IETF Logo Mail Archive

Re: [COSE] Key identifier of type bstr / int

Göran Selander <goran.selander@ericsson.com> Tue, 10 August 2021 10:13 UTC

Return-Path: <goran.selander@ericsson.com>
X-Original-To: cose@ietfa.amsl.com
Delivered-To: cose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5A6ED3A0CD0 for <cose@ietfa.amsl.com>; Tue, 10 Aug 2021 03:13:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.552
X-Spam-Level:
X-Spam-Status: No, score=-2.552 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.452, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4TUM-zxRZQnn for <cose@ietfa.amsl.com>; Tue, 10 Aug 2021 03:13:40 -0700 (PDT)
Received: from EUR04-HE1-obe.outbound.protection.outlook.com (mail-eopbgr70073.outbound.protection.outlook.com [40.107.7.73]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 03A533A0CCE for <cose@ietf.org>; Tue, 10 Aug 2021 03:13:39 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=QWFPscWW6Bn1t6ACRbKLvjkl4tqvWxrPi5muI1qGCb9mgYjxI3jnwoDVcP7jUxCXWbNRUNv5UqUFjapbO8TOmwNF3LvGv0CkX1oA58TN/1lqcsV/58A5quO/cP8o9Q3nC0kWeeIhuNql8EUBxkL3p5csEn54hh/NORzHwp/dLuk69cmXu9xjacAEGtc1K9XO11Hs3JZljSubF/BwsYsM8ov7PspYinw8KlZhTRf57UpWXI5gzVKpjHrBr4RPWtxV/0aYnU+kNjVu3HIrz9kvifNFywLQx2YPpB0zHVoyVptZYuR9CaOz33nW3J2J9CJgQynuCFC1824j677395ZapA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=xweVs7m1gVqkGQkPmh423f9PMT2WvB+25JS9g1FbOV8=; b=OAj4kM/zIgUF4FZs3KGbTdX56aM1xZXvCIAlVQA+D94mR5+9PH5QJdqSGZryiznRqiqpNX5kudUD9e7T8Bn6xqiLfA5o2ydBhBTp7DiUSIDfJf/eP9X2lTPWlu7ZsWuHGrSkwO2CTN8gnum+KSD+nsT/hMyFhUS9qpykD0uB/x98HcCpdOkRCEQquqYy6jssJGYlME2OvfKjIlCKzFMPBzK5BGuxAR9Qtgd8/RX00sPvSCIhioM30o9m6CkRJWKZZanmcpuuRRLoiQ/artj+VbOgZCe9degEtARdwLrFWNJJlg7Bn7h+tF4NhwHHqBtDJrB4WyveNhwgf+8WmSDlWQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ericsson.com; dmarc=pass action=none header.from=ericsson.com; dkim=pass header.d=ericsson.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=xweVs7m1gVqkGQkPmh423f9PMT2WvB+25JS9g1FbOV8=; b=E0C+jFMQupgp6oKYO2p7FjYSbKc4dOKnnf/+2JUU4Z2U/NY8cWBtCA1sZrYauWA6UyV1nJwYFYjYs68eJW1E/P8bZIX8caO95OnNtgO9aLHsTbmkr4jivLGCtdQIxduNTsMVlskjRQJqVwrrogdbzVlASV0aEmyebSswkod44p4=
Received: from HE1PR07MB3500.eurprd07.prod.outlook.com (2603:10a6:7:31::20) by HE1PR0702MB3834.eurprd07.prod.outlook.com (2603:10a6:7:8c::32) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4415.10; Tue, 10 Aug 2021 10:13:37 +0000
Received: from HE1PR07MB3500.eurprd07.prod.outlook.com ([fe80::7191:79ea:fa53:9014]) by HE1PR07MB3500.eurprd07.prod.outlook.com ([fe80::7191:79ea:fa53:9014%4]) with mapi id 15.20.4415.014; Tue, 10 Aug 2021 10:13:36 +0000
From: =?utf-8?B?R8O2cmFuIFNlbGFuZGVy?= <goran.selander@ericsson.com>
To: Laurence Lundblade <lgl@island-resort.com>
CC: "cose@ietf.org" <cose@ietf.org>
Thread-Topic: [COSE] Key identifier of type bstr / int
