IETF Logo Mail Archive

Re: [Cose] Key management for MACs (was Re: Review of draft-schaad-cose-msg-01)

"Jim Schaad" <ietf@augustcellars.com> Fri, 10 July 2015 23:08 UTC

Return-Path: <ietf@augustcellars.com>
X-Original-To: cose@ietfa.amsl.com
Delivered-To: cose@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 66DC61A034C for <cose@ietfa.amsl.com>; Fri, 10 Jul 2015 16:08:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GsVChoP5lVYh for <cose@ietfa.amsl.com>; Fri, 10 Jul 2015 16:08:03 -0700 (PDT)
Received: from smtp3.pacifier.net (smtp3.pacifier.net [64.255.237.177]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6E7041A035F for <cose@ietf.org>; Fri, 10 Jul 2015 16:07:52 -0700 (PDT)
Received: from hebrews (174-21-18-91.tukw.qwest.net [174.21.18.91]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) (Authenticated sender: jimsch@nwlink.com) by smtp3.pacifier.net (Postfix) with ESMTPSA id 99AFA38F3F; Fri, 10 Jul 2015 16:07:51 -0700 (PDT)
From: Jim Schaad <ietf@augustcellars.com>
To: 'Brian Campbell' <bcampbell@pingidentity.com>
References: <CA+k3eCQUPxZfWM9XcKaTLN-WOx2cHEi9SAGSRFTtv71iSCUqdQ@mail.gmail.com> <559576A9.9090002@gmx.net> <BY2PR03MB442C02F758E34B29BBD0CEAF5970@BY2PR03MB442.namprd03.prod.outlook.com> <001001d0b90c$3c874af0$b595e0d0$@augustcellars.com> <00c501d0b9a5$c8f869d0$5ae93d70$@augustcellars.com> <CA+k3eCS-7UK9RDfnkKCLK0ApTdNhSamYY3LL73+e1=rBvz7vDA@mail.gmail.com> <000f01d0baad$8a781b20$9f685160$@augustcellars.com> <CA+k3eCSHOjdWyqbRAWR8AitEA5Z-vekUcCY7XQpFj=n2vhsi=A@mail.gmail.com> <001401d0bb5f$a98fdf90$fcaf9eb0$@augustcellars.com> <CA+k3eCRe+OimGD3n_m59EogP5geeCq4SSNQu6k_ECuj_63c5pA@mail.gmail.com>
In-Reply-To: <CA+k3eCRe+OimGD3n_m59EogP5geeCq4SSNQu6k_ECuj_63c5pA@mail.gmail.com>
Date: Fri, 10 Jul 2015 16:08:10 -0700
Message-ID: <003001d0bb65$4a55c390$df014ab0$@augustcellars.com>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----=_NextPart_000_0031_01D0BB2A.9DF89940"
X-Mailer: Microsoft Outlook 15.0
Content-Language: en-us
Thread-Index: AQGMo9E7lz5K1VbQVek9kTd0WZ5EKwIS9FwIAQ3LxPQB/WXDmAHiZZGnAshjO7UBc0IGzgHgFhm5AhFvASIB8EROkp3UkcDA
Archived-At: <http://mailarchive.ietf.org/arch/msg/cose/T-2PMgWI5dhLqsC9k_f8VilWK_0>
Cc: cose@ietf.org
Subject: Re: [Cose] Key management for MACs (was Re: Review of draft-schaad-cose-msg-01)
X-BeenThere: cose@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: CBOR Object Signing and Encryption <cose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cose>, <mailto:cose-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cose/>
List-Post: <mailto:cose@ietf.org>
List-Help: <mailto:cose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cose>, <mailto:cose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 10 Jul 2015 23:08:05 -0000

The overhead on key management is going to be based a lot on what you are doing.

 

If you are doing direct shared secret –then you have a kid

If you are doing ECDH-SS – then you need two kids and a nonce (which can be very short)

If you are doing ECDSA – then you need a kid

 

This means that to be the same size you have 24 bytes to express a second kid (which could be implicit) and a nonce (which can be a short as 2 or 3 bytes).  I don’t think you need that much space – so yes, it would be smaller.  

 

The overhead from the basic messages (MAC vs Sign) is going to be about the same in both cases.

 

From: Brian Campbell [mailto:bcampbell@pingidentity.com] 
Sent: Friday, July 10, 2015 3:34 PM
To: Jim Schaad
Cc: cose@ietf.org
Subject: Re: [Cose] Key management for MACs (was Re: Review of draft-schaad-cose-msg-01)

 

Really, there's no overhead from the key management part?

 

 

I've admittedly not done the comparison but the message size overhead seems like it'd be similar with something like ECDSA (admittedly not RSA).

 

ECDSA = 2 * SHA-256 or 32 bytes

Truncated AES-CMAC is 8 bytes (64 bits)

v2.23.0 | Report a Bug | By Email