IETF Logo Mail Archive

Re: [COSE] Multicast Use Case

"Kumar, Sandeep" <sandeep.kumar@philips.com> Mon, 31 August 2015 22:32 UTC

Return-Path: <sandeep.kumar@philips.com>
X-Original-To: cose@ietfa.amsl.com
Delivered-To: cose@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 040F41B680F for <cose@ietfa.amsl.com>; Mon, 31 Aug 2015 15:32:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.3
X-Spam-Level:
X-Spam-Status: No, score=-1.3 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, J_CHICKENPOX_42=0.6, SPF_HELO_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id S4lbk5T_s4Jh for <cose@ietfa.amsl.com>; Mon, 31 Aug 2015 15:32:02 -0700 (PDT)
Received: from emea01-am1-obe.outbound.protection.outlook.com (mail-am1on0786.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe00::786]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C59101B680A for <cose@ietf.org>; Mon, 31 Aug 2015 15:32:01 -0700 (PDT)
Received: from AM3PR04CA0121.eurprd04.prod.outlook.com (10.163.180.175) by AM3PR04MB258.eurprd04.prod.outlook.com (10.242.17.141) with Microsoft SMTP Server (TLS) id 15.1.256.15; Mon, 31 Aug 2015 22:31:37 +0000
Received: from AM1FFO11FD006.protection.gbl (2a01:111:f400:7e00::130) by AM3PR04CA0121.outlook.office365.com (2a01:111:e400:5366::47) with Microsoft SMTP Server (TLS) id 15.1.256.15 via Frontend Transport; Mon, 31 Aug 2015 22:31:37 +0000
Authentication-Results: spf=none (sender IP is 23.103.247.180) smtp.mailfrom=philips.com; augustcellars.com; dkim=none (message not signed) header.d=none;augustcellars.com; dmarc=none action=none header.from=philips.com;
Received-SPF: None (protection.outlook.com: philips.com does not designate permitted sender hosts)
Received: from 011-smtp-out.Philips.com (23.103.247.180) by AM1FFO11FD006.mail.protection.outlook.com (10.174.64.68) with Microsoft SMTP Server (TLS) id 15.1.256.10 via Frontend Transport; Mon, 31 Aug 2015 22:31:37 +0000
Received: from DB5PR9001MB0167.MGDPHG.emi.philips.com (141.251.190.211) by DB5PR9001MB0166.MGDPHG.emi.philips.com (141.251.190.210) with Microsoft SMTP Server (TLS) id 15.1.243.23; Mon, 31 Aug 2015 22:31:37 +0000
Received: from DB5PR9001MB0167.MGDPHG.emi.philips.com ([141.251.190.211]) by DB5PR9001MB0167.MGDPHG.emi.philips.com ([141.251.190.211]) with mapi id 15.01.0243.024; Mon, 31 Aug 2015 22:31:37 +0000
From: "Kumar, Sandeep" <sandeep.kumar@philips.com>
To: Jim Schaad <ietf@augustcellars.com>, 'Sandeep Kumar' <ietf@sandeep.de>
Thread-Topic: [COSE] Multicast Use Case
