IETF Logo Mail Archive

[COSE] Update to the COSE-HPKE draft and new use case (?)

Hannes Tschofenig <Hannes.Tschofenig@arm.com> Mon, 28 February 2022 15:04 UTC

Return-Path: <Hannes.Tschofenig@arm.com>
X-Original-To: cose@ietfa.amsl.com
Delivered-To: cose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7EB4F3A1297 for <cose@ietfa.amsl.com>; Mon, 28 Feb 2022 07:04:56 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.909
X-Spam-Level:
X-Spam-Status: No, score=-6.909 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=armh.onmicrosoft.com header.b=otci7lE5; dkim=pass (1024-bit key) header.d=armh.onmicrosoft.com header.b=otci7lE5
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jhBD9Nn63RpB for <cose@ietfa.amsl.com>; Mon, 28 Feb 2022 07:04:52 -0800 (PST)
Received: from EUR05-AM6-obe.outbound.protection.outlook.com (mail-am6eur05on2084.outbound.protection.outlook.com [40.107.22.84]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CC7833A113E for <cose@ietf.org>; Mon, 28 Feb 2022 07:04:51 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=LfOMpwF0BRVInEXmrEVj2uS9CtVsljm+B2v739j6j5E=; b=otci7lE59DzpGLHVui9pLoNm682SwZC9XFsrEgoCjU5sWZxc00zW3m+KCwZXMC62Cfnxbo6kWn+461dekxcuhtvh3DpNS2xypXKTbUBpliE81FfRL0VcMyijmEiRhAGoGq6ZIVZErKWmDrAFOJT2oLqSAUwalIxt66fWSmtvxvM=
Received: from AM6P193CA0089.EURP193.PROD.OUTLOOK.COM (2603:10a6:209:88::30) by AM9PR08MB6068.eurprd08.prod.outlook.com (2603:10a6:20b:2dc::23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5017.22; Mon, 28 Feb 2022 15:04:41 +0000
Received: from VE1EUR03FT047.eop-EUR03.prod.protection.outlook.com (2603:10a6:209:88:cafe::12) by AM6P193CA0089.outlook.office365.com (2603:10a6:209:88::30) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5017.21 via Frontend Transport; Mon, 28 Feb 2022 15:04:41 +0000
X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 63.35.35.123) smtp.mailfrom=arm.com; dkim=pass (signature was verified) header.d=armh.onmicrosoft.com;dmarc=pass action=none header.from=arm.com;
Received-SPF: Pass (protection.outlook.com: domain of arm.com designates 63.35.35.123 as permitted sender) receiver=protection.outlook.com; client-ip=63.35.35.123; helo=64aa7808-outbound-1.mta.getcheckrecipient.com;
Received: from 64aa7808-outbound-1.mta.getcheckrecipient.com (63.35.35.123) by VE1EUR03FT047.mail.protection.outlook.com (10.152.19.218) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5017.22 via Frontend Transport; Mon, 28 Feb 2022 15:04:40 +0000
Received: ("Tessian outbound 31aeb3346a45:v113"); Mon, 28 Feb 2022 15:04:40 +0000
X-CR-MTA-TID: 64aa7808
Received: from e438c4f3d3b4.1 by 64aa7808-outbound-1.mta.getcheckrecipient.com id AE307FCB-56B5-47E1-B618-21A257F3EAEC.1; Mon, 28 Feb 2022 15:04:33 +0000
Received: from EUR01-HE1-obe.outbound.protection.outlook.com by 64aa7808-outbound-1.mta.getcheckrecipient.com with ESMTPS id e438c4f3d3b4.1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384); Mon, 28 Feb 2022 15:04:33 +0000
