IETF Logo Mail Archive

Re: [COSE] COSE_Key for HPKE encapsulated key

Hannes Tschofenig <Hannes.Tschofenig@arm.com> Thu, 29 September 2022 12:07 UTC

Return-Path: <Hannes.Tschofenig@arm.com>
X-Original-To: cose@ietfa.amsl.com
Delivered-To: cose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 765A6C1524D1 for <cose@ietfa.amsl.com>; Thu, 29 Sep 2022 05:07:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.908
X-Spam-Level:
X-Spam-Status: No, score=-6.908 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=armh.onmicrosoft.com header.b=esNgoH+8; dkim=pass (1024-bit key) header.d=armh.onmicrosoft.com header.b=esNgoH+8
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6Gh2EWFlfSZ2 for <cose@ietfa.amsl.com>; Thu, 29 Sep 2022 05:07:45 -0700 (PDT)
Received: from EUR01-DB5-obe.outbound.protection.outlook.com (mail-eopbgr150047.outbound.protection.outlook.com [40.107.15.47]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 64FE6C1522C9 for <cose@ietf.org>; Thu, 29 Sep 2022 05:07:45 -0700 (PDT)
ARC-Seal: i=2; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=pass; b=hsE58ljhlL+yUcYaNA2NawdxwSUTEnQtLMzxEPWRUOv2mRSt5vX/V4gWPWzygQGmp+2V1q2REGh8L9oySe9bWraTt4uAPgBd7Ttt5HJknlpAQDW4dINQbkFCLtZxT120qa7xqG1Gj1eKEkFLZkV2gNHxbyd9RkzDzOfo+D30QRwGffBlsRCIb3MZgsx4Y6UfW267dgWPXumzNEtev4RAkUQ8t3vRO1aNynAOmVPcTRcx3jY29zz5w28OPf+Zq/cEKooG0ae1Dto2+1Z17S3OByXt3P1izHivV7Yl4qYOFrj5U67bSdgUS9xByFeKIiO0XvvYtgkpCTdCl7Ypr2qXMQ==
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=wjePEjApk2gSKF5md8IAvWxklkit/OGZSqnNu5E/XyQ=; b=Bwxyk6V1WYsS9vwQRDOnBFl7QgVqQ8LR3DN7OuDi4jQWW7k/pZ/BNsRh5hW3YHqH5nzTnCNH1x+b10IX0ua/owryPJQ7BAGmYHGhBxRRG3HRrF2Ei6FJ11kTcTYRsuoTsutP38x59ycdVON2T++7a0O5EqXMkC7ZhHFsj6EdC3EhPnCdBQM+4lPgblNnias0kGxUbKwctSNcBO/X5XvsicDAHeWnYNCje58SL8HBt1ibHzaWd4e0nLYHdPmAGO4Cckv32nfR8C1fNeGBmNt6kBuXEAsV97xb5lBylSn9N7/Rx+uRpjnLb7QbvNJihR2+AoU+3S4rjibZKEB7/EGCeA==
ARC-Authentication-Results: i=2; mx.microsoft.com 1; spf=pass (sender ip is 63.35.35.123) smtp.rcpttodomain=ietf.org smtp.mailfrom=arm.com; dmarc=pass (p=none sp=none pct=100) action=none header.from=arm.com; dkim=pass (signature was verified) header.d=armh.onmicrosoft.com; arc=pass (0 oda=1 ltdi=1 spf=[1,1,smtp.mailfrom=arm.com] dkim=[1,1,header.d=arm.com] dmarc=[1,1,header.from=arm.com])
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=wjePEjApk2gSKF5md8IAvWxklkit/OGZSqnNu5E/XyQ=; b=esNgoH+82dcnb93indCPhND9ne3dkS7Igl1xDR91Vq54uLHrfnZ3mieF33pgXhg/K61j8a4VRWPPBPbEoQdtCmGLjF28805F3d0bq/b7BI8ytQHjbDYeuJLjP1oiQwi7jXiJoP4JV7JsIU9ob7zU36siZNvm31QIpu8/kaAyc3Q=
Received: from DUZPR01CA0056.eurprd01.prod.exchangelabs.com (2603:10a6:10:469::7) by AM8PR08MB5569.eurprd08.prod.outlook.com (2603:10a6:20b:1de::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5676.20; Thu, 29 Sep 2022 12:07:39 +0000