Thread-Index: AQHQ5DQI0HQqxwYTMEKmIHqCQn83rZ4mqBSAgAAGOWA=
Date: Mon, 31 Aug 2015 22:31:37 +0000
Message-ID: <8e663e2255cb42a196b444884e8abd99@DB5PR9001MB0167.MGDPHG.emi.philips.com>
References: <55E400AC.7090507@gmx.net> <064c01d0e428$047d2700$0d777500$@augustcellars.com> <CAH51uSc2a4V2eccdVSSYxDN+KL1A0ohnXQheegUXoZxQTsd3kA@mail.gmail.com> <068701d0e438$3fe18470$bfa48d50$@augustcellars.com>
In-Reply-To: <068701d0e438$3fe18470$bfa48d50$@augustcellars.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [85.150.192.178]
Content-Type: multipart/alternative; boundary="_000_8e663e2255cb42a196b444884e8abd99DB5PR9001MB0167MGDPHGem_"
MIME-Version: 1.0
X-EOPAttributedMessage: 0
X-Microsoft-Exchange-Diagnostics: 1; AM1FFO11FD006; 1:NH68CS9Zzi2+/Ha5GN8phvWMoTKus8Xa9Lmc6pS1PLbQaXNWTvZSHwDbh09CQicgw2YeRZbiNA6t608OwTK2Y00LxuhqRRZqvnmMpTdNYmVpMS45Ww4shjW4vbfLx+5AQRY533fh4t3nsGFGbycEcE1huL3II/PmCXAaFmApQaOJEVUGCjjjAvuJ97t3+pwqJrlvJ5W2DJPTMYvQPdy3Nk2Cm/d5o76KzEtlrsafbkHezea4MmWG3rH0eYfFEKBhVYe9PiLDLXtaHfKx7DZV3YLUynwy6ptTfC/fxA/wRHbs+ry1t1AAreGhv8+skxIYQSXSJdYWj/D9Hwh0hs0etxBztJWeTpfIyzCUUCyeYOM=
X-Forefront-Antispam-Report: CIP:23.103.247.180; CTRY:; IPV:NLI; EFV:NLI; SFV:NSPM; SFS:(10019020)(2980300002)(428002)(199003)(377454003)(13464003)(24454002)(189002)(85714005)(55904004)(374574003)(51444003)(5001860100001)(101416001)(97736004)(14971765001)(4001540100001)(69596002)(106116001)(81156007)(24736003)(10400500002)(76176999)(5001960100002)(5001830100001)(16236675004)(105586002)(54356999)(16601075003)(84326002)(106466001)(18717965001)(50986999)(62966003)(16796002)(2656002)(87936001)(189998001)(64706001)(19300405004)(86362001)(16297215004)(19625215002)(512874002)(19580395003)(66066001)(46102003)(92566002)(5001770100001)(5007970100001)(77156002)(15975445007)(19617315012)(5004730100002)(93886004)(33646002)(5003600100002)(68736005)(2900100001)(2950100001)(108616004)(102836002)(19580405001)(6806004)(567094001); DIR:OUT; SFP:1102; SCL:1; SRVR:AM3PR04MB258; H:011-smtp-out.Philips.com; FPR:; SPF:None; PTR:InfoDomainNonexistent; A:1; MX:1; LANG:en;
X-Microsoft-Exchange-Diagnostics: 1; AM3PR04MB258; 2:/mYzu6g/5idvEhc5YQ0FqP6oUQ2cg9RLH5xRn4vfvrnSS1UX41QT0iudoncNUl8MyKKwiJCPleuFBMiN+cUIFqGFTJzfgQnL/jNKzOC3436bxGC6x22NynepmmqPccr64QgPB7guXB7hsRCKi2X/iHA1u8z01kVkKypAHAQpGaI=; 3:bEXnO7207ZWfPO2jnY+lTuMW+1uQSJDpYygwSf1L3NHtgl6TYGrOt/i2lPPrQbiH8Z5rsNNFntmECx3Z36F2xYILFtyHGyp6qggjKb6Uain31/gMhL1/WpL/Q5gLMqRlsLCGerwksYHn7upMt0DM0Bg7fpm/Dp0a5wixKTolWzy/yBhJJ3dWsZ+6TXx3AJejf+3vdxextgkukzp9w584isozlxWeIqQV7tWvChfYt2g=; 25:5EARgzgDSUdfIOQ9l2/wrh6xB6c0czmYc8M+Po1rG2SVvd2ak3Do9p1KH2MYVH8GRLl9wvU7b0x+QRxuLbvkjDlrHzDm2XWRo2QW7TrJS4WfpXrhlF6CBlLEvc7qBDL1WdPKzePeEZoVx9FJnxbZnsOzTLCQ2+Sijt6PjjYAA54BvbhFYSYnpmOxgbht6t1tCQ1CYOzm1cE8wCwoICLWOriMiQSCqBF36PKeKBoZJn8aBGM0zCiBiVL6SW0nhWSK/NM8InHSevT9OC02psgBGA==
