausprd01.prod.outlook.com>
In-Reply-To: <SY4PR01MB625194B91EF1254D1AAF24A4EE109@SY4PR01MB6251.ausprd01.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels:
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: CH0PR11MB5739:EE_|SA1PR11MB5803:EE_
x-ms-office365-filtering-correlation-id: 54a8558a-f7ab-4630-34ff-08dad07e926b
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: B6WIRK4bViObhJKFHCbvSbBEle8O5gfavfbQGY3R6oXH7ykM94YM8rf/IrjMLL1o8UVUf6ATGP0AgUnoRvOcQBkbfcl9BBNwNRFZI6RPo8DEIF+VSiJyvpI8xjo18Gro4D0OWQ/gWuvkaWbuQPo5yK+Hjpm4/o0T7NN81qKzwOXx4AX+EEsLofZhIZXbzRhg4oT5+I0ez9qlNe+eAsevQQ04Mj/3GYHVvnM97j1WJJrbf9R8O1iK12aglH6jVZIxmw4AIRHVpx+W4SPLyEPcQYmDBZ01qil7bQKOMIC6xCvZNEjko/oLmmJ0MLHQIvvPBp3AVTKIgaEbf6x31rptWxuvkMzpd3PnJk1yci4FfM/S7IKYHxUEnYyAQnn6QzyujLeZdcGPsuS16a6dDH0g0dinjNol9aQiEEtUYI16rt0B2YAxhYY+Hz/pNYDd3sNKehxcxZO9Az2TQe9lR9WJQHjLEV4NoAuzypdpLsC+0nDm41jjqNGFPPd69SU1qJzsLovGgB9rm/kPoWR54WE0UI4KsXBekTpUXG3xT6UzGpUDuyUsCZB2PYhg3QlC7Lrik1H0BLIcm+h37dpONyHNyOT1h2lVd0cBxrGhJjUjw9YbFalzvY+xsRtfNhxn1s3viJRYzCytK2h/VNo1euZqgcdmq/X6CZtx1irPqjF9JbXrdQftDn7SQHyhc1zPFyIxuCU6tCg5dnIu7nqiiwqVKQ==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:CH0PR11MB5739.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230022)(376002)(366004)(39840400004)(136003)(346002)(396003)(451199015)(122000001)(83380400001)(2906002)(38070700005)(41300700001)(52536014)(8936002)(110136005)(316002)(86362001)(33656002)(186003)(53546011)(55016003)(5660300002)(9686003)(7696005)(26005)(6506007)(38100700002)(76116006)(478600001)(66446008)(66556008)(66476007)(71200400001)(64756008)(8676002)(4326008)(66946007); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: rmvyQYdgVSfUEpbcoCNs8nrg9MbLVZQWkOt8JYlAbR+2tzGJ1rD4xLfgjIVu5Cnlq185R8grADaXqReKYmmOnz1pFbC4pq6g4S082KtvOptdVys41DNmc41wMxmA41uGze+tyISJQvTIFwgyyuj725p4tpbBoG/dY2wTu/aofVLEPTsWdxmcySkCQUCVCk+YPbCATN1U4UuFJEC6ju+enkTrT+V/4uQE/K/lR7iAQr8AH0vxFhtR+79M0OdysR1a5JsnIj33n/J3aToGdQi8LLWMzF0lNO7YVJZlsAkEDj3KSpM42vXeyRQL/2LrUl/kp4eP9p2/8pZtLBcNnMd8YMjl8t3Rp3d3fxh7L+4rDrNWhaWs3evuKyw8HeVo18sG7oXwU6IZx5Vi8/EFoUtaxNQ6xF3LCXwJzXnSoK8Uhs/3S/7PwC9iRgSJ3Ur5lSAuyg6MFBoP4f/+oPqzH4CDc92oeE/FCKSW5vhOqEZa5Wm3TsYN9EoBrBaGqCYdosm7UgeZtL0n4FcDNPUggStspZNl97rwWihOcjr/Tt1AY2MY9DKeQfPEdHVGgoDZd8I8z6j8j/AXzUumSifdQSIz5n2oql6nSmGeZ6+s7QOJkFk31MqDOOWAuIZV44LfZbDwC8hY73Lm60fC/P4cMFj3uq8B8gk+Hmobe+vh7w3zEbZX0x++WQZAauHSfXmKd53LzJP3Ii3NUBf4x855gb2HbXrXdO/p4o6H3VUu75/nxr00hRWi3156F5uJTQQ9EPoXtaAr85dAOrHH9xHeOoJlX/xdmYQBLsgMW6GVlTOPmewYD9GZaMgRFWzth8jM6biwThmQ/qJkKgm3ZDQ3zQm7vsqkfCVNRxsfN67Nbt8EyfT6OYMVFuhrwQWKzPIIxBsj86nml9T6I5a3HJYLV5GehkdjyVBLGiDf+ObHI2OTFW0HMmf1CuNMztzyYO6kfy4rMHMYK1C2oN8O6TgkRfVqQ19glS0pt5soOFRUwUTN08RJ3ZEh7yohLhQwzPeYIlvY1EqyfzkCwDtCZ/ENyHFCy4bcdtCdoiQp+8Sn7/ppPshriYu9+41MQrynPR7qX15d3PZGbe89FOccR9CPi6pCeEDFBi4YVlZPe897YT7ypDXZymkeWuL5rMvEO8TCjyu8kdzGFgb1PEZlSD3bNEfxq0r11Avkpm+v7jF4qPlHpoOb14xzJFikv6RJ8wXWaj2Xu/QXrJdQ0s3Gik8iBSAvf4lifop8X8rA6oo7TY53wyIElbCnNsPHeEetWPGqZM+58/eC2nrXRMvK/3NU7YfZ7/P2h7TrY5JhGNEC4W6+gRyUnMhbK+A8fuAqLpniLp9mXXL3fdUp7He+kvReyR1aNqxYGdT6EOCCGmekVXuIK33AO/96+VYoiE99EeA9+qtZ5N6632ExjhAoa+Fke5dwXsBfZhTa6JySm111l757yjF+TcI5jurHWVKWT9D17N3VluvBG1hZWS1uHZOsmBVRPa8BIaAUbOEO07+jRW+PT2LaXByk3yOH+cRK5DFTbzQxlMO01TYtWbBlMkmra6/2tKfxFLZXmBlfp8NfmMUKXiKEMiaIngiCKm0twjqHmsoU3ib0sBxuJ+MAhIeP74QN/Q==
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: entrust.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: CH0PR11MB5739.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 54a8558a-f7ab-4630-34ff-08dad07e926b
X-MS-Exchange-CrossTenant-originalarrivaltime: 27 Nov 2022 13:52:06.6676 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: f46cf439-27ef-4acf-a800-15072bb7ddc1
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: McWunYwAa1f5AQ6n/vi30ik507iqO0LdHOuUIv5eTjHwmk8rl4XQkD2D5Gm0s4k/OBubsGYuqvOK2Vwpl7qooS1Czc2r8o6n/AOIVGqXRNE=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA1PR11MB5803
X-Proofpoint-GUID: QhcG3L1EiRSAZLA5YQu8_zyLIz0UK2Xe
X-Proofpoint-ORIG-GUID: QhcG3L1EiRSAZLA5YQu8_zyLIz0UK2Xe
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.219,Aquarius:18.0.895,Hydra:6.0.545,FMLib:17.11.122.1 definitions=2022-11-27_06,2022-11-25_01,2022-06-22_01
X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 mlxlogscore=770 adultscore=0 priorityscore=1501 spamscore=0 malwarescore=0 bulkscore=0 lowpriorityscore=0 suspectscore=0 clxscore=1015 impostorscore=0 mlxscore=0 phishscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2210170000 definitions=main-2211270116
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/ZURotk9-Ja05T_3FsFLd9UI_fLY>
Subject: Re: [CFRG] How will Kyber be added to HPKE (9180)?
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Sun, 27 Nov 2022 13:52:26 -0000