Thread-Index: AQHXhT54TcPpMfWo3E61Id/NsrhJv6triUiAgAEuhQA=
Date: Tue, 10 Aug 2021 10:13:36 +0000
Message-ID: <EDFDB6E4-2BDE-4E2E-9CF0-D771E2DEF3C6@ericsson.com>
References: <95B75634-B147-4756-A950-C6B139CF3ADD@ericsson.com> <9DF382AC-12A8-47A5-AAE7-2B0D75EAA669@island-resort.com>
In-Reply-To: <9DF382AC-12A8-47A5-AAE7-2B0D75EAA669@island-resort.com>
Accept-Language: en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.51.21071101
authentication-results: island-resort.com; dkim=none (message not signed) header.d=none;island-resort.com; dmarc=none action=none header.from=ericsson.com;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 48608447-0b22-481d-f209-08d95be7849a
x-ms-traffictypediagnostic: HE1PR0702MB3834:
x-microsoft-antispam-prvs: <HE1PR0702MB383470CD747A0315F293D141F4F79@HE1PR0702MB3834.eurprd07.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: aNCHudAnBb1r4XvIkxT5XK+O77G7XzReLzK5REBuXsPQJbEcrEpvRfb04H0stOlS5klQZQ6dRf5qo8B74kqXC51ej/rup7PlBCfQ1mpWwBr3XkZuhFAUJ6htmmNOjqDbvXka3ocTm+nrCppV6F+lzuUBPQkIB8i6PP3dI2eBSFEqf6XAPBLVTX2WSDS9zon2NUgGzK8Esm+UJkG4E09BBwSbXkSyhc1oSVItwcYq+u1COwYwtMGCE3RHrILulAcpZD5ZLreTqBtCt9+uoIKfUvDPeBbWFg6norpkxijwQrm57dQFVV6xddf11N9K65JqIvuaXL1FqlrmdqUpwEVzMSxiFZl9jPhm2hlj92B9g3DNLVtXoY3hIU1/kk8x7OncIO5KmqZQFqGGGEzVOF+4Xok+Gr+fg/8qQzmb8Z2yLxD+0/1eM77pFKJOaDbRgW1rWKcVmMNsOJYcXb2mDIsX41faxNDKgf3ar657y6ELlLd8lo1hFNp7JsRcV3Oj6+4+TfPQpT4a4GeAiJq/V36Iz6cqVKGC01CW22qjg+ssuFOSkHkTo8ZNQgUp6snpx4lKhC9K7dJJhFcUOrBi1/oxv+CpdivuicCDsJOxXXUIX+s1bKiP765HYy7uAeTeFNeVwbKVA4NJSR4tFpMVlbpwa9Q0H0dHPkM0TvcoT4bVQFm3VcHK95zAcIm98Z37WNGNggeAzA+2sqTLNL8wix7kia7d2VhJ6ZpHmx9CA+Bre7+uDk6PuQn47ZVhk4gl9NzqCB8YclpHmVwql4X9oNRBCRqGkKLGohz8rsKo3rrNBg8eTWM25Gz3brl+L+yCKBGB
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:HE1PR07MB3500.eurprd07.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(366004)(186003)(2906002)(38070700005)(6486002)(6512007)(8676002)(2616005)(33656002)(36756003)(85202003)(26005)(71200400001)(53546011)(6506007)(76116006)(6916009)(83380400001)(122000001)(64756008)(4326008)(316002)(66446008)(66574015)(66476007)(966005)(8936002)(85182001)(5660300002)(508600001)(86362001)(66556008)(38100700002)(66946007)(45980500001); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: =?utf-8?B?dWREOW1qSXRYY1kvbDFoVnRjREpiSmtNVE5BNG1odzlmKzdFR2ZuTEN6eVBy?= =?utf-8?B?RmlqdjZQMDhpbzJFOHlncjdCMUQ2bnR4Q2JHZzYrTWdFdis0c0tESmhqVExZ?= =?utf-8?B?Qno4b2EwU0MzK08rR0VRUVpQZ0NVT0JTQ0grNTBYOUNGL2lZcjZqNFZYSUJv?= =?utf-8?B?Tmt3SEdaUVRSTnl6ZTFYdlJFcTVwMC9kRlJmMmJjOG9JS0R1c2xsekE5djlC?= =?utf-8?B?TTZqcFVobjhBbkxaeitheVgzakF6M3dlZUo0RHo0YkMxQi9DT1VTNnk3NXBC?= =?utf-8?B?ZnhITzdmOXIzNExtTjdiV084NW85NlFLL0FROXkvQ08rbFJGUlRuZHkxc0JY?= =?utf-8?B?WERQbkdUVDd3VFI5K0lGbThsYXFua3VSRGZSQWhaQUZOM3Vxb1Q4L0tqV1JF?