X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:AM3PR04MB258;
X-Microsoft-Exchange-Diagnostics: 1; AM3PR04MB258; 20:izu1IhkI3NWScQujVzoSZJvXJZipy0mzC8ClWbkqnQBbt4KFOpaREUrNgzpAUYGDKhd0h2vCy6z1SKxJ9SjqyGSgp3r7PVB8+K3wbvZyppB+r30K7acD7Pfzni7cXZZDHCKKjPLahotQ1C450IbimntTolIulxE7bA0torurZb8Z/GeQFPrxFZjg/Be4CB/4SzYTPrA+P7Q7QenunU0meMQsx5ywboRTF5woytnzh+JMgMknsWQJJ98bAF90Gr+FhlObZ6skPnE3phc0ic5WyI03y7n1eK67I9QHQSMiUa0RhjA+HzOMW9GvdHuqWmot0T3zyAXpYYqvYihMg5vf0BQyz1aV+rpnhT6Q9eTmm9Bf7h/amdBzpxku4YAbkzHHEj6Yiqrtsk1Em6euB9Po1r3EESsfcJr7tvxET+fk39LePEI4HiqZ812Sn+KDTLpQr0goUgZeH6WLCCobOAYNKdNJn/keW5wml197Q4ryx6tL1dUQTCect3xX0gsCJ2Ss; 4:z9pdyUraMkjhGeSZ3427Fkn6O2aU1bxrVtyEqN0XZZI6Dh3rib1/R/sUGod3xqSJZEk2PDa261+s70xPAUlFVYgek2jE2M0oA2zI92YafkIfFq5k1aI6qmnjlD5PuopmjkT/CxwaeeaV859mwcQkDLa8IxIOBH1gRNY/C2hiZnObY04Jlf6OGJ/18/DxXclO+vUlDNVze7GS+UZFRAN5XZw0HCyF/JtcPXpk9zLUPGz+zgfwwxpsipKDSQgdX34RwF2wtXQN+ysDuWLz//3/5eVpZ5khSGr+rq+SOw0POT7AsaK3KfyrwG1YKKmetHXv
X-Microsoft-Antispam-PRVS: <AM3PR04MB258191DF477FE2F3E6A04A4E46B0@AM3PR04MB258.eurprd04.prod.outlook.com>
X-Exchange-Antispam-Report-Test: UriScan:(108003899814671);
X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(601004)(8121501046)(5005006)(3002001); SRVR:AM3PR04MB258; BCL:0; PCL:0; RULEID:; SRVR:AM3PR04MB258;
X-Forefront-PRVS: 0685122203
X-Microsoft-Exchange-Diagnostics: 1; AM3PR04MB258; 23:+Y6/zB8dNX3Muu0+n80qESjVoXcywVTIpUNJKcWeESGmT7zHr7G5mYAYT2OQ7Bs3LDIjBO/TtohnbZL9tPH+vHfwmWJOj+R0GgEpRAm9InqP/0MQcg8phPhkbBWDRh8pCHEJ8EPScp0RaXkRiqi1UJH2b36Azw1BYh8qq8D+00cmqoAazQbFbfBTghNqW1WauG+D9/wnJc9EcLAOhqNdS9Deifj2AYwjDhRJZ4QiyHoTp+RR6jx9dBWRqZnq/KIvHqHeXIeBFZ6b4umJO9hzZWuhla2uJcMFztHujuZJNcKUXCKswOHcK/z61/E5myWdVt4NTHO56eY0PySig08vzkjMa756npxhczGADMNl5kG+ODPOJfWVMGuACbPB9Xo1v4j3Iyv26+qqKVfC7roDyPMGlBI1bI38vzQsMXQuI/N3hZFysD1TU4EiVL6pRfv+lZ2C2Vp9tjrpreD+RSU3aX34RoVeEgSLypwwiSK+2DyjwNi3Fdc5EhDz0JqXKIL4jSZixz9Bp4fE6NzM1a44t7o0+mw7aaQIyVFisC1Ko3zwxaC0SV34rbmj1Nx3m4h/pmmRqABOq8jbg+0sYIRNI7xPuDT/waW9IQFb0pUAppt9kfETtCqfQhEFDK9dpJu9WNyAUcvpivIiUbMlS4Dp0EgkbCi0sx9W7czGiuM/zHHs7iBlhVE3daFvxEomBs7JVptj4s9gSQxAwu3pSJooRXJaE3Ud+hPu/oPbsnm42ADUvzRwA