Received: from DBAEUR03FT049.eop-EUR03.prod.protection.outlook.com (2603:10a6:10:469:cafe::b2) by DUZPR01CA0056.outlook.office365.com (2603:10a6:10:469::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5676.20 via Frontend Transport; Thu, 29 Sep 2022 12:07:39 +0000
X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 63.35.35.123) smtp.mailfrom=arm.com; dkim=pass (signature was verified) header.d=armh.onmicrosoft.com;dmarc=pass action=none header.from=arm.com;
Received-SPF: Pass (protection.outlook.com: domain of arm.com designates 63.35.35.123 as permitted sender) receiver=protection.outlook.com; client-ip=63.35.35.123; helo=64aa7808-outbound-1.mta.getcheckrecipient.com; pr=C
Received: from 64aa7808-outbound-1.mta.getcheckrecipient.com (63.35.35.123) by DBAEUR03FT049.mail.protection.outlook.com (100.127.142.192) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5676.17 via Frontend Transport; Thu, 29 Sep 2022 12:07:39 +0000
Received: ("Tessian outbound 86cf7f935b1b:v128"); Thu, 29 Sep 2022 12:07:39 +0000
X-CheckRecipientChecked: true
X-CR-MTA-CID: a27e76ab45138b3c
X-CR-MTA-TID: 64aa7808
Received: from e9a0496aba94.1 by 64aa7808-outbound-1.mta.getcheckrecipient.com id 188EBC7B-E929-4AAB-AF72-966EC45A39C8.1; Thu, 29 Sep 2022 12:07:31 +0000
Received: from EUR04-VI1-obe.outbound.protection.outlook.com by 64aa7808-outbound-1.mta.getcheckrecipient.com with ESMTPS id e9a0496aba94.1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384); Thu, 29 Sep 2022 12:07:31 +0000
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=LqWSWOQryjmOYqL1PmHpWN3IKLJ1ysf5Kq3RTkpnnW0C+JGPSWvSbEiHP1vAYbJGs+/48ERCsNrKWGHboEjLf4pplv5lhTJP2t3BTO3EJWtQVehAWDsy6/8K1fEu+gSjPx3/zHRGhrB+fni2nKZ8XufOD9YE9bgx6IpNy7AuFVy//NvpGbH2N2NoyehSy51R3YhZqrBMz11NjGQebyzuIn8fzZUkhXWBfwDxTHgAasl25Tbb3F5e2Pdt8tEQTI+D8JsdGrCP0vKbppI2suLpi+2xy0wEOpSaxJH5KzgQBm/4X0k3YOL5E1QBvgxh42l+Op+ThPjA432XTzJ7s2ZXXA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=wjePEjApk2gSKF5md8IAvWxklkit/OGZSqnNu5E/XyQ=; b=ctgUNBQmlapnlRNX02BYfNoYflSOAkf7cHfm4WUtWNwYXN5Jo1fYY4EKsM5zqUR0uFK21sjbWbbhGKTN9CRvFqNycwnOiuTe2mPlyGxVbe/4DQbw7Bgv5OD+ZwsoDzMp18MVly8TWUiyOHSsTNmW6aj80A3EJ6Hcz6UC3QtTNgZuD/ZhBkJFS+Oj2MXpw2bM863WlNIRyAsqiAICzFsZLaFqFpDDMZWRQj6Vr2GeY3rxX9VlNPrds2sl3aulLX3E4+pBI9twfdD8Uny7GjeAeun+5eKPvJj+9zA03I+EtXgNi6eOKVCPFtMtJOyUz3XSP02y3TY1nqrN4G9YlwnI5Q==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=arm.com; dmarc=pass action=none header.from=arm.com; dkim=pass header.d=arm.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=wjePEjApk2gSKF5md8IAvWxklkit/OGZSqnNu5E/XyQ=; b=esNgoH+82dcnb93indCPhND9ne3dkS7Igl1xDR91Vq54uLHrfnZ3mieF33pgXhg/K61j8a4VRWPPBPbEoQdtCmGLjF28805F3d0bq/b7BI8ytQHjbDYeuJLjP1oiQwi7jXiJoP4JV7JsIU9ob7zU36siZNvm31QIpu8/kaAyc3Q=
Received: from DBBPR08MB5915.eurprd08.prod.outlook.com (2603:10a6:10:20d::17) by PA4PR08MB6223.eurprd08.prod.outlook.com (2603:10a6:102:e8::23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5676.17; Thu, 29 Sep 2022 12:07:29 +0000
