[COSE] COSE ciphersuite list in draft-ietf-cose-hpke-07
Rohan Mahy <rohan.mahy@wire.com> Tue, 07 November 2023 13:01 UTC
Return-Path: <rohan.mahy@wire.com>
X-Original-To: cose@ietfa.amsl.com
Delivered-To: cose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E4954C1D470B for <cose@ietfa.amsl.com>; Tue, 7 Nov 2023 05:01:52 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.105
X-Spam-Level:
X-Spam-Status: No, score=-7.105 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=wire.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HvLEgj5V4P_C for <cose@ietfa.amsl.com>; Tue, 7 Nov 2023 05:01:49 -0800 (PST)
Received: from mail-wm1-x334.google.com (mail-wm1-x334.google.com [IPv6:2a00:1450:4864:20::334]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 883C4C1E4E45 for <cose@ietf.org>; Tue, 7 Nov 2023 05:01:46 -0800 (PST)
Received: by mail-wm1-x334.google.com with SMTP id 5b1f17b1804b1-408425c7c10so41486545e9.0 for <cose@ietf.org>; Tue, 07 Nov 2023 05:01:46 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=wire.com; s=google; t=1699362105; x=1699966905; darn=ietf.org; h=to:subject:message-id:date:from:mime-version:from:to:cc:subject :date:message-id:reply-to; bh=zSKqaUjnhFAjHkesio1KXfbFUAowayI2oXj7xSuuWEY=; b=gborIXtycxslKWq79y/TYlSj393NzN6K0Es9cxI6WnunPgPXVOjm+BsmKX05GfWzTV QJKlY9WwH2uER5FCFzdZf/poHxyIC35UkM06rheT5Pu9N7QD6MhXYoDiunkVTawhwjYW Ji6L3xGxdvV9djoKfDGATvnQiQV2flBwI/yaWSSVMsZJDTH1Ad+jzRQ1tFxDn1jZqe3N QfnC21fwPUY1VNBaK2IqAsSXfDw83yHTPVl0pJa6RFa8BHljT9LMSNF+gvR4KFXLSvsP 6RYCkRpyHHk38yK2odE7DU8+XmcAiqAXxjqGYakHwZCdg0Nm56OoQsoaKttOliAlMaEg LvpQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1699362105; x=1699966905; h=to:subject:message-id:date:from:mime-version:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=zSKqaUjnhFAjHkesio1KXfbFUAowayI2oXj7xSuuWEY=; b=Hg5r4B5KmjjkhZ9IwToxmiHHHwXmn77Jde6/0qcEN/OxAfHn4k6vqEBosTamrTUm+P 8V66+cX8xAdN5pw0LgsR0XZXqDaQa0G6rj5D7NF8kTCWdyHhv1RPSGSj3ofn4mMd1m7r LkQ8s1gziyb8zGQuU63MItyzpZENV+5jObMekwKYi2Dr/bS03D//+Ek3XM/BV36nRrhO /fuWWMMnLXI1dA84nKKgJkfYahbdCeMiQkNckku/h2t4kTkNPXGOB/TqLe0HiWi8knr/ MwjO7bOlfs6ZHdpYH6DKKAoGNNlOJT/d7/lBQ5ym5ubav2Z9ZW4Hb38UEBhlI8AOKGHj G1vw==
X-Gm-Message-State: AOJu0YxMSNo1bJErelGKO+GX7Yb5SxFoJuX4A1e4ujXYGs9HzBohaQnR uK1y9eQooMbyvwUOEkgAD0RheFVVPXeMFsY2ijEnpExmASjJdyakkrQQWcvu
X-Google-Smtp-Source: AGHT+IGmizglnm/FNSitnLxpbFA2QBja3murMP2bU9KY74KJ/YYygBsFQU8HsFc1liMSq0q7GTWjIY2muYXRtaUEyL8=
X-Received: by 2002:adf:e881:0:b0:32d:7162:7ffe with SMTP id d1-20020adfe881000000b0032d71627ffemr24567857wrm.69.1699362104337; Tue, 07 Nov 2023 05:01:44 -0800 (PST)
MIME-Version: 1.0
From: Rohan Mahy <rohan.mahy@wire.com>
Date: Tue, 07 Nov 2023 14:01:33 +0100
Message-ID: <CACW8--OsQNAhEJ7Cbe8vd5LfSD+Y6n2mQVh-TAfuupi5uVdujw@mail.gmail.com>
To: cose@ietf.org
Content-Type: multipart/alternative; boundary="0000000000009309de06098f927e"
Archived-At: <https://mailarchive.ietf.org/arch/msg/cose/FonvRdlMFuY4_yo-ZFjpVqtlvlY>
Subject: [COSE] COSE ciphersuite list in draft-ietf-cose-hpke-07
X-BeenThere: cose@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: CBOR Object Signing and Encryption <cose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cose>, <mailto:cose-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cose/>
List-Post: <mailto:cose@ietf.org>
List-Help: <mailto:cose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cose>, <mailto:cose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 07 Nov 2023 13:01:53 -0000
Hi, Regarding the list of ciphersuites in draft-ietf-cose-hpke-07: The MLS working group observed that most people who are interested in using ChaChaPoly instead of AES are not interested in running NIST Curves either. I'll also observe that the interest in the CP NIST curves is currently unproven and that these COSE ciphersuites could be easily added later. I would like to include the X25519/Kyber768 KEM with AES and ChaChaPoly, but these could also be included later. There is substantial interest in using a hybrid KEM to prevent harvest-now/decrypt-later attacks. However, a desire to publish this spec sooner would be a perfectly reasonable justification to leave these ciphersuite out. Concretely, I would propose the following COSE HPKE ciphersuites: HPKE-Base-P256-SHA256-AES128GCM HPKE-Base-P384-SHA384-AES256GCM HPKE-Base-P521-SHA512-AES256GCM HPKE-Base-X25519-SHA256-AES128GCM HPKE-Base-X25519-SHA256-ChaCha20Poly1305 HPKE-Base-X448-SHA512-AES256GCM HPKE-Base-X448-SHA512-ChaCha20Poly1305 HPKE-Base-X25519Kyber768-SHA256-AES256GCM HPKE-Base-X25519Kyber768-SHA256-ChaCha20Poly1305 Thanks, -rohan *Rohan Mahy *l Vice President Engineering, Architecture Chat: @rohan_wire on Wire Wire <https://wire.com/en/download/> - Secure team messaging. *Zeta Project Germany GmbH *l Rosenthaler Straße 40, <https://maps.google.com/?q=Rosenthaler+Stra%C3%9Fe+40,%C2%A0+10178+Berlin,%C2%A0+Germany&entry=gmail&source=g>10178 Berlin, <https://maps.google.com/?q=Rosenthaler+Stra%C3%9Fe+40,%C2%A0+10178+Berlin,%C2%A0+Germany&entry=gmail&source=g> Germany <https://maps.google.com/?q=Rosenthaler+Stra%C3%9Fe+40,%C2%A0+10178+Berlin,%C2%A0+Germany&entry=gmail&source=g> Geschäftsführer/Managing Director: Christian Salza HRB 149847 beim Handelsregister Charlottenburg, Berlin VAT-ID DE288748675
- [COSE] COSE ciphersuite list in draft-ietf-cose-h… Rohan Mahy
- Re: [COSE] COSE ciphersuite list in draft-ietf-co… Orie Steele
- Re: [COSE] COSE ciphersuite list in draft-ietf-co… Ilari Liusvaara
- Re: [COSE] COSE ciphersuite list in draft-ietf-co… Ilari Liusvaara