9G2DvVpskJlsMDhWnz7FRLBHuiH6kcmr0C5SI5gG7OSnx6uu3bdiHUTTJO4LZTGdkGstDhscdTU3Co4HjOkBZh3vGwagBYjZumMO7hvt8ZSwaTkl/NM0ZAanHv10V45D818FHJQkEe+SROQumeG16/++FiABFtcgnxjSu//Rq/ctPWbMnAiz/lLUOLN/cdYp9SspBf9KCBUYcREMEU54AofQCFG1hpGZXSTklxgZRn73XDhzHBj2bSVoT/fwUF9aIYuRs74h9A3dIBJOaz7AIVqWsS7H0ngqXmt+o7LgPCk93aP65o5dfYq+J8J9GF9O3hhYSeftpC4cdwcNVM1K1t6WEsQVJqYl7vOUIyNlhxSq/YGqBXZcqTtkfFc+OUwVRCUBw1jMTGPW01yh5tpXfZw5oZyPcpYwFeG+T5OUGW+nLlCLqrA/JEZCL3l6wbL9N2REoY+nOUyK9bAUiMvsW0BtGNeXMp4lgi6oMwsZEtAM0gHSKJL0b7e9MkOGbqOjAuYlO8Sym9YbMPTkuyhLoPPNHDD1U/fegDn2HVNs4WPsJqYNM/HqoArrNFX1Iaxs8c1Z1E2NnQdRB5Z49q+Ikv4qmVKoY5f0k3tu6V9xPk02eOgIXlwQw2xEnA7uAinRWdN45Owy3PQfMhQ90L6kJuzXxUjE1e1VeE46Aob+RrFclbjyQtR5/utKdz09g7kKuM13gy6PMJvsWqTNvAq5ILK5Qs0bmBFNxIL7bXWB2Ptp+zeGlEKEfATMlpwhyZeXyMbNSpJ4jD+WyXTAh6aoFQ85brohsvpaQbNMHSA5/krhhAgodQm3e1reJmTspg3tyHOICFwCS6rLskc0sUCiu+tGcVpR3cJP5sx1WLBgC5J9tzbPAqwoyPId6yVdNGjownmHTRuscZo7v1XvlhR9jPvbf5P/9yroPao2ZsMUvGX0L/jkLOB9t/dw78=
X-Microsoft-Exchange-Diagnostics: 1; AM3PR04MB258; 5:CGDIa9dbmBUIIq2WsixoFmcIYd00thXew7ooc3SnbIjHsKGyKa7Ieu8a4dDwfaoTT8iAFsExAtASfoHKOaw1FSzPrBaPZ3rjNQ9T0QeIHgQegaEpYfjAnztjbddFEyUn4p46U5I0qYEodUvSBnTs2Q==; 24:NxWJvxAQmOIwaN9XPAuZ+3W3CGwuy/zEnD1M3kY8ULQTcqCjLTBamaqyT4gzFS6IvpX0swVDWUYgXdDrGHdjRBACo65+RhXHDiscIUuejb8=; 20:ydT8LeqvRR7oFIgXzc/3zOXl2541n2kT5AfRV4TLyn3/V0khwyvwgr944sIASDxxVI3f5tart2FbTKKZeG2dCw==
SpamDiagnosticOutput: 1:23
SpamDiagnosticMetadata: NSPM
X-OriginatorOrg: philips.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 31 Aug 2015 22:31:37.3683 (UTC)
X-MS-Exchange-CrossTenant-Id: 1a407a2d-7675-4d17-8692-b3ac285306e4
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=1a407a2d-7675-4d17-8692-b3ac285306e4; Ip=[23.103.247.180]; Helo=[011-smtp-out.Philips.com]
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM3PR04MB258
Archived-At: <http://mailarchive.ietf.org/arch/msg/cose/7Od_Ccwb7GFT14CVy6hXlFIOAKc>
Cc: 'Hannes Tschofenig' <hannes.tschofenig@gmx.net>, 'cose WG' <cose@ietf.org>
Subject: Re: [COSE] Multicast Use Case
X-BeenThere: cose@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: CBOR Object Signing and Encryption <cose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cose>, <mailto:cose-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cose/>
List-Post: <mailto:cose@ietf.org>
List-Help: <mailto:cose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cose>, <mailto:cose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 31 Aug 2015 22:32:07 -0000