Received: from DBBPR08MB5915.eurprd08.prod.outlook.com ([fe80::d48c:61b9:7a6a:88bc]) by DBBPR08MB5915.eurprd08.prod.outlook.com ([fe80::d48c:61b9:7a6a:88bc%9]) with mapi id 15.20.5676.020; Thu, 29 Sep 2022 12:07:29 +0000
From: Hannes Tschofenig <Hannes.Tschofenig@arm.com>
To: Ilari Liusvaara <ilariliusvaara@welho.com>, Richard Barnes <rlb@ipv.sx>
CC: "cose@ietf.org" <cose@ietf.org>
Thread-Topic: [COSE] COSE_Key for HPKE encapsulated key
Thread-Index: AQHY02QZ9RkveR2xfUeo8Vz4wm7Jo632RsuAgAAC18A=
Date: Thu, 29 Sep 2022 12:07:29 +0000
Message-ID: <DBBPR08MB5915F0CFDD5E140CF8641205FA579@DBBPR08MB5915.eurprd08.prod.outlook.com>
References: <CAL02cgTchR_+h8ZZZqbBWgJNcadb-7ki6f57XxFoo+Cpa+94Jg@mail.gmail.com> <YzWBrxjZgsw9uY1V@LK-Perkele-VII2.locald>
In-Reply-To: <YzWBrxjZgsw9uY1V@LK-Perkele-VII2.locald>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ts-tracking-id: 0B8ED04ABBCF6741A2B43335627BAF62.0
Authentication-Results-Original: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=arm.com;
x-ms-traffictypediagnostic: DBBPR08MB5915:EE_|PA4PR08MB6223:EE_|DBAEUR03FT049:EE_|AM8PR08MB5569:EE_
X-MS-Office365-Filtering-Correlation-Id: a3968998-c6ab-405d-a550-08daa2133472
x-checkrecipientrouted: true
nodisclaimer: true
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam-Untrusted: BCL:0;
X-Microsoft-Antispam-Message-Info-Original: vr5+j7gRy2I7eJm6cLsH/o2XeSqct5jjdNdp5Jcm2LOXYy/tlsjaCZvksVelDVUmKemAhBUS5mmfjCJd5/xnx/PIyRGulqhzJ1LAqGrvHeR04L5+N8u6g0UgH3wKFZ2bWBy7bhXbuMIuLbstt4aTIwT91Ll3U2lX0l8QeXjfSjdPqWaFqL2aIPo09Xxv4Xz0mC1OtiKIF9CxH6De5AAA+dYXheQB4d8J7v9jZi594cZ2ttqh6XC+HIaRWrQP43FLxcR7FTvlJ8Zm+C7d2Y4WF4X63y60vte+NNJIva1SC0HvX9dfE49V3pRuo8Bw1U+qKHG7L1WmnU8Zg3t+BkrmBTadFAL3ilumY9rhf14EpFvhteA2fmqBDpmSMQDlyj0HpGGuzFpGa1BvPucu9w3r9H0zg61jhbzNuMz2tKRbFOQY1pchD613MWFh8rP2YVj64xnoGPxv8AOJ4iztZ2y/6LzdkyrNmOyLJSpwHbO1LiKX3hjUEp6GR7pL2ZMWXYpPNE1gw2ouUVbibnvIQJ9yhy7Z6UN9c2T/Tg2Ry2N56Qad9EXOMcqoPvvyMsBxm8geqKXGP/xTIIeUbq/AeJPhjQhuhhk3INqJW49mtBvLEV9dsbYHUMAP0r2b9GiiglY3LSxMZvYll+ychPsQME3maG7dU48/KV/d7gZdcsPfDCDdV41p3IK67/DCuSbMGbJkH/YXStkJsnNgAMf4rB3Q2xFx/RnXnRqLkRx9X7n+NX/XnGi6v67JHx8ou0dli0DuHqWRVrV6hmQh4VR6lIAJkZjC0IWvKhqSHYIucs63nXg=
X-Forefront-Antispam-Report-Untrusted: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DBBPR08MB5915.eurprd08.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230022)(4636009)(346002)(39860400002)(396003)(366004)(136003)(376002)(451199015)(4326008)(110136005)(33656002)(86362001)(38070700005)(122000001)(9686003)(64756008)(38100700002)(83380400001)(186003)(966005)(316002)(53546011)(6506007)(7696005)(478600001)(26005)(71200400001)(52536014)(66946007)(76116006)(8676002)(66476007)(66446008)(66556008)(5660300002)(55016003)(8936002)(2906002)(41300700001); DIR:OUT; SFP:1101;
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PA4PR08MB6223
Original-Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=arm.com;
X-EOPAttributedMessage: 0