Right, that's the PoP mechanism (RFC 4210 section 4.3). That's fairly straight-forward to port to PQ in exactly the way you describe.

I'm asking about the Message Integrity Protection (RFC 4210 section 5.1.3)?

---
Mike Ounsworth

-----Original Message-----
From: Peter Gutmann <pgut001@cs.auckland.ac.nz>
Sent: November 27, 2022 6:20 AM
To: Mike Ounsworth <Mike.Ounsworth@entrust.com>; Kampanakis, Panos <kpanos@amazon.com>
Cc: cfrg@irtf.org
Subject: [EXTERNAL] Re: [CFRG] How will Kyber be added to HPKE (9180)?

WARNING: This email originated outside of Entrust.
DO NOT CLICK links or attachments unless you trust the sender and know the content is safe.

______________________________________________________________________
Mike Ounsworth <Mike.Ounsworth@entrust.com> writes:

>If the CMP client doesn't cheat (sign with an RSA encryption key), then
>how do you do message protection (integrity protection /
>authentication) when the client has an RSA encryption key?

POP for encrypt-only keys is done by having the client provide proof it can decrypt the response in the confirmation message.  This isn't possible for PKCS #10 where the only POP mechanism is signing the request.

Peter.

Any email and files/attachments transmitted with it are confidential and are intended solely for the use of the individual or entity to whom they are addressed. If this message has been sent to you in error, you must not copy, distribute or disclose of the information it contains. Please notify Entrust immediately and delete the message from your system.

v2.23.0 | Report a Bug | By Email