IETF Logo Mail Archive

[COSE] Encrypted COSE_Key

"Rønningstad, Øyvind" <Oyvind.Ronningstad@nordicsemi.no> Mon, 20 February 2023 12:41 UTC

Return-Path: <Oyvind.Ronningstad@nordicsemi.no>
X-Original-To: cose@ietfa.amsl.com
Delivered-To: cose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 09D92C14CEE5 for <cose@ietfa.amsl.com>; Mon, 20 Feb 2023 04:41:08 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.096
X-Spam-Level:
X-Spam-Status: No, score=-2.096 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=nordicsemi.no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vi6zTFXLJ74f for <cose@ietfa.amsl.com>; Mon, 20 Feb 2023 04:41:02 -0800 (PST)
Received: from EUR01-VE1-obe.outbound.protection.outlook.com (mail-ve1eur01on0624.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe1f::624]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EFFFBC14F727 for <cose@ietf.org>; Mon, 20 Feb 2023 04:40:59 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=m8w+NveAGRhLHfVn74s2tfv8EjwRE42RTDMnUuAdsizP+v8KGRqm7n7xSxUqLw5nXfPYcL5it9x/PaCE/giKnvMaYGbLbAFHDeU/mWD1YopftrakEJAI3l26+q17PlLSofiI4tdhVz8wQGgO4aOHpF2oZxdgiY5atfzpNmXSrF51sptq0/GS5qoLJGsjhPHBwLkcAQhrmgUImGJgz1DeJXinKHssXcwRvWtrTGUWLSKfAwigC2Y2P7b0NPVuo407N8uw9W+7rtq8L60SsoNkbFyxnxYMTC/iveC9nbC3kZxux+CC4lY9gqYe4KnOat7X4D/iNsCLTa+LDKioHMQW4g==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=XjvskTGgfLdtN+mJ+oUaSJHeOeXycQlkc2xkhperu1U=; b=AqCRsVbk3iCIe4riU6a/usFjm3CBUEF8wua7Il74yV1/9XFIdL2CRopcHhRxaLwpw5GIG/NhIsedf+Xmp/iaMWrPPTQxm8WS5m1za2mUvUqUiYOSaHCLqlnIGfP+MvqtVJg3nvMfGQgBsHUfVKoLeBjD+hohhSZEPJ2ISbbDcj/v5ZwMsXWzW66uaQpH/fTGAK8HhuC0uhQmXSe08N2mj9P7v+lMFMS4WtaMYb7ZOQPP72etSn7o661s44QoKDzeJBJ8F5WC/dP6IMkQ8g+NvLtY4jXSobAAFeL+bu/rrmG1hPhvBOTl/yM9++gmNkDqLj4dUyM5/+4ObBFyDSivVg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nordicsemi.no; dmarc=pass action=none header.from=nordicsemi.no; dkim=pass header.d=nordicsemi.no; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nordicsemi.no; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=XjvskTGgfLdtN+mJ+oUaSJHeOeXycQlkc2xkhperu1U=; b=ZS8sXRJumW8X6dWj0CqGM9ajDdi+G84OyL9GODBcSMuR+tnss4FaprztryblBTq1/IzegCwWKNK5kLiCf8ZUfGybCEHqwFzxz4faB95kAZLheD62GVpgZPSkofiB7+4uJcC3OL++k6/Wv3MSM8KHSsJtKTcZC6coif2ceKEAmbQyFuIoRX+cPD1PnPSQ/A0YeXUyM9DV+GEA7Wpt4Ugr20GF37kasZyziEs23hL9GfhU+ldMr++Vhz7ooC/kJOF231Io4EpGixPkfD51LAitncBCURgNEE47hIM2RTosmdFWsWBHCwAkq4xSoS63e8dUgm0p47U3kFEclOp8ilwQcg==
Received: from AM9PR05MB7668.eurprd05.prod.outlook.com (2603:10a6:20b:2cc::13) by DU0PR05MB10060.eurprd05.prod.outlook.com (2603:10a6:10:47a::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.13; Mon, 20 Feb 2023 12:40:55 +0000
Received: from AM9PR05MB7668.eurprd05.prod.outlook.com ([fe80::7e44:70c:64ea:2a52]) by AM9PR05MB7668.eurprd05.prod.outlook.com ([fe80::7e44:70c:64ea:2a52%5]) with mapi id 15.20.6111.019; Mon, 20 Feb 2023 12:40:55 +0000
From: "Rønningstad, Øyvind" <Oyvind.Ronningstad@nordicsemi.no>