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=NxnAlX4hTf3s73eapcUsekwX6sB7XSiwOgKmJunIw95AtAlu2uDDptIGbPLr/PiOzXXZWx2HFVTkHI0AbTtBHMhLUE87ShUzxsdUbI1XasoJso+/rSj68O7do9UC7pf6yGwWYasJQMksweg9AerwmAS4+5xO3Yfoe09owyFqBD7Q1gVkk7wg5y98Yll9BTS1cJXhD7Pz/wUe7VIAt5+12gD3pVg+RPwTDjRiuTiWEZVCL2xzud96B0aaIM3rmUyrUFdk5MzT9+8WUzyd6Vw60oEGblDJJ8840qK6l7h4ZiYdU5NRvlLN4bnDlQ9Jq1KU53ykKI+1Kq4tLuX5s9KgSQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=LfOMpwF0BRVInEXmrEVj2uS9CtVsljm+B2v739j6j5E=; b=Y0U6LcS4ASfSQi8+TRIz9k5pgzDn9GofhVHrlbPbaGcQuYq7GC6IxsYlSi6RXWKm4D8MWXt3DoBwmt5uQGdECyi8qWrkFfqEtVVXCMHoH6tQUPx1lkdcoHxvOSVUEo3AVjwq/J0wOnyO2PWuWsf1TsTB3Uw1Ry3NotOogH0mXKni25Zy6a/TGWk5Ko+n/Us9u41dfraF6KfvRQAI88IUX5WYpAmtrx1OFLaHyzvcFfbjaCjez51kAcORTkmKlkY0ifLN1XUnawqHhwXDrGH6afQVBDRKVPSrZgeT+1QE+eWu8hZjFOQ6GZ9BstB4BguYGmFGGUlKvDtQq3C4x5ndfw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=arm.com; dmarc=pass action=none header.from=arm.com; dkim=pass header.d=arm.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=LfOMpwF0BRVInEXmrEVj2uS9CtVsljm+B2v739j6j5E=; b=otci7lE59DzpGLHVui9pLoNm682SwZC9XFsrEgoCjU5sWZxc00zW3m+KCwZXMC62Cfnxbo6kWn+461dekxcuhtvh3DpNS2xypXKTbUBpliE81FfRL0VcMyijmEiRhAGoGq6ZIVZErKWmDrAFOJT2oLqSAUwalIxt66fWSmtvxvM=
Received: from DBBPR08MB5915.eurprd08.prod.outlook.com (2603:10a6:10:20d::17) by AM8PR08MB6513.eurprd08.prod.outlook.com (2603:10a6:20b:366::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5017.26; Mon, 28 Feb 2022 15:04:30 +0000
Received: from DBBPR08MB5915.eurprd08.prod.outlook.com ([fe80::b478:3f3d:2464:65c8]) by DBBPR08MB5915.eurprd08.prod.outlook.com ([fe80::b478:3f3d:2464:65c8%5]) with mapi id 15.20.5017.026; Mon, 28 Feb 2022 15:04:30 +0000
From: Hannes Tschofenig <Hannes.Tschofenig@arm.com>
To: "cose@ietf.org" <cose@ietf.org>
CC: Richard Barnes <rlb@ipv.sx>, Chris Wood <caw@heapingbits.net>
Thread-Topic: Update to the COSE-HPKE draft and new use case (?)
Thread-Index: AdgssVAELsxNzCHhRZOACjsjjmMa5g==
Date: Mon, 28 Feb 2022 15:04:30 +0000
Message-ID: <DBBPR08MB5915DBF46D50E44049EEEB72FA019@DBBPR08MB5915.eurprd08.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ts-tracking-id: 93F17FBCE7BA614A88D81F92343BADA8.0
x-checkrecipientchecked: true
Authentication-Results-Original: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=arm.com;
X-MS-Office365-Filtering-Correlation-Id: 49536cd3-f6b7-4506-b3f7-08d9facba521
x-ms-traffictypediagnostic: AM8PR08MB6513:EE_|VE1EUR03FT047:EE_|AM9PR08MB6068:EE_
X-Microsoft-Antispam-PRVS: <AM9PR08MB6068D9F85B304B213F96C19CFA019@AM9PR08MB6068.eurprd08.prod.outlook.com>
x-checkrecipientrouted: true
nodisclaimer: true
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam-Untrusted: BCL:0;
X-Microsoft-Antispam-Message-Info-Original: aaIVQ9w3cSqGrPAFtqS03lTeWT3GcCSAZoiy6ehdwnkM5hpWEZ0jOM6IryWSNmAFtskwlAHAaBaeogj0ZtEvoWmjw8wsxl9zD6CxtF9pHztPo6lKZZMp9MtNpc16WrC2YPDuMLrXQd7zCyLiEqb0zdoOr6rJyhvKKQx8aoTKkqJOHQ57h8emYmLVSt96W2Xb8FC0UyThijR0RV0CezSk3GQu39gmXyJyRmk7dfjAoF8kIbfai1HD2TQwodjrCsY6+A8lnAQhbkYfAVbfy5n/8tBz8lMn7hXGYdXI9/s9SAg08HYo2zvXGhF93jrRHWdNoWLEbF7FBkeWQXByVYOZeoTB5k/3rd6xe09R+vNOpQ88YPC42EYadZy0F2Lt4LmR2JZAxchyJqZYwYgeqvHr43w4mCQRZy/tF1Kbwf5zSSaLgYKlnEaJZbJeNfo0rcpMiO5/jNT24HGGGdCyjSo2+LQUpvpSq7tmkwM59jdp73eh5wpJFcI/UNhfOK0OdVmNUN2+nDVI4y4kK//6LjCho2QDsP2hteVDscfUhugTAqTEuGMr6vHfM++yjJ6OzHQs3XW4hgpqcDEvbLKDFCpJocR3Tivo7ofyXxTsYQBO14TUqGsx1v43nH61lmwaJ1pGYyYnzrAnTzQOHAg2fwYBv2qsEQW+pDdr7Am/3llNtQPaRv/0sWYDhxzvxibS55wUEdkjyWwKIxicF4Pc5K8GXsdyIvTcM7B/EHRFMp+bosz/SwZ+wxd7TV1ncG4hfVawL+x6Ek6py09vMLMTMh/XYm48dxbwHM3+j5O5OVynxk95B2k57INIGt/fwb4AybqL
X-Forefront-Antispam-Report-Untrusted: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DBBPR08MB5915.eurprd08.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230001)(4636009)(366004)(7696005)(38070700005)(86362001)(6506007)(9686003)(71200400001)(508600001)(33656002)(8676002)(966005)(122000001)(2906002)(5660300002)(76116006)(66556008)(66476007)(66446008)(64756008)(83380400001)(8936002)(52536014)(15650500001)(66946007)(55016003)(166002)(38100700002)(186003)(54906003)(26005)(6916009)(316002)(4326008); DIR:OUT; SFP:1101;