= =?utf-8?B?N3FrdTJxMTQzV1FGd3ZPL1hHM3kwMmNUNDJ1cVVPcGx3cGxQemZhb0tPWkRV?= =?utf-8?B?MHB5R1JxRDlMSkFEMWZDVnlRejVTWmRsb0g3SW1OeXJWMXVqUVZ2T3IrRlFy?= =?utf-8?B?a2M0bHVWdHo5eDlzSlYrNW9SdkpJbXpWNHorVVNwSlRHZ2VINVRCVlp2Y2Jv?= =?utf-8?B?Q0Rub3ZpTFVvZXZVN1BYekVoRFlENy9HcUhoSG15TTJRUU1uNWFUUW1LYzZY?= =?utf-8?B?NDJCRUl0dHJjSTVkWmlBMXhKYm4zRDZwYlFvQTV0ZEEvQUwrYXRLQnE3MGQ3?= =?utf-8?B?dDh1cW4veWtqQ0FpVm5UVnA4SE53M1FSQ081ekVqYnR0Zk5hZUtXemt2eVVs?= =?utf-8?B?ZFJuUGpmc3pOK2lTYTRRZFgrKy9FNEN4VFlOS3EyRkJqVXRCNnJGanNFN1ln?= =?utf-8?B?Sk5HM0ZDc2hubURtMy9rRHhoeW5sb3FlUG9nU2srdktyWDRTb2lKcFdmZldm?= =?utf-8?B?VDhiRWg5bFYxSGpjTC9mWUpuMjBzampCNk8reEJIeTJjOHd1bjFmNWd6TVFR?= =?utf-8?B?anZNWm5vZ25jbXI4ZHBTVEdZUklJOWt6dnRYUklIZTJITnZuTlNJbXhSNlBF?= =?utf-8?B?Uld1czhYZHlaV3FKRktPMDRGK1E1WUdjYVJoZHY1VWRHZFBOcHd4TzZmVitJ?= =?utf-8?B?SmFnUUFyQWZHb1pOWWpRMzhXOE50eFg0NEZjU2hxclJxYkxRTi91OUhQYm1M?= =?utf-8?B?ZmlFOFpiMXU0VDZ2Q25hUmVMZS82Qm9uY3cyM1JxQkY3QTJDcWM0OVNrdng0?= =?utf-8?B?Mzc4aEgrRTNHcndlMUlzZ2dpZHg1ZGM1U29Vd3NZaDNyWVR0STZTOW9WZ3ll?= =?utf-8?B?ZU1YaElxLzNaM29FTTBubCtIWEovcVp0UTlzcXlrdUlNN3pOWkY3RXFGeTlX?= =?utf-8?B?Y0RmMzArclBtNlRXWUlJNS80b1cyYzBVSTJmd1gyN2o4blE4OWJ6VnA3TVhl?= =?utf-8?B?bWdLbDhEelhEdUQrY2hlSEt5M1VvZiszcElnN1JCRGwzbTJjRitUQWN6Mnhs?= =?utf-8?B?bFY3b3hoRjgyQTVYOXg4VmJpWThTQ3ljSmRTNUxtQXVPeFNPOGNIaXpOMUo5?= =?utf-8?B?TU9GUElabEw0U280UUZubE1PUEd4TldjRzZCQks3SWx3ODNwd2paelVUajNw?= =?utf-8?B?ekF5ejB1Tlh4aUt2Y3ZYRms4STVJcCs3U1BHa2hHUXE1Yk9FejRZeStxTmhv?= =?utf-8?B?VW5oZWpvcVlmNU12VlY5K0hrZ1dNdWVvOGp5NmFibEVvZ2E4TEZpanNZQ0E2?= =?utf-8?B?QlIvUE55d2VZdDVxanp4dE82WThxY0YxMUdsZFF5YWtaOXlmWXh4ZTFjL0Z5?= =?utf-8?Q?oQp2BDF7KigPE9prFfuYzlJRu94cylSuBHnJ/r9?=
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_EDFDB6E42BDE4E2E9CF0D771E2DEF3C6ericssoncom_"
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: HE1PR07MB3500.eurprd07.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 48608447-0b22-481d-f209-08d95be7849a
X-MS-Exchange-CrossTenant-originalarrivaltime: 10 Aug 2021 10:13:36.8876 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: TNHXePmO8aeb0VO11eEB3xLWcUHtP8l6PjUyoxJhk34G/f6gXu4Gw3efMgebzwG04BMb+xoCOQOtBWfs9WL9KJGbzHUN+RPqxDYeO6AVO1w=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1PR0702MB3834
Archived-At: <https://mailarchive.ietf.org/arch/msg/cose/__zjhsaBMNBwCmfIjtiUUTcel_I>
Subject: Re: [COSE] Key identifier of type bstr / int
X-BeenThere: cose@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: CBOR Object Signing and Encryption <cose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cose>, <mailto:cose-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cose/>
List-Post: <mailto:cose@ietf.org>
List-Help: <mailto:cose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cose>, <mailto:cose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 10 Aug 2021 10:13:47 -0000

