IETF Logo Mail Archive

Re: [CFRG] HPKE and Key Wrapping

Martin Thomson <mt@lowentropy.net> Wed, 30 March 2022 22:20 UTC

Return-Path: <mt@lowentropy.net>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B829A3A0EE3 for <cfrg@ietfa.amsl.com>; Wed, 30 Mar 2022 15:20:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.108
X-Spam-Level:
X-Spam-Status: No, score=-2.108 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=lowentropy.net header.b=fDJjCSVW; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=mvHrlIcg
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gNl5FyazXQTZ for <cfrg@ietfa.amsl.com>; Wed, 30 Mar 2022 15:19:57 -0700 (PDT)
Received: from out1-smtp.messagingengine.com (out1-smtp.messagingengine.com [66.111.4.25]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F2A693A0D63 for <cfrg@irtf.org>; Wed, 30 Mar 2022 15:19:56 -0700 (PDT)
Received: from compute4.internal (compute4.nyi.internal [10.202.2.44]) by mailout.nyi.internal (Postfix) with ESMTP id 28B135C0116; Wed, 30 Mar 2022 18:19:56 -0400 (EDT)
Received: from imap41 ([10.202.2.91]) by compute4.internal (MEProxy); Wed, 30 Mar 2022 18:19:56 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lowentropy.net; h=cc:cc:content-type:date:date:from:from:in-reply-to :in-reply-to:message-id:mime-version:references:reply-to:sender :subject:subject:to:to; s=fm2; bh=eCPwGMbU4qGMrjpiEW/yROntASqHpF xUBDRRcUiU6r4=; b=fDJjCSVWqRxfwXEm8RFg783b8+2jvOmlHpUwRC274PWN2C UmguuxWWXG8M8SYA1LgxC0O9S6h07vQ1na0m5DXJnKM+MsMFgVszNlwufsepA/Q8 RCwbNJLxNMcUM53g9R2E0Pr3LgAFXs48JLeZNWMDNg0bZBcyL27nX1NGt2kOTgBf 2n2QhKaI/UmS9qoPDV0SmRg2ojQb65siklrPuoaJLOWsSfNplHRMxItJbqYKL9sh HkAUCpff98gICrsHf5bhJPp0MIOt+vrf8Xi5w4w7K8cIyyUDCbCvTPl1cA3fzu2I 8VTgFzrRVQrNW+1dKrgaZpz5IgiOD9Lsnzo3u4yQ==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-type:date:date:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:sender:subject:subject:to:to:x-me-proxy:x-me-proxy :x-me-sender:x-me-sender:x-sasl-enc; s=fm3; bh=eCPwGMbU4qGMrjpiE W/yROntASqHpFxUBDRRcUiU6r4=; b=mvHrlIcgxOtsqRFs49R6p7TvcGB/Vln/S nHuIKvZ0uapE/x/JXXoeWRA2pB8EPRaU3Yie+2iTCk6BR9Ueo+UEW8SmwZAUskH3 OiI/+hKTXLOkeqbGcEN0t3L04TAN8Opv/qpPVllmge8I30uj+36mXmSxik9aS72s IVygY+dVDIXbhj890CoeB+Uz8lMnoYSfIIRx8rd7TU/6nkfsZ3qaXUM9COYZqQhx HhNXoD5CUdF1N5Nru+O69OC+Cy/7FvDE8GhdRGSv4neCGwEqMeUl3wcBEHO11xoe WIyxjnz1jj/3a9pFYOykbkrIz+OccbI6rnfwecdHLzqbp9YEO0IFQ==
X-ME-Sender: <xms:i9dEYuPxm8vRh6lrxLc5aFxvVjWnroQre72KySzEDn1g0xQvTz9EiA> <xme:i9dEYs8L8uusWPFosMC1L_Ulb4EHRuSc9iJg_Yh8s1xjfo8WVPG2qRfA872AI4pwA xLRWcSMz51ai6xMk4Q>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvvddrudeifedgtdegucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne cujfgurhepofgfggfkjghffffhvffutgesthdtredtreertdenucfhrhhomhepfdforghr thhinhcuvfhhohhmshhonhdfuceomhhtsehlohifvghnthhrohhphidrnhgvtheqnecugg ftrfgrthhtvghrnhepkeetueeikedtkeelfeekvefhkeffvedvvefgkefgleeugfdvjeej geffieegtdejnecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmrghilhhfrh homhepmhhtsehlohifvghnthhrohhphidrnhgvth
X-ME-Proxy: <xmx:i9dEYlRZ30igkZoOictWgdCj5kuAIM-eITy5RUa8DfQkcuYxWCF1sw> <xmx:i9dEYuvsrSe2UviwmcEVTvHr9RF-280r-9BV_8ZvmxJvZmQpThxw5g> <xmx:i9dEYmfG0Ja5hvPOepSoGrvAcItb6tllmGacr9kcb8XHJJUJohOfJw> <xmx:jNdEYopJOHVPWHjRB70bBCSsAhQJWVHKh80eoM5gVgXHt3Em3SN7Cw>
Received: by mailuser.nyi.internal (Postfix, from userid 501) id BE2BE3C0465; Wed, 30 Mar 2022 18:19:55 -0400 (EDT)
X-Mailer: MessagingEngine.com Webmail Interface
User-Agent: Cyrus-JMAP/3.5.0-alpha0-4911-g925b585eab-fm-20220323.003-g925b585e
Mime-Version: 1.0
Message-Id: <1717a861-c629-49cf-92ee-d63fc5ac1f91@beta.fastmail.com>
In-Reply-To: <4627F814-4AE0-4E13-ADA3-2C30AF258385@vigilsec.com>
References: <HE1PR0701MB3050AFD941AABAB80D7EC31E891E9@HE1PR0701MB3050.eurprd07.prod.outlook.com> <7c67e7a0-ddaa-4f2e-9a1e-91af4956c0f1@beta.fastmail.com> <4627F814-4AE0-4E13-ADA3-2C30AF258385@vigilsec.com>
Date: Thu, 31 Mar 2022 09:19:35 +1100
From: Martin Thomson <mt@lowentropy.net>
To: Russ Housley <housley@vigilsec.com>
Cc: IRTF CFRG <cfrg@irtf.org>
Content-Type: text/plain
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/vPa48wYieJfov4Ej6lRkyJEX4l0>
Subject: Re: [CFRG] HPKE and Key Wrapping
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Wed, 30 Mar 2022 22:20:02 -0000

On Thu, Mar 31, 2022, at 07:15, Russ Housley wrote:
> If you try to apply HPKE to the COSE or JOSE structures, it just does 
> not quite fit.  However, by using HPKE to deliver a key-encryption key 
> (KEK) to the recipient, the structures fit.  So, it would be really 
> nice to use a Key-Wrap algorithm in HPKE to encrypt the KEK.

I'm not following Russ.  HPKE operates on bytes, which both COSE and JOSE can produce.

v2.23.0 | Report a Bug | By Email