Content-Type: multipart/alternative; boundary="_000_DBBPR08MB5915DBF46D50E44049EEEB72FA019DBBPR08MB5915eurp_"
MIME-Version: 1.0
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM8PR08MB6513
Original-Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=arm.com;
X-EOPAttributedMessage: 0
X-MS-Exchange-Transport-CrossTenantHeadersStripped: VE1EUR03FT047.eop-EUR03.prod.protection.outlook.com
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id-Prvs: 48aad124-cbb8-4700-0ea9-08d9facb9f42
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: bFAqYVBOFigiZg/eDE+/67ipqi2Z/xjhiUoW4+wFr82b85luemkNlQDZdpExm6fx31pk1QTJBomw91vQv8B9DwGJ6gV8gym+/ekUi4yMgwPWJcc5lyqQrHqctCV/RBUfM6XgDk4cEVrMoyEHGA5o4ME9wqLXH24Rs7PnZUXXOXvwJxb+wvNV42tuoUfvSHicIupPLEPgjvqhs9unAQh2WlYgbm1m/yhhg0aGNF/o0OkfzLQNd/o+vWx7oWRoItiO5NsxRLVcVhfuw1giqQdq9Z4FZdvVb9y7GHh43Ui77eeUdLReJPuOi9KSocibrpoIkav4ImDGJfnJ/nwSZMriOAOVBtJwxkRNBB5uoA2oVR1OFlFhRzkNSt2+DKQr/Sqe7/Wt9DCt0mvaXeZe+qwh9m5PzO1lIWi1Qcco4KrPJOyRw2WaBXMLliwMgZz204G47dF67ajBjBZprGMKc8njwtyO7bLTDAq69GMf6nKz1wpUoNPd34oRsBsl0924oxI/xTuyw4JvbadgwiXKTZEZYwd7hEhnEiVbPaabHOLrUIwT8taqe4DwPNmK7M2oBTe1E0qVbC6dFkbXHVIsOE+WoM/QsA6l9+8zH7UBUu4UlG2Qsz2EFcX15srl74psi2gPC3jSg3Q4YMzvJdM+YijQZCXNm1JKozHIcNDSvcsBJWzNCDQdAvJM7NINI0e7k/fsxdFDQ9W6cbwgeiycrfcmjxlqke4bA4J/fpKsoSMN5rKuHb9sZ0sU7jJ3GR5ISiUWIHJx2os+MHRPhle+jRWMrohUXAtxpOB1U4hp88wnosU=
X-Forefront-Antispam-Report: CIP:63.35.35.123; CTRY:IE; LANG:en; SCL:1; SRV:; IPV:CAL; SFV:NSPM; H:64aa7808-outbound-1.mta.getcheckrecipient.com; PTR:ec2-63-35-35-123.eu-west-1.compute.amazonaws.com; CAT:NONE; SFS:(13230001)(4636009)(40470700004)(46966006)(36840700001)(966005)(508600001)(40460700003)(81166007)(36860700001)(4326008)(8676002)(70586007)(6916009)(54906003)(55016003)(26005)(6506007)(70206006)(107886003)(47076005)(2906002)(7696005)(9686003)(186003)(5660300002)(15650500001)(356005)(86362001)(336012)(316002)(166002)(82310400004)(33656002)(83380400001)(8936002)(52536014); DIR:OUT; SFP:1101;
X-OriginatorOrg: arm.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 28 Feb 2022 15:04:40.3984 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 49536cd3-f6b7-4506-b3f7-08d9facba521
X-MS-Exchange-CrossTenant-Id: f34e5979-57d9-4aaa-ad4d-b122a662184d
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=f34e5979-57d9-4aaa-ad4d-b122a662184d; Ip=[63.35.35.123]; Helo=[64aa7808-outbound-1.mta.getcheckrecipient.com]
X-MS-Exchange-CrossTenant-AuthSource: VE1EUR03FT047.eop-EUR03.prod.protection.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM9PR08MB6068
Archived-At: <https://mailarchive.ietf.org/arch/msg/cose/9nowDz5kbfUvrGR-o6U1Tm31XAA>
Subject: [COSE] Update to the COSE-HPKE draft and new use case (?)
X-BeenThere: cose@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: CBOR Object Signing and Encryption <cose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cose>, <mailto:cose-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cose/>
List-Post: <mailto:cose@ietf.org>
List-Help: <mailto:cose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cose>, <mailto:cose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 28 Feb 2022 15:04:57 -0000

