Re: [Cose] Key management for MACs (was Re: Review of draft-schaad-cose-msg-01)
Ilari Liusvaara <ilari.liusvaara@elisanet.fi> Mon, 13 July 2015 17:47 UTC
Return-Path: <ilari.liusvaara@elisanet.fi>
X-Original-To: cose@ietfa.amsl.com
Delivered-To: cose@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7B6FB1B2CC3 for <cose@ietfa.amsl.com>; Mon, 13 Jul 2015 10:47:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oavCLJsIAbYT for <cose@ietfa.amsl.com>; Mon, 13 Jul 2015 10:47:54 -0700 (PDT)
Received: from emh06.mail.saunalahti.fi (emh06.mail.saunalahti.fi [62.142.5.116]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 773381B2CB5 for <cose@ietf.org>; Mon, 13 Jul 2015 10:47:54 -0700 (PDT)
Received: from LK-Perkele-VII (a91-155-194-207.elisa-laajakaista.fi [91.155.194.207]) by emh06.mail.saunalahti.fi (Postfix) with ESMTP id 1E50069BF9; Mon, 13 Jul 2015 20:47:52 +0300 (EEST)
Date: Mon, 13 Jul 2015 20:47:52 +0300
From: Ilari Liusvaara <ilari.liusvaara@elisanet.fi>
To: Derek Atkins <derek@ihtfp.com>
Message-ID: <20150713174752.GA22814@LK-Perkele-VII>
References: <CA+k3eCQUPxZfWM9XcKaTLN-WOx2cHEi9SAGSRFTtv71iSCUqdQ@mail.gmail.com> <559576A9.9090002@gmx.net> <BY2PR03MB442C02F758E34B29BBD0CEAF5970@BY2PR03MB442.namprd03.prod.outlook.com> <001001d0b90c$3c874af0$b595e0d0$@augustcellars.com> <00c501d0b9a5$c8f869d0$5ae93d70$@augustcellars.com> <CA+k3eCS-7UK9RDfnkKCLK0ApTdNhSamYY3LL73+e1=rBvz7vDA@mail.gmail.com> <sjmlheo6t1j.fsf@securerf.ihtfp.org> <20150710171118.GA20991@LK-Perkele-VII> <sjm4ml86jte.fsf@securerf.ihtfp.org>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Disposition: inline
In-Reply-To: <sjm4ml86jte.fsf@securerf.ihtfp.org>
User-Agent: Mutt/1.5.23 (2014-03-12)
Sender: Ilari Liusvaara <ilari.liusvaara@elisanet.fi>
Archived-At: <http://mailarchive.ietf.org/arch/msg/cose/0Up1-y3UmN4Zf4Zkicx3NBqgyRo>
Cc: Jim Schaad <ietf@augustcellars.com>, Brian Campbell <bcampbell@pingidentity.com>, Mike Jones <Michael.Jones@microsoft.com>, cose@ietf.org
Subject: Re: [Cose] Key management for MACs (was Re: Review of draft-schaad-cose-msg-01)
X-BeenThere: cose@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: CBOR Object Signing and Encryption <cose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cose>, <mailto:cose-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cose/>
List-Post: <mailto:cose@ietf.org>
List-Help: <mailto:cose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cose>, <mailto:cose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 13 Jul 2015 17:47:56 -0000
On Mon, Jul 13, 2015 at 01:36:45PM -0400, Derek Atkins wrote: > Ilari Liusvaara <ilari.liusvaara@elisanet.fi> writes: > > > > It occurs to me that any sort of asymmetric key management with MACs > > is unsafe, since knowing just public key enables message forgery. > > Pardon? I don't understand that. Just knowing your Public Key does not > mean I can send messages that appear to come from you. The key used for > the MAC is the derived shared secret, so I would need to know your > Private Key as well in order to generate the correct shared secret. Forgot about static-static DH (which might actually be useful, given that it can cut down number of keys asymptotically). There's also MAC keyed by dynamic DH key (one protocol I cooked up a while back did that). But from message perspective, it would be static-static. But many asymmetric crypto primitives are not useful there, given that those allow to agree or transport a known key, rendering the MAC pretty much meaningless. -Ilari
- [Cose] Key management for MACs (was Re: Review of… Brian Campbell
- Re: [Cose] Key management for MACs (was Re: Revie… Hannes Tschofenig
- Re: [Cose] Key management for MACs (was Re: Revie… Mike Jones
- Re: [Cose] Key management for MACs (was Re: Revie… Hannes Tschofenig
- Re: [Cose] Key management for MACs (was Re: Revie… Jim Schaad
- Re: [Cose] Key management for MACs (was Re: Revie… Jim Schaad
- Re: [Cose] Key management for MACs (was Re: Revie… Derek Atkins
- Re: [Cose] Key management for MACs (was Re: Revie… Jim Schaad
- Re: [Cose] Key management for MACs (was Re: Revie… Brian Campbell
- Re: [Cose] Key management for MACs (was Re: Revie… Jim Schaad
- Re: [Cose] Key management for MACs (was Re: Revie… Ilari Liusvaara
- Re: [Cose] Key management for MACs (was Re: Revie… Brian Campbell
- Re: [Cose] Key management for MACs (was Re: Revie… Derek Atkins
- Re: [Cose] Key management for MACs (was Re: Revie… Derek Atkins
- Re: [Cose] Key management for MACs (was Re: Revie… Ilari Liusvaara
- Re: [Cose] Key management for MACs (was Re: Revie… Jim Schaad
- Re: [Cose] Key management for MACs (was Re: Revie… Brian Campbell
- Re: [Cose] Key management for MACs (was Re: Revie… Mike Jones
- Re: [Cose] Key management for MACs (was Re: Revie… Brian Campbell
- Re: [Cose] Key management for MACs (was Re: Revie… Brian Campbell
- Re: [Cose] Key management for MACs (was Re: Revie… Jim Schaad
- Re: [Cose] Key management for MACs (was Re: Revie… Jim Schaad
- Re: [Cose] Key management for MACs (was Re: Revie… Brian Campbell
- Re: [Cose] Key management for MACs (was Re: Revie… Brian Campbell
- Re: [Cose] Key management for MACs (was Re: Revie… Jim Schaad
- Re: [Cose] Key management for MACs (was Re: Revie… Mike Jones
- Re: [Cose] Key management for MACs (was Re: Revie… Brian Campbell
- Re: [Cose] Key management for MACs (was Re: Revie… Derek Atkins
- Re: [Cose] Key management for MACs (was Re: Revie… Ilari Liusvaara