[COSE] draft-prorock-cose-post-quantum-signatures [Was: Re: Call for COSE Agenda Items for IETF 113 in Vienna]
Ilari Liusvaara <ilariliusvaara@welho.com> Tue, 08 March 2022 18:16 UTC
Return-Path: <ilariliusvaara@welho.com>
X-Original-To: cose@ietfa.amsl.com
Delivered-To: cose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1])
by ietfa.amsl.com (Postfix) with ESMTP id 6635A3A0A8A
for <cose@ietfa.amsl.com>; Tue, 8 Mar 2022 10:16:09 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.906
X-Spam-Level:
X-Spam-Status: No, score=-1.906 tagged_above=-999 required=5
tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_BLOCKED=0.001,
SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01,
URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44])
by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id YMH9f5MHijX6 for <cose@ietfa.amsl.com>;
Tue, 8 Mar 2022 10:16:06 -0800 (PST)
Received: from welho-filter1.welho.com (welho-filter1b.welho.com
[83.102.41.27])
(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
(No client certificate requested)
by ietfa.amsl.com (Postfix) with ESMTPS id 472A03A0A3C
for <cose@ietf.org>; Tue, 8 Mar 2022 10:16:05 -0800 (PST)
Received: from localhost (localhost [127.0.0.1])
by welho-filter1.welho.com (Postfix) with ESMTP id 20727221A4
for <cose@ietf.org>; Tue, 8 Mar 2022 20:16:03 +0200 (EET)
X-Virus-Scanned: Debian amavisd-new at pp.htv.fi
Received: from welho-smtp3.welho.com ([IPv6:::ffff:83.102.41.86])
by localhost (welho-filter1.welho.com [::ffff:83.102.41.23]) (amavisd-new,
port 10024) with ESMTP id 2OPLsyQYp98I for <cose@ietf.org>;
Tue, 8 Mar 2022 20:16:02 +0200 (EET)
Received: from LK-Perkele-VII2 (87-92-216-160.rev.dnainternet.fi
[87.92.216.160])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(No client certificate requested)
by welho-smtp3.welho.com (Postfix) with ESMTPSA id C15C42315
for <cose@ietf.org>; Tue, 8 Mar 2022 20:16:01 +0200 (EET)
Date: Tue, 8 Mar 2022 20:16:01 +0200
From: Ilari Liusvaara <ilariliusvaara@welho.com>
To: cose@ietf.org
Message-ID: <YieQ4g30tZAK0uRL@LK-Perkele-VII2.locald>
References: <CAGJKSNSzuw7i2BXAw6DPQjTN7ujZiKPvU+o+N-agTLrSeRCUCw@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
In-Reply-To: <CAGJKSNSzuw7i2BXAw6DPQjTN7ujZiKPvU+o+N-agTLrSeRCUCw@mail.gmail.com>
Sender: ilariliusvaara@welho.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/cose/KWJjO_XSkGrg-5iB4-N2GAnHfVg>
Subject: [COSE] draft-prorock-cose-post-quantum-signatures [Was: Re: Call
for COSE Agenda Items for IETF 113 in Vienna]
X-BeenThere: cose@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: CBOR Object Signing and Encryption <cose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cose>,
<mailto:cose-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cose/>
List-Post: <mailto:cose@ietf.org>
List-Help: <mailto:cose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cose>,
<mailto:cose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 08 Mar 2022 18:16:10 -0000
On Tue, Mar 08, 2022 at 09:07:30AM -0500, Mike Prorock wrote: > Mike Jones, et al., > I would like to request 10 minutes of agenda time to discuss a new > cose-related draft that we are working on to provide support for post > quantum signature schemes with JOSE and COSE. > > The draft is here: > https://datatracker.ietf.org/doc/draft-prorock-cose-post-quantum-signatures/ Some quick feedback: Looking at the draft, why it is not using OKP key type? AFAIK, All of Dilithium, Falcon and SPHINCS+ already use byte strings for keys with good encoding. Any sort of re-encoding would massively increase complexity for likely negative gain. And there are only a few parameter sets (IIRC, 3 for Dilithium, 2 for Falcon and 6 for SPHINCS+), so folding these to the (misnamed) crv parameter should nto be difficult. And with regards to using one or different values of alg (differentiated by key), that is more complicated question. IIRC FIDO incorrectly assumes that alg values do not get reused, which causes problems with EdDSA which does reuse alg values (Ed25519 and Ed448 both use alg=-8 in COSE). On the other side, not reusing algorithm opens possibility for key-algorithm mismatches, which caused an infamous vulernabities in JOSE. -Ilari