Thanks Laurence, these trade-offs are important to consider. The final message optimization is one of the open issues (#103) on the LAKE github and your comment is good input to that discussion. The background for this is the requirement for the LAKE protocol to perform well in constrained radio settings with small frame sizes where performance may be significantly degraded by exceeding certain limits. For these settings, every byte counts and some bytes just cannot be avoided, like a message authentication code or an ephemeral public key.

Assume that we do want to allow key identifiers to be CBOR ints in certain settings,  what is the best (least intrusive) way to allow this while still maintain compatibility with 'kid's supporting the type bstr? Another alternative to what has been listed below is to define 'kid2' to only be of type int - is that a better option?

Other thoughts?

Göran


From: Laurence Lundblade <lgl@island-resort.com>
Date: Monday, 9 August 2021 at 20:11
To: Göran Selander <goran.selander@ericsson.com>
Cc: "cose@ietf.org" <cose@ietf.org>
Subject: Re: [COSE] Key identifier of type bstr / int

A small comment on code size as the author of a commercial-quality COSE implementation designed to have small code size.

There is a bit of a trade-off between code size and bytes on the wire. Reducing the bytes on the wire by one byte in this case will lead to an increase in code size by a lot more than one byte, assuming both int and bstr are supported. If both are not supported, then there is #ifdef complexity and configuration work with general purpose COSE implementations.

Most of the code cost for me in implementing COSE is in the header parameter decoding.

This desire to save 1 CBOR byte here and there at the cost of code / complexity shows up elsewhere. Here’s one from CoSWID

one-or-more<T> = T / [ 2* T ]

This could just be an array.

I don’t know the use cases, but I’m a little skeptical these sorts of things are worth a byte or two on the wire.

LL




On Jul 30, 2021, at 5:28 AM, Göran Selander <goran.selander=40ericsson.com@dmarc.ietf.org<mailto:goran.selander=40ericsson.com@dmarc.ietf.org>> wrote:

Hi,

In LAKE yesterday we had a discussion on compact key identifiers. The main candidate to use, 'kid', is specified as a CBOR bstr, which is typically at least 2 bytes (exception: empty bstr which is 1 byte). We therefore want to allow keys to be identified with CBOR ints which has 48 1-byte values to allow for a larger number of optimally small identifiers.

One solution would be to define a new COSE key common parameter and COSE header parameter, say 'kid2', of type bstr / int. Another solution would be to extend 'kid' to be bstr / int.

In the former case a 'kid2' can be used to reference keys identified with either 'kid2' or 'kid', but 'kid' would not be able to reference keys identified with 'kid2' having an int value. Not clear to me if that is a problem.

While the LAKE WG did not express any preference, one opinion I learnt after the meeting was a preference of extending 'kid' to bstr / int.

What do folks in COSE think?

I'm familiar with the process of registering new COSE parameters, what is the requirement for changing the value type of an existing registration? Standards action with expert review?

Thanks
Göran


_______________________________________________
COSE mailing list
COSE@ietf.org<mailto:COSE@ietf.org>
https://www.ietf.org/mailman/listinfo/cose

v2.8.7 | Report a Bug | By Email