To: "cose@ietf.org" <cose@ietf.org>
Thread-Topic: Encrypted COSE_Key
Thread-Index: Adk7zSUk8eYfpSKtTse6J3kc07tGKw==
Date: Mon, 20 Feb 2023 12:40:55 +0000
Message-ID: <AM9PR05MB76683EDE20FC5395DEFF298388A49@AM9PR05MB7668.eurprd05.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=nordicsemi.no;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: AM9PR05MB7668:EE_|DU0PR05MB10060:EE_
x-ms-office365-filtering-correlation-id: 9f2fe0db-280b-476e-5bb6-08db133fb593
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: XEJlqvpz8lVq9tml4m5Jk4LO5wkS4EGxqEBbBPyEfXy0oB1dpuTYmOmE2AUkLLSU525LbKndJ9v6PUflBxs+rtCgWRQ+FRRZ6nfb1MoVXnDU05R0TRQ2H4RQbjjzpfrUedfrGncgDg7MlFPiWkLtP/agoL9iQmJzMk44SIMf+rEaby0Jca6ueKkNqFbwnOwA2LlhHUKE9xGnLTqi02vm2YZMfvLpHjWhYOE/w3ibG5UJFrf4kbBlM1ukdRocsmQfca7c9B4eYMuzt6RI1iJZBbT7DFPafjySt1d/8Sn/2ayHW2RDa6y0ajkc0R79BoFVnOv7HEw07P5kFv5jwpgZBO+7zduI99CiD90mfwTaeQuhKip/AGZWDMNoM+ctUu78ZGwq68r05gWXTrOtfsSSbnqAO6scnz+9VRmlDNkhwfYBLJ7uS28tfnqcO+IFTP3hYjgBanv8xECeFq9ylz2ya93ujGubhFpw0CCNGfctiXzL4kQpzX7Xg6cZr0Be8L7d1kBN+li3rqSbu/sMVXtFxfA0cHEuGW0+X0WdqXzcM7YOuUmFay7YYLNyDGedXUYsu7CVWNGSmev6mkm4LCQpVOMtfLjW8xXbLNkxP3KDcjYNwNrH4H0OTrzz7XRs01yMApp6M25ddwHiIsuxQSjRnO05t75+TWtyEztaxpu56zdm4LItSiZqkkm8xGEL8UjMjzT7C6Y9HmDdJxB5bUJUAQ==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:AM9PR05MB7668.eurprd05.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230025)(4636009)(366004)(376002)(136003)(396003)(346002)(39850400004)(451199018)(122000001)(33656002)(9686003)(6506007)(186003)(86362001)(38070700005)(38100700002)(478600001)(66556008)(66946007)(66476007)(66446008)(64756008)(6916009)(316002)(66899018)(52536014)(5660300002)(71200400001)(7116003)(76116006)(8936002)(41300700001)(7696005)(55016003)(8676002)(2906002); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: tDjsJG3vyaN4m6VMHE51wlkyne3pxahbP90kVzvgLv7mIthP54UjM5kFM1SrQG3PrC+krBe7O7/33R7t2PfHGUAHlD3twlQa0XdgMP67l7FAOEbZYV4wjLwIjnhvSvw4JD6B7HpiYfv8ZHqoCv+/Hqx4jWspEfDOs7XI+LHdQOjCGmNirSKxpQ9k2RCQkIiIQCKLs2TDDMZJRpWtmI8O99BLyuYukU6ZN/fx4DaE5aPt0mc8fuWP5jqWwNMjZWHSlxKFy+8BYZhHhL7Xxymm4HO2NMF8WwS41DQRmzPDRQz7UnzlzKUoj+kAftc7wtfr5fzUO3vNblSaHFaamJ56fI7qzKYGoUa66UYap/LOxnQw2vur1l3sj7tKy/B6i/CwE9jnFMRFd3Mzggc0IFkPDga6ryC7/akAitY1MuA7/TpHOzqKwXUfKaiWyCcj+NNjjI5rOZPDp2OQXPetB27+3RihpD5hTZHMvmBEPa+AaL6qlNVtdTU+ewjOFwNnNR+I272YUSCl2qKhyp4mvEZMAmswTNYT2L9UE4mcVMH8wmFyW0ttCmLwQzzdgualFi8mIFS4bTYeW1aQwP7YjBzD+TCsaQi9aNH9KlFoNCo/tJyTM2JZDQCd7BI1iT7VWtgPB1NyDGTT+3hCrpKOkauSdhnxsvyOA78sww7SGJf9lTg0eAzh0TLd7Ge5lGpLBNrtfPAQ6IiElzS+ySOh8Z8TiJjGvEuMowggso0qoLKxDgsXrWfZ5IuEnV/xeSjCroMwnOOLI58qrnnx6dMxXT/SC4JAUYXBMqcCAOglnK2USMVw/+/XNeeP/6R9QHrDtz2eCS1+ZkhGgQaUUMZOTBi9vrIK+urk0BCBr1rToUdp5Orb341Gtkf2Dmiu9KU1jtUmaYjvV9ddt9TCIEaxibLsxbU2HPTcDY9DHRqmcm/31ejMoGm43aqWnPVcrc5YWCmhGKBS6oJIhltO6gQJXDfiirRkGg3o9mi+4+VyHL8RZE4+ET5JPWyWtW4kH0mZ0cdygLDRrdBQz5E5KlHNvZESmJfyXEZpZyeZ+VAKMCCtQyZZ8u5ss9+xQa2HFnouoDk4O3ahs2o2KR36KCDkZJvZK+iofRoKse900kFChLOs/t5Ys/OvBscYpvBfuuUImv7ZhbVHgEovf6FqvuI6pfvlZ6ElDfk689hPhJUc0Xz+F6KNBkkTppL3H9GoWHvQFL7+4Powd4Ey/zcsvIWK5aZzOXC9on0esKFCKpoYNb89sgiaVcl1mSX1AQPMPjcY0quG02h5m4+LseepMaUJhtfI+0phyikI8ohzoXUu0wa3bKVvV2gK4/JIY6ROQ6ywK92tZf7RqkZP4eujbEBXZIysrRrlD5+h1Tt9DQAwbuBgJvPHBKd6iKAlQAB+/VZSnixb+Rixi67rs8K13FnXys0ivoFPuC+Nt7Vbn9ZKYPrxHMff9nskzkddKURvtGpXTIsJLuBE4nU7H7ZJSxEPsZ2u7eWVkixiDWvX68uCVoTqJQH2liDR/pEx1dYab/VHVNAsp9jZle1bTH+/m2rKQeje6fCAqDs58u2q1o90CMUTkklq2zbDJ8CRVRTM/iJ0Em/gKRBL3rgvsky9Qorg+mvsFgstvGFE4lXsBfRQL7EBBvjo/ZujSidraWAY3l+zWd7r/Qz98A2Chje98GvKQCRzyQ==
Content-Type: multipart/alternative; boundary="_000_AM9PR05MB76683EDE20FC5395DEFF298388A49AM9PR05MB7668eurp_"
MIME-Version: 1.0
X-OriginatorOrg: nordicsemi.no
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: AM9PR05MB7668.eurprd05.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 9f2fe0db-280b-476e-5bb6-08db133fb593
X-MS-Exchange-CrossTenant-originalarrivaltime: 20 Feb 2023 12:40:55.2945 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 28e5afa2-bf6f-419a-8cf6-b31c6e9e5e8d
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: Jf8167TXX87Tmiu/BpSudRztjbctk6yNSgwmOtgMzfCb1USAP23rMvcBDdbYW6Oz1S2c7G8mfjSIpHWoNdvyOMYXCuTzpASNb1AEUEYRAqvoj5EkNJTL0nD9+qiO4ANP
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DU0PR05MB10060
Archived-At: <https://mailarchive.ietf.org/arch/msg/cose/1_i3-hX_4MSJWHOdm4I4wiFjssA>
Subject: [COSE] Encrypted COSE_Key
X-BeenThere: cose@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: CBOR Object Signing and Encryption <cose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cose>, <mailto:cose-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cose/>
List-Post: <mailto:cose@ietf.org>
List-Help: <mailto:cose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cose>, <mailto:cose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 20 Feb 2023 12:41:08 -0000

Hi, I was looking at the spec, trying to find the best way to represent an encrypted key with COSE. So, let's say I want to store or transmit a symmetric key in a COSE_Key structure, but I want the key to be encrypted. In a way, I want key wrapping without the payload.
I could always wrap my COSE_Key in a COSE_Encrypt or COSE_Encrypt0, but that also encrypts the metadata, which makes it more inconvenient to scan a collection of keys to find the correct one to use. Ideally, I'd like to wrap just the Key Value ("k", with label -1) from the COSE_Key in a COSE_Encrypt0 in-place, but the spec doesn't seem to give room for that: "k: This contains the value of the key."
Can I instead use a COSE_recipient or a COSE_Encrypt(0) structure in place of the COSE_Key, and place the different COSE_Key parameters (except k) into the protected header or unprotected header? How should I structure it if so?
What is the recommendation from the COSE WG? Did I miss something in the spec about this?
Best Regards, Øyvind Rønningstad

v2.46.0 | Report a Bug | By Email | System Status