X-MS-Exchange-Transport-CrossTenantHeadersStripped: DBAEUR03FT049.eop-EUR03.prod.protection.outlook.com
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id-Prvs: 217fd2bc-d3b8-40cb-99c0-08daa2132ea4
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: NxgTdpjZiDsG+N7S7FnGnXKEGpnwV0VN3+11J4py7QLSdujqs2swaM6/vsH/M+vvN4PKeeqYjYrRNcua/0U1LSsOXKfy06xqpyb1AXDwsopZxxXMB/Ok859grfHPdcj3j2vEm2WqFung8BGhOzmchI7Qg1piw5CDVIOAWOVvNF/IzJpSjQM15sRtpMMrHOx3x8NoK9bl4FwJhdnwAQFXYOtL4VXALrmQHD5IN9akZ+05D7ySiqEG6vyRFKJ6hCILm+cFoF2eALsrK7HJDz4q8YkXlHXULRCAAHAezddW8aWFwMLK2xo6fCTRQXw9Jxlcvd1cUyleWI9jiYwPPdpG6uMPYuY9XHPRp0ASlYlQyVzgOdGqXsYws4CeuQVceHKiEuQLXR4QV5c+dVGt1ZlgOvCw//XXHDVKpZNuhdFHRcS0dpmMFU1vYUGHCbfhBIhBCTx1lHdoOIFEnHmCH6KwaqwihhVOOJJOWD2AiBh+njvRQEcqYSo5NRJdMpQ2BdS1FzZIhgkejZzrpDxq6RDluHkXj2R1xo+pembDc8L7m2fJSnAFR2jJl4m/dHde/TAlXmlJlh6p8HtYN/gtsaYQhDV4S9V3O+/Aq1YSwMf9dHrlf61u1W1D72v9pHPwSF/j1yqkIFpQtZ31FmcImYSOdn946TCOeKvHTIFId20GmuLThHgMteTKCRPBLWV5GfzHfs2GeYdFVJX+KXTBRYtTNCGySc+C3e6zOOp6YtRKP+i0+HMUiYADS3W5GxmRvuX4dM08J7KCauQGzSpyczeeIejg80xwkcjQm6qMY8+VRYM=
X-Forefront-Antispam-Report: CIP:63.35.35.123; CTRY:IE; LANG:en; SCL:1; SRV:; IPV:CAL; SFV:NSPM; H:64aa7808-outbound-1.mta.getcheckrecipient.com; PTR:ec2-63-35-35-123.eu-west-1.compute.amazonaws.com; CAT:NONE; SFS:(13230022)(4636009)(136003)(396003)(39860400002)(376002)(346002)(451199015)(36840700001)(40470700004)(46966006)(2906002)(81166007)(52536014)(8936002)(7696005)(53546011)(6506007)(41300700001)(9686003)(356005)(26005)(82310400005)(4326008)(47076005)(5660300002)(8676002)(70586007)(336012)(70206006)(82740400003)(186003)(83380400001)(33656002)(40460700003)(55016003)(86362001)(40480700001)(36860700001)(110136005)(478600001)(966005)(316002); DIR:OUT; SFP:1101;
X-OriginatorOrg: arm.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 29 Sep 2022 12:07:39.4353 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: a3968998-c6ab-405d-a550-08daa2133472
X-MS-Exchange-CrossTenant-Id: f34e5979-57d9-4aaa-ad4d-b122a662184d
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=f34e5979-57d9-4aaa-ad4d-b122a662184d; Ip=[63.35.35.123]; Helo=[64aa7808-outbound-1.mta.getcheckrecipient.com]
X-MS-Exchange-CrossTenant-AuthSource: DBAEUR03FT049.eop-EUR03.prod.protection.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM8PR08MB5569
Archived-At: <https://mailarchive.ietf.org/arch/msg/cose/7eJT_5Vo5HfugHkqVkK5fAeratk>
Subject: Re: [COSE] COSE_Key for HPKE encapsulated key
X-BeenThere: cose@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: CBOR Object Signing and Encryption <cose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cose>, <mailto:cose-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cose/>
List-Post: <mailto:cose@ietf.org>
List-Help: <mailto:cose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cose>, <mailto:cose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 29 Sep 2022 12:07:49 -0000