- [COSE] Call for COSE Agenda Items for IETF 113 in… Mike Jones
- Re: [COSE] Call for COSE Agenda Items for IETF 11… Mike Jones
- Re: [COSE] Call for COSE Agenda Items for IETF 11… Mike Jones
- Re: [COSE] Call for COSE Agenda Items for IETF 11… Anders Rundgren
- Re: [COSE] Call for COSE Agenda Items for IETF 11… Mike Prorock
- Re: [COSE] Call for COSE Agenda Items for IETF 11… Hannes Tschofenig
- [COSE] draft-prorock-cose-post-quantum-signatures… Ilari Liusvaara
- Re: [COSE] draft-prorock-cose-post-quantum-signat… Anders Rundgren
- Re: [COSE] draft-prorock-cose-post-quantum-signat… Mike Prorock
- Re: [COSE] draft-prorock-cose-post-quantum-signat… Russ Housley
- Re: [COSE] draft-prorock-cose-post-quantum-signat… Mike Jones
- Re: [COSE] draft-prorock-cose-post-quantum-signat… Anders Rundgren
- Re: [COSE] draft-prorock-cose-post-quantum-signat… Ilari Liusvaara
- Re: [COSE] draft-prorock-cose-post-quantum-signat… Mike Prorock
- Re: [COSE] Call for COSE Agenda Items for IETF 11… Göran Selander
- Re: [COSE] draft-prorock-cose-post-quantum-signat… Orie Steele
- Re: [COSE] draft-prorock-cose-post-quantum-signat… Orie Steele
- Re: [COSE] draft-prorock-cose-post-quantum-signat… Anders Rundgren
- Re: [COSE] draft-prorock-cose-post-quantum-signat… Mike Prorock
- Re: [COSE] draft-prorock-cose-post-quantum-signat… Mike Jones
- Re: [COSE] draft-prorock-cose-post-quantum-signat… Mike Prorock
- Re: [COSE] draft-prorock-cose-post-quantum-signat… Ilari Liusvaara
- Re: [COSE] draft-prorock-cose-post-quantum-signat… Ilari Liusvaara
- Re: [COSE] draft-prorock-cose-post-quantum-signat… Rafael Misoczki
- Re: [COSE] draft-prorock-cose-post-quantum-signat… John K
- Re: [COSE] draft-prorock-cose-post-quantum-signat… Anders Rundgren
- Re: [COSE] draft-prorock-cose-post-quantum-signat… Ilari Liusvaara
- Re: [COSE] draft-prorock-cose-post-quantum-signat… Ilari Liusvaara
- Re: [COSE] draft-prorock-cose-post-quantum-signat… Russ Housley
- Re: [COSE] draft-prorock-cose-post-quantum-signat… Anders Rundgren
- Re: [COSE] draft-prorock-cose-post-quantum-signat… Rafael Misoczki
- Re: [COSE] draft-prorock-cose-post-quantum-signat… Russ Housley
- Re: [COSE] draft-prorock-cose-post-quantum-signat… Anders Rundgren
- Re: [COSE] draft-prorock-cose-post-quantum-signat… Ilari Liusvaara
- Re: [COSE] draft-prorock-cose-post-quantum-signat… Russ Housley
- Re: [COSE] draft-prorock-cose-post-quantum-signat… Orie Steele
- Re: [COSE] draft-prorock-cose-post-quantum-signat… Mike Jones
- Re: [COSE] draft-prorock-cose-post-quantum-signat… Orie Steele
- Re: [COSE] draft-prorock-cose-post-quantum-signat… Anders Rundgren
- Re: [COSE] draft-prorock-cose-post-quantum-signat… David Waite
- Re: [COSE] draft-prorock-cose-post-quantum-signat… Mike Prorock
- Re: [COSE] draft-prorock-cose-post-quantum-signat… Anders Rundgren
- Re: [COSE] draft-prorock-cose-post-quantum-signat… Russ Housley
- Re: [COSE] draft-prorock-cose-post-quantum-signat… Orie Steele
- Re: [COSE] draft-prorock-cose-post-quantum-signat… Mike Prorock
- Re: [COSE] draft-prorock-cose-post-quantum-signat… Mike Prorock
- Re: [COSE] draft-prorock-cose-post-quantum-signat… Mike Prorock
- Re: [COSE] draft-prorock-cose-post-quantum-signat… Ilari Liusvaara
- Re: [COSE] draft-prorock-cose-post-quantum-signat… Ilari Liusvaara
- Re: [COSE] draft-prorock-cose-post-quantum-signat… Russ Housley
- Re: [COSE] draft-prorock-cose-post-quantum-signat… Mike Prorock
- Re: [COSE] draft-prorock-cose-post-quantum-signat… Michael Richardson
- Re: [COSE] draft-prorock-cose-post-quantum-signat… Mike Jones
- Re: [COSE] draft-prorock-cose-post-quantum-signat… Mike Jones