[COSE] Authentication tag
Samuel Erdtman <samuel@erdtman.se> Fri, 17 March 2017 16:50 UTC
Return-Path: <samuel@erdtman.se>
X-Original-To: cose@ietfa.amsl.com
Delivered-To: cose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8AB0A1294A5 for <cose@ietfa.amsl.com>; Fri, 17 Mar 2017 09:50:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=erdtman-se.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jEbJjjqfprxt for <cose@ietfa.amsl.com>; Fri, 17 Mar 2017 09:50:02 -0700 (PDT)
Received: from mail-ot0-x235.google.com (mail-ot0-x235.google.com [IPv6:2607:f8b0:4003:c0f::235]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A17301201F2 for <cose@ietf.org>; Fri, 17 Mar 2017 09:50:02 -0700 (PDT)
Received: by mail-ot0-x235.google.com with SMTP id a12so28077863ota.0 for <cose@ietf.org>; Fri, 17 Mar 2017 09:50:02 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=erdtman-se.20150623.gappssmtp.com; s=20150623; h=mime-version:from:date:message-id:subject:to; bh=Y+exmChdXkBWXMrb9W85yWrlPlC8ixDn7juHUouUa1U=; b=njlrrQb0/GpM+UUZvYxLNycbjduLt0QyBBPWwMq3jVe9Coa4u9ww+7GcxGuLItahZ8 sas/2NZz30ktCX+RUUqBqequwYjspAKt8HQ/3ZqueDb+kS54WglALFgEaIL5cix77mSS 1H+eDRaH6XtRnxUr24AH11YM9+TD5UCPzIizBykSWnKrQtWRvp8u4xE2tVAd4FHyIgWt Y7QV5zn4Axv04FESFJcaIds/yciGGGIK2VS+CvB4Yx8QkU9n3li5E+ej72EKOorPQS61 BkTe0FLeFwwa5yBM1KcCqogom0UMEmFeXDLZ9CysRSxggtwlfoBdnoZFxyRhRza0qoyd YbHg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=Y+exmChdXkBWXMrb9W85yWrlPlC8ixDn7juHUouUa1U=; b=EzUIXP1tfhpE9JZ5Of7DxIxzW2vcoG/tCSNqQYXwpYvbyBBkv0x9iHfnZggNUbMtSk KoGoG4UQjGtaP0Isaw/MExPh7iyOwnOuXeLaVNHSuQ5WfFiQBPZ6W2M/az/4J7KCh64J VveG7aC5LX+jCCQDRiR74rEVlaRSMF1aBQHXH/mSgp3hs+/OhWAdW3w/09XdrAGUL2Nf fcLDiTiyhBsM0H6vTcQrkeW95ofY53UQUJo30S0F272g93ZftI0jbPDCTcca8ba/TpGT Zz9lnClDVFCMBYv64OKuy5I0l2pmqvqPqJ/ToOw57ZDzwC1C6RQ0BrVst/dSyDWmFFbZ QrEg==
X-Gm-Message-State: AFeK/H1jlLtXdcrmrRbfW0Q/rT77PSkF+r2jGv1FJfr8VsTQjEqM1qMk1DzOFtndc0ApNRbAwOcHvSbt3k+QSA==
X-Received: by 10.157.51.50 with SMTP id f47mr8901662otc.192.1489769401679; Fri, 17 Mar 2017 09:50:01 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.182.125.40 with HTTP; Fri, 17 Mar 2017 09:50:01 -0700 (PDT)
From: Samuel Erdtman <samuel@erdtman.se>
Date: Fri, 17 Mar 2017 17:50:01 +0100
Message-ID: <CAF2hCbYALonNaZ6BrmEhYosCrNsJqLmHs3YMupjOCeRxav2X9A@mail.gmail.com>
To: cose <cose@ietf.org>, Jim Schaad <ietf@augustcellars.com>
Content-Type: multipart/alternative; boundary="001a113ef86cfc16c6054aeff73d"
Archived-At: <https://mailarchive.ietf.org/arch/msg/cose/7FeAMddbzqJMTS-m7swfuLVqsBE>
Subject: [COSE] Authentication tag
X-BeenThere: cose@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: CBOR Object Signing and Encryption <cose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cose>, <mailto:cose-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cose/>
List-Post: <mailto:cose@ietf.org>
List-Help: <mailto:cose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cose>, <mailto:cose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 17 Mar 2017 16:50:04 -0000
Hi I´m working on a JavaScript implementation of the COSE msg specification, currently working on the GCM encryption. In the nodejs crypto environment the authentication tag is set separately i.e. a specific setAuthTag call. I looked into openssl and could see that that was the case there too. In the examples provided with the COSE specification I could find out that the auth tag is appends to the end of the ciphertext. I tried to find this described in the COSE specification but could not find it. It might be described in some refereed specification but it was not obvious to me at least. If it is not to late I would suggest that authentication tag is lifted out from the ciphertext and into the unprotected header similar to IV. Or that it is explicitly described that the authentication tag should be appended to the ciphertext. Cheers Samuel Erdtman
- [COSE] Authentication tag Samuel Erdtman
- Re: [COSE] Authentication tag Ilari Liusvaara
- Re: [COSE] Authentication tag Jim Schaad
- Re: [COSE] Authentication tag Samuel Erdtman
- Re: [COSE] Authentication tag Ilari Liusvaara
- Re: [COSE] Authentication tag Jim Schaad
- Re: [COSE] Authentication tag Samuel Erdtman
- Re: [COSE] Authentication tag Samuel Erdtman
- Re: [COSE] Authentication tag Justin Richer
- Re: [COSE] Authentication tag Renzo Navas