The keoh draft would be applicable here for comparison.

The overlap is in sense of additional code to enable secure multicast if DTLS is already present for unicast. Yes alerts and handshake from unicast are not used in the multicast (but DTLS unicast can be used to do the key updates for multicast).

I think you are misreading the TLSPlainText, TLSCompressed, TLSCiphertext. They are not wrappers in the sense that each one is embedded inside another. They are just structs to indicate the present status of the processing, only the length and the opaque fragment  gets modified at each stage while the content type and version are copied to the next struct. See how TLSCompressed is constructed from TLSPlaintext in 6.2.2 in RFC 5246 (TLSCompressed.fragment is the compressed form of TLSPlaintext.fragment and not TLSPlaintext). There are no additional wraps/layers inside if you look closely.

Regards
Sandeep

From: COSE [mailto:cose-bounces@ietf.org] On Behalf Of Jim Schaad
Sent: Monday, August 31, 2015 11:59 PM
To: 'Sandeep Kumar'
Cc: 'Hannes Tschofenig'; 'cose WG'
Subject: Re: [COSE] Multicast Use Case

I did not find the keoh draft because it expired at the beginning of July.   Which is the draft that I should be looking at?

I could easily be wrong about the code reuse.   On the other hand I don’t know what the levels are that are being re-used from TLS, so it can easily be that I have misunderstood what is going on.  On the other hand, I am not seeing a great deal of overlap with what I think of as DTLS.    I think there is a difference between being able to  re-use some small pieces of a DTLS system and saying that it is easily adaptable from a DTLS system.

Do you use the three layer wrapping of DTLS: TLSPlainText, TLSCompressed, TLSCiphertext?  I assume that you do not use the handshaking.  I don’t think you have any of the fatal error conditions.  I don’t know if this is a unidirectional cast that people cannot raise fatal alerts from.   I assume that you don’t do the change-cipher, but that is going away in 1.3 anyway so it is not a big deal.

jim


From: Sandeep Kumar [mailto:ietf@sandeep.de]
Sent: Monday, August 31, 2015 2:28 PM
To: Jim Schaad <ietf@augustcellars.com<mailto:ietf@augustcellars.com>>
Cc: Hannes Tschofenig <hannes.tschofenig@gmx.net<mailto:hannes.tschofenig@gmx.net>>; cose WG <cose@ietf.org<mailto:cose@ietf.org>>
Subject: Re: [COSE] Multicast Use Case

Hi Jim
You seem to be referring to an alternative version of the draft than Hannes used. The draft Hannes used draft-keoh-dice-multicast-security-08 uses SenderID to separate the nonce, while draft-kumar-dice-multicast-security derives new keys per sender (based on a single key and SenderID). the change was due to a difference is preference in my co-author but should not change the overhead.
Finally I disagree on your assessment on code reuse, it had been implemented with minimal changes needed to an existing IoT DTLS library.
regards
Sandeep

On Mon, Aug 31, 2015 at 10:02 PM, Jim Schaad <ietf@augustcellars.com<mailto:ietf@augustcellars.com>> wrote:
Hannes,

I think that characterizing draft-kumar-dice-multicast-security as some type of DTLS may be a huge misnomer.  On first read it is not matching a great deal of what I think of as being TLS/DTLS.   For example, all of the record layering that is present in DTLS does not appear to be here, and I would assume that none of the starting handshaking is going to be present here.

Looking at the figure 2 in that document appears to have an overhead of 13 bytes, but I am not seeing the sender ID that you are talking about so I am unsure that your analysis of the sizes is going to be correct for this.  It is definitely not true if the multiple layering of TLS is going to be used.

