Re: [COSE] Authentication tag
Jim Schaad <ietf@augustcellars.com> Fri, 17 March 2017 17:27 UTC
Return-Path: <ietf@augustcellars.com>
X-Original-To: cose@ietfa.amsl.com
Delivered-To: cose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7B326129515 for <cose@ietfa.amsl.com>; Fri, 17 Mar 2017 10:27:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=augustcellars.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1E0eGd7O7oWK for <cose@ietfa.amsl.com>; Fri, 17 Mar 2017 10:27:44 -0700 (PDT)
Received: from mail4.augustcellars.com (augustcellars.com [50.45.239.150]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 607E71294D7 for <cose@ietf.org>; Fri, 17 Mar 2017 10:27:44 -0700 (PDT)
Content-Type: multipart/alternative; boundary="----=_NextPart_000_00F8_01D29F09.161AE8B0"
Content-Language: en-us
DKIM-Signature: v=1; a=rsa-sha256; d=augustcellars.com; s=winery; c=simple/simple; t=1489771653; h=from:subject:to:date:message-id; bh=d5CAQdMxeKVC5yllzRc+gHJ20nzj8UDfgGBy2JDgzlg=; b=JvIjb+saFD04eKnJxN2aXiSs0lQcdHzGwc8UUYpUcWt4fv0Fbu2++XDDU3q28ATtcmA8EOgWMi2 cc8O+WsKNtFrUbsG6bsHjDW31auDmm4TQfsNhnr3XBIhbzWZ923qeYXrSehi3DMDAROU4pJEgdZ4K duRRsnTc3UZj5vsHKDM7+R72wAeiV5vwu+leU5A4pTXQMAEqbA0SxogfgNgsXLuX5YeYcfVbaYaTX 0htxOl4SD6TcZNgp1DtUiPReBbb3/cfij3JTI4umu9jcdyYHEpH+iuJuc1UmBTh2V7dEhvBv62jXP X8ikiv0WHS1zGZyPJR1N3/4VBArLKRNjXpTg==
Received: from mail2.augustcellars.com (192.168.1.201) by mail4.augustcellars.com (192.168.1.153) with Microsoft SMTP Server (TLS) id 15.0.1263.5; Fri, 17 Mar 2017 10:27:32 -0700
Received: from hebrews (192.168.0.98) by mail2.augustcellars.com (192.168.0.56) with Microsoft SMTP Server (TLS) id 15.0.1263.5; Fri, 17 Mar 2017 10:25:15 -0700
From: Jim Schaad <ietf@augustcellars.com>
To: 'Samuel Erdtman' <samuel@erdtman.se>, 'cose' <cose@ietf.org>
References: <CAF2hCbYALonNaZ6BrmEhYosCrNsJqLmHs3YMupjOCeRxav2X9A@mail.gmail.com>
In-Reply-To: <CAF2hCbYALonNaZ6BrmEhYosCrNsJqLmHs3YMupjOCeRxav2X9A@mail.gmail.com>
Date: Fri, 17 Mar 2017 10:27:29 -0700
Message-ID: <00f701d29f43$c278fd60$476af820$@augustcellars.com>
MIME-Version: 1.0
X-Mailer: Microsoft Outlook 16.0
Thread-Index: AQHJyY/ZCPv2uIyenJalNKBf3teWxKGq9E1g
X-Originating-IP: [192.168.0.98]
Archived-At: <https://mailarchive.ietf.org/arch/msg/cose/4O6RHvhXhuVQ-gL4Mp0JzpONo5A>
Subject: Re: [COSE] Authentication tag
X-BeenThere: cose@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: CBOR Object Signing and Encryption <cose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cose>, <mailto:cose-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cose/>
List-Post: <mailto:cose@ietf.org>
List-Help: <mailto:cose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cose>, <mailto:cose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 17 Mar 2017 17:27:46 -0000
>From Section 10: COSE restricts the set of legal content encryption algorithms to those that support authentication both of the content and additional data. The encryption process will generate some type of authentication value, but that value may be either explicit or implicit in terms of the algorithm definition. For simplicity sake, the authentication code will normally be defined as being appended to the cipher text stream. The encryption functions are: From: Samuel Erdtman [mailto:samuel@erdtman.se] Sent: Friday, March 17, 2017 9:50 AM To: cose <cose@ietf.org>; Jim Schaad <ietf@augustcellars.com> Subject: Authentication tag Hi I´m working on a JavaScript implementation of the COSE msg specification, currently working on the GCM encryption. In the nodejs crypto environment the authentication tag is set separately i.e. a specific setAuthTag call. I looked into openssl and could see that that was the case there too. In the examples provided with the COSE specification I could find out that the auth tag is appends to the end of the ciphertext. I tried to find this described in the COSE specification but could not find it. It might be described in some refereed specification but it was not obvious to me at least. If it is not to late I would suggest that authentication tag is lifted out from the ciphertext and into the unprotected header similar to IV. Or that it is explicitly described that the authentication tag should be appended to the ciphertext. Cheers Samuel Erdtman
- [COSE] Authentication tag Samuel Erdtman
- Re: [COSE] Authentication tag Ilari Liusvaara
- Re: [COSE] Authentication tag Jim Schaad
- Re: [COSE] Authentication tag Samuel Erdtman
- Re: [COSE] Authentication tag Ilari Liusvaara
- Re: [COSE] Authentication tag Jim Schaad
- Re: [COSE] Authentication tag Samuel Erdtman
- Re: [COSE] Authentication tag Samuel Erdtman
- Re: [COSE] Authentication tag Justin Richer
- Re: [COSE] Authentication tag Renzo Navas