IETF Logo Mail Archive

Re: [COSE] RAM requirements for COSE/CWT

Carsten Bormann <cabo@tzi.org> Mon, 21 February 2022 07:04 UTC

Return-Path: <cabo@tzi.org>
X-Original-To: cose@ietfa.amsl.com
Delivered-To: cose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DFEE03A087D; Sun, 20 Feb 2022 23:04:01 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.899
X-Spam-Level:
X-Spam-Status: No, score=-6.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 38u__OhRiTMc; Sun, 20 Feb 2022 23:03:56 -0800 (PST)
Received: from gabriel-smtp.zfn.uni-bremen.de (gabriel-smtp.zfn.uni-bremen.de [IPv6:2001:638:708:32::15]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E36B13A0881; Sun, 20 Feb 2022 23:03:53 -0800 (PST)
Received: from smtpclient.apple (p5089ad4f.dip0.t-ipconnect.de [80.137.173.79]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by gabriel-smtp.zfn.uni-bremen.de (Postfix) with ESMTPSA id 4K2CvS5f9HzDCcW; Mon, 21 Feb 2022 08:03:48 +0100 (CET)
Content-Type: text/plain; charset=utf-8
Mime-Version: 1.0 (Mac OS X Mail 15.0 \(3693.60.0.1.1\))
From: Carsten Bormann <cabo@tzi.org>
In-Reply-To: <e8995f0c-ad85-f702-da6b-051ffdc4cb08@gmail.com>
Date: Mon, 21 Feb 2022 08:03:48 +0100
Cc: "rats@ietf.org" <rats@ietf.org>, "cose@ietf.org" <cose@ietf.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <B2FD3016-6EBB-44A0-BCF8-6C473D624371@tzi.org>
References: <e8995f0c-ad85-f702-da6b-051ffdc4cb08@gmail.com>
To: Anders Rundgren <anders.rundgren.net@gmail.com>
X-Mailer: Apple Mail (2.3693.60.0.1.1)
Archived-At: <https://mailarchive.ietf.org/arch/msg/cose/z5Z8-Kk5UALyl78dlj3kE_IHWbg>
Subject: Re: [COSE] RAM requirements for COSE/CWT
X-BeenThere: cose@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: CBOR Object Signing and Encryption <cose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cose>, <mailto:cose-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cose/>
List-Post: <mailto:cose@ietf.org>
List-Help: <mailto:cose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cose>, <mailto:cose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 21 Feb 2022 07:04:02 -0000

Hi Anders,

> On 21. Feb 2022, at 07:17, Anders Rundgren <anders.rundgren.net@gmail.com> wrote:
> 
> Pardon the cross-posting...
> 
> A pretty strange subject line, right? :)
> 
> However, there is a reality in the form of constrained devices that in order to use COSE must either turn to yucky infinite-length encoding

Indefinite-length encoding (infinite-length encoding would be much harder :-).
No, it’s not yucky; it is there so you can use it if you need it.

> (https://datatracker.ietf.org/doc/html/draft-ietf-rats-eat-11#section-8.3.1) or create the entire payload in RAM, here assuming that the exact size of the payload in bytes is not known in advance.

To sign something you need to reify the signing input.  I don’t know why you think COSE is different here.
I’m not sure what you mean by "create the entire payload in RAM” — if you mean “at once” that is not the case.

> X.509 certificates (that were created in a time when virtually all devices were constrained) do not suffer from these problems due to their reliance on deterministic encoding, followed by a separate signature item.   A further advantage of the X.509 approach compared to COSE/CWT, is that the claims are not stuffed in a blob requiring yet another layer of decoding.  However, compared to ASN.1, CBOR is much more "RAM-friendly" since it doesn't impose a byte-length over items enclosed in a map or array.  Concatenation is all you need!

ASN.1 BER and CBOR have in common that a head precedes the data items controlled by this head.
Both have definite-length and indefinite-length encoding variants.
In definite-length BER (as used in DER), you need to know the lengths in bytes, so you need complex multi-pass strategies or back patching.
In CBOR you don’t need a length in bytes (except for strings); but for CBOR’s definite length encoding you still need the to know the number of enclosed items at the time of generating the head.

> I believe the time has come to seriously look into alternatives to COSE since it was "inspired" by JOSE.   CBOR <<>> JSON.

COSE was inspired by JOSE, but it avoids most of JOSE’s disadvantages.
Either because CBOR already trivially solves them, or by conscious design based on what we learned from the JOSE experience.

Grüße, Carsten

v2.8.7 | Report a Bug | By Email