IETF Logo Mail Archive

Re: [Cfrg] Multi-recipient public key authenticated encryption

Peter Gutmann <pgut001@cs.auckland.ac.nz> Thu, 30 April 2020 08:45 UTC

Return-Path: <pgut001@cs.auckland.ac.nz>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A6A7F3A0BCD for <cfrg@ietfa.amsl.com>; Thu, 30 Apr 2020 01:45:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.997
X-Spam-Level:
X-Spam-Status: No, score=-1.997 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=auckland.ac.nz
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nA42aanq2Qno for <cfrg@ietfa.amsl.com>; Thu, 30 Apr 2020 01:45:13 -0700 (PDT)
Received: from mx4-int.auckland.ac.nz (mx4-int.auckland.ac.nz [130.216.125.246]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6C9BA3A0BCA for <cfrg@irtf.org>; Thu, 30 Apr 2020 01:45:12 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=auckland.ac.nz; i=@auckland.ac.nz; q=dns/txt; s=mail; t=1588236312; x=1619772312; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=2i43NJ2oHUZRuMXAmWYRjbRwCmBW3s9GU7ezjjINwQ8=; b=wkcrX2J8cwYvxxLicR/38qt534U0PlxPBZf07RVwKlq1fDGztOY+RvIc SeE6lDaqPyK0jYkDj6eEu7pZQ+M76UByNH8U0jsDCobRzYiXtetuCpWmN GogKhrIIV6EsqHcCwoMOSOYrCxKCu4IMRVuPBsL/+RREpuNcwwzLV3CG3 xWoWQjPdS4vjnWAcFm0J+y80FUfQteMsItwHqGjnvaUk/kmRHroXN2yoW +Kxhq8ODu4KtyeUI9ottM6UtaMuY8s+avvoq1U+ylICCDB97QmhB2RP10 +IrFMIIQWMp7gzIEJXK47uyjvpb+J7E0lXey9F6xigNhvP+N5D//NS+Da A==;
X-IronPort-AV: E=Sophos;i="5.73,334,1583146800"; d="scan'208";a="131398863"
X-Ironport-HAT: MAIL-SERVERS - $RELAYED
X-Ironport-Source: 10.6.2.2 - Outgoing - Outgoing
Received: from uxcn13-ogg-a.uoa.auckland.ac.nz ([10.6.2.2]) by mx4-int.auckland.ac.nz with ESMTP/TLS/AES256-SHA; 30 Apr 2020 20:45:10 +1200
Received: from uxcn13-ogg-d.UoA.auckland.ac.nz (10.6.2.5) by uxcn13-ogg-a.UoA.auckland.ac.nz (10.6.2.2) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Thu, 30 Apr 2020 20:45:09 +1200
Received: from uxcn13-ogg-d.UoA.auckland.ac.nz ([10.6.2.5]) by uxcn13-ogg-d.UoA.auckland.ac.nz ([10.6.2.5]) with mapi id 15.00.1497.006; Thu, 30 Apr 2020 20:45:09 +1200
From: Peter Gutmann <pgut001@cs.auckland.ac.nz>
To: Neil Madden <neil.e.madden@gmail.com>
CC: CFRG <cfrg@irtf.org>
Thread-Topic: [Cfrg] Multi-recipient public key authenticated encryption
Thread-Index: AQHWHJ3t4hpJnnyQYk+0n57tzwCbNaiQ/H3N//906QCAAOwBKw==
Date: Thu, 30 Apr 2020 08:45:09 +0000
Message-ID: <1588236309761.34848@cs.auckland.ac.nz>
References: <AD42E3BB-8AF2-4FC9-9407-9A8D8D5130B4@gmail.com> <1588215384594.8845@cs.auckland.ac.nz>, <0863E134-5344-4EA0-838F-8C4C2E53BEF3@gmail.com>
In-Reply-To: <0863E134-5344-4EA0-838F-8C4C2E53BEF3@gmail.com>
Accept-Language: en-NZ, en-GB, en-US
Content-Language: en-NZ
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [130.216.158.4]
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/rYIoLesykQICKfEIR4pVG2MbqxU>
Subject: Re: [Cfrg] Multi-recipient public key authenticated encryption
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Thu, 30 Apr 2020 08:45:15 -0000

Neil Madden <neil.e.madden@gmail.com> writes:

>Firstly, is an encryption scheme that has been standardized by NIST for 14
>years really exotic? Or do you mean hashing the ciphertext for integrity is
>exotic?

Just because someone wrote about it somewhere in the past doesn't make it non-
exotic.  In particular I don't know which specific "one-pass unified model
from SP 800-56A" you're referring to since SP 800-56A is just a long shopping
list of everything anyone at NIST could come up with, but all of them are
pretty exotic and AFAICT unsupported in major crypto libraries.

>When you say to instead use a signed + encrypted message format, do you mean
>a proper signcryption mode or do you just mean a generic composition of
>signatures and encryption? The latter is what JOSE already supports, and I
>could just have defined a way to remove the extra base64-encoding

My question was really trying to find out whether this was an attempt to fix a
real problem or just an excuse to play around with a fancy crypto scheme, and
if what you're referring to is "6.1.1.2  (Cofactor) Full Unified Model, C(2e,
2s, ECC CDH) Scheme", an extraordinarily awkward and painful one to boot.  It
looks like it's the latter.

Peter.

v2.23.0 | Report a Bug | By Email