I am having a hard time with the example you gave, I put it into cbor.me<http://cbor.me> (after removing comments) and it generated a syntax error.  After generating it on my own, I came up with:

[
     2,  // encrypted message
     h'a2010a0547089f52fa000000', //  Protected headers
        //  {1: 10, - algorithm AES-CCM-16-64-128
               //   5: h'089f52fa000000' - nonce of 7 bytes}
     {     },  // Unprotected headers (none)
     h'7b9dcfa42c4e1d3182c402dc18ef8b5637de4fb62cf1dd156ea6e6e0', // encrypted message + authentication tag
     [
       [
         h'',  // Protected header - none
         { //  Unprotected headers
           1: -6,  // Algorithm direct
           4: h'01' // sender ID
         },
         h'' // No cipher text
       ]
     ]
   ]

Which maps to 56 bytes with a 28 byte message, using my best guess from what you are saying you get a 42 byte message with you "DTLS" message.  The current difference in overhead thus being 14 bytes rather than the 19 bytes you have below.   I expect that this difference will decrease as time goes by.  We have a proposals on the table which would reduce the size of the COSE message for handling of single recipient messages, but it is not clear which, if any, are going to be incorporated into the document.  Part of this is a question of what the implementation sizes are going to be.

Although the kumar document says that there should be significant code reuse between it and DTLS, I am not sure that I would agree with this.  It seems to be that it is just reusing small portions but it would be a significant re-write and would need to  have a corresponding complete security review.

Jim



> -----Original Message-----
> From: COSE [mailto:cose-bounces@ietf.org<mailto:cose-bounces@ietf.org>] On Behalf Of Hannes Tschofenig
> Sent: Monday, August 31, 2015 12:22 AM
> To: cose@ietf.org<mailto:cose@ietf.org>
> Subject: [COSE] Multicast Use Case
>
> Hi Jim, Brian, all,
>
> I am trying to compare the work on multicast security done by Sandeed & co
> against an application layer solution using CBOR/COSE.
>
> The DTLS multicast includes the following relevant components:
> - Epoch: 2 Byte
> - Sender ID: 1 Byte
> - Sequence Number: 5 Byte
>
> The combination of epoch, sender id and sequence number are used as a nonce
> for the cipher and the use of the sender id ensures that no member of the group
> accidentally selects values that will cause re-use.
>
> The 1 byte sender id is chosen small to reflect the expected size of a group in the
> professional lighting environment, as explained in the DTLS multicast document.
>
> Ciphersuite related information includes:
> - Encrypted Content (variable length)
> - MAC (variable length)
>
> Content Type, Version and Length are DTLS-specific aspects that cannot be
> removed without re-design of the record layer.
>
> Data based on Figure 4 of
> http://tools.ietf.org/html/draft-keoh-dice-multicast-security-08.txt.
>
> Since there is no sequence number defined in COSE I put the epoch and the
> sequence number together into the nonce field.
>
> Here is the commented version of the COSE message I came up with:
>
> [
>      2, // Encrypted COSE message
>      {
>        1: 10, // Algorithm - AES-CCM-16-64-128
>        5: h'89f52fa' // 7-byte nonce
>      },
>      h'7b9dcfa42c4e1d3182c402dc18ef8b5637de4fb62cf1dd156ea6e6e0',
>       // encrypted payload.
>      [
>        [
>          h'',
>          {
>            1: -6, // Direct use of CEK
>            4: h'01' // Key ID - 0x01
>          },
>          h''
>        ]
>      ]
>    ]
>
> According to cbor.me<http://cbor.me> the resulting COSE encoding has 59 bytes whereby 28
> bytes are purely used for message encryption.  This means that there is
> 31 bytes overhead with COSE compared to 12 bytes [= 8 for Epoch + Sequence
> Number + Sender ID, 3 bytes for Content Type and Version fields].
>
> Ciao
> Hannes
_______________________________________________
COSE mailing list
COSE@ietf.org<mailto:COSE@ietf.org>
https://www.ietf.org/mailman/listinfo/cose


________________________________
The information contained in this message may be confidential and legally protected under applicable law. The message is intended solely for the addressee(s). If you are not the intended recipient, you are hereby notified that any use, forwarding, dissemination, or reproduction of this message is strictly prohibited and may be unlawful. If you are not the intended recipient, please contact the sender by return e-mail and destroy all copies of the original message.

v2.23.0 | Report a Bug | By Email