Hi all,

Following the virtual interim meeting we have updated the draft and here is a recent snapshot:
https://github.com/cose-wg/HPKE/blob/main/draft-ietf-cose-hpke.txt

Here are the slides from that meeting:
https://datatracker.ietf.org/meeting/interim-2022-cose-01/materials/slides-interim-2022-cose-01-sessa-cose-hpke-00

At that meeting we made progress on two open issues:


  1.  Simplify the layering (to a 2-layer model), as proposed by Ilari.
  2.  Not to introduce new parameters for HPKE algorithms but instead have the HPKE authors to add a note to their draft so that new value registrations are automatically populated into the IANA COSE registry.

There are additional open issues described in the slide deck that require further discussion in the group. I will add those to the Github open issue list.

A new aspect raised by Richard and Chris (on CC), in an off-list review, is to add an even more "optimized" layering. As a reminder, they currently described layering (see link to the draft snapshot) encrypts a CEK via HPKE and places the encrypted CEK in layer 1. Then, the plaintext in layer 0 is encrypted using that CEK. This design was selected for use with firmware encryption in mind (plaintext is the firmware image in this case). Richard believes that there are use cases where this intermediate step is not needed. Consequently, there would be only one layer and HPKE is thereby directly applied to the plaintext.

I would like to bring this issue to the list for discussion since adding such functionality to the draft requires changes. Below is an example for you to visualize the result of what Richard&Chris are asking for (if I correctly understood it):

96(
    [
        << {1: -100} >>, / algorithm id -100 for HPKE/P-256+HKDF-256 and AES-128-GCM /
        {
            / ephemeral public key structure /
            -1: << {
                1: 2,
                -1: 1,
                -2: h'985E2FDE3E67E1F7146AB305AA98FE89B1CFE545965B6CFB066C0BB19DE7E489',
                -3: h'4AC5E777A7C96CB5D70B8A40E2951562F20C21DB021AAD12E54A8DBE7EF9DF10'
                } >>,
             4: 'kid-2'
        },
        / encrypted plaintext /
        h'4123E7C3CD992723F0FA1CD3A903A58842B1161E02D8E7FD842C4DA3B984B9CF'
    ]
)

(Ignore details - the high-level details matter here)

Thoughts?

Ciao
Hannes & Russ

IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.

v2.23.0 | Report a Bug | By Email