Let's in mind what we are discussing here (for a NIST curve):

Variant 1 (HPKE-style): Concatenation of x and y

Variant 2 (COSE-style): Putting x and y into separate fields

If the group believes that the concatenation of x||y (like HPKE does) is better than separating them into distinct fields (as COSE does today) then we should deprecate the current COSE public key encoding. If the HPKE-style encoding is so much better then why wouldn't you use it elsewhere as well?

I just don't want to **two** ways to encode x and y values in COSE. Is this really too much to ask for?

Ciao
Hannes

-----Original Message-----
From: COSE <cose-bounces@ietf.org> On Behalf Of Ilari Liusvaara
Sent: Thursday, September 29, 2022 1:30 PM
To: Richard Barnes <rlb@ipv.sx>
Cc: cose@ietf.org
Subject: Re: [COSE] COSE_Key for HPKE encapsulated key

On Wed, Sep 28, 2022 at 01:59:18PM -0400, Richard Barnes wrote:
>
> It was brought to my attention that this working group is considering
> representing the "enc" output of HPKE as a COSE_Key as opposed to an
> opaque byte string [1].
>
> Representing the "enc" output as anything other than opaque bytes is a
> mistake.  It would require the COSE implementation to parse the "enc"
> output, causing a bunch of unnecessary work and inviting error.  (If you
> want to represent it as opaque bytes plus some metadata, sure.  But   But
> don't parse it.)

Unfortunately, there is a perverse incentive involved: For NIST curves, one can save a few dozen bytes by re-encoding the value, as HPKE does not support compressed nor compact points for NIST curves.

Regarding adding support for compact points, what it would take to add the stuff from draft-harkins-cfrg-dnhpke-02, section 4.1 to the IANA registry (I think the ball has been dropped somewhere with that)?


> I'm not sure which of the chairs' options that maps to, but both the
> COSE_Key and Ilari's OKP proposal look incorrect to me, because they
> both imply that the value is a key.  I think Daisuke Ajitomi's
> proposal is closer to correct. In any case, I hope this helps clear things up.

There is really a lot of confusion between long-term public keys and encapsulated keys (the "enc" output). The OKP proposal was about long- term public keys (but turns out it is flawed for different reasons).

The nasty hacks I did of encoding "enc" into COSE_Key used key type "Symmetric", which is the smallest boilerplate to stuff some byte string into COSE_Key, as "ephemeral key" field takes COSE_Key.

The latest proposal I made (non-injectively) stuffs "enc" into the beginning of the ciphertext (along with the AEAD ID). This avoids allocating new header parameters and makes COSE-HPKE look like some- thing existing (direct encryption / key wrap) rather than a totally new kind of of thing.



-Ilari

_______________________________________________
COSE mailing list
COSE@ietf.org
https://www.ietf.org/mailman/listinfo/cose
IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.

v2.23.0 | Report a Bug | By Email