Re: [Jose-reg-review] Request to register JOSE algorithms for the FIDO Alliance

"Rolf Lindemann" <rlindemann@noknok.com> Fri, 01 June 2018 21:45 UTC

Return-Path: <rlindemann@noknok.com>
X-Original-To: jose-reg-review@ietfa.amsl.com
Delivered-To: jose-reg-review@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 528A812DA1C for <jose-reg-review@ietfa.amsl.com>; Fri, 1 Jun 2018 14:45:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.99
X-Spam-Level:
X-Spam-Status: No, score=-1.99 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, T_KAM_HTML_FONT_INVALID=0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=noknok.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3ttdvmU7gaAf for <jose-reg-review@ietfa.amsl.com>; Fri, 1 Jun 2018 14:45:24 -0700 (PDT)
Received: from mail-qt0-x235.google.com (mail-qt0-x235.google.com [IPv6:2607:f8b0:400d:c0d::235]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4FFCD12DA4C for <jose-reg-review@ietf.org>; Fri, 1 Jun 2018 14:45:24 -0700 (PDT)
Received: by mail-qt0-x235.google.com with SMTP id e8-v6so33993294qth.0 for <jose-reg-review@ietf.org>; Fri, 01 Jun 2018 14:45:24 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=noknok.com; s=google; h=reply-to:from:to:cc:references:in-reply-to:subject:date :organization:message-id:mime-version:thread-index:content-language; bh=iLyv8mxC7OdjQc5nsa+bx+SSQWTbw5AhpsUw4EEh6V4=; b=aSXdHtaXUzBLecjHtH0WpGrgA6NJYH3VWIJFUh1H2Jgo6sjhfuLBnkChADTTbmaO39 MlzD1FHI6MKFdy01munoCQ+w1dcVuRFMXV095aTGoW/LJTWQz0jsFB1vsXGYcIuRV1w8 KBYQcs0NlKwrQIXQBEk78m3Ip9tP3+EnSO0o4=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:reply-to:from:to:cc:references:in-reply-to :subject:date:organization:message-id:mime-version:thread-index :content-language; bh=iLyv8mxC7OdjQc5nsa+bx+SSQWTbw5AhpsUw4EEh6V4=; b=S1PIn+0k5sWQCeACDv64NW+rPnwa3I/m+CDOW0ufvAyApcZGE2GkNL5NFhKUMO4TFC NU0wp8FFycquJQYqK5Do1w3liiQtR3Ioulp/MYSGQc9McflOLGWOprnNzPHcOaMqb6gZ JxpVWVOuS/wkskH+K1NGMoVA56RKP7wIY6OQ1sQx9bp/Uu8fJlw6D06MgqzTzFeAvNPn 9Fq3IMaBAcW7dcqpVNrnIII7CizqMv+ou5iBI1vrfbYQJ6yOJiLYD/wG8vJ21l34Txnx AnmSXOwa4z0SyvqhzxQZgpQQEM/Sz2VxMYXqOFFkKwBd9b54SKuoRp/I8zv8eQ3wk6aJ /eeQ==
X-Gm-Message-State: APt69E0vwnlX+06BkON1Uo070Z/GlE7m+GUcDDNmtis55oEb5TNj8bQZ eBwDpdCG75ZZBcDvL6alafHd
X-Google-Smtp-Source: ADUXVKIJDjYwRgtbbftdf+/dT2M6KMj1jyHSxyWYEJjmPB/UZmlSbFTfx/0OQSWO7/f8J1eUe9CDmQ==
X-Received: by 2002:a0c:f64d:: with SMTP id s13-v6mr12307908qvm.105.1527889523251; Fri, 01 Jun 2018 14:45:23 -0700 (PDT)
Received: from Myra ([216.9.109.60]) by smtp.gmail.com with ESMTPSA id e96-v6sm18444250qtb.69.2018.06.01.14.45.19 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 01 Jun 2018 14:45:22 -0700 (PDT)
Reply-To: <rolf@noknok.com>
From: "Rolf Lindemann" <rlindemann@noknok.com>
To: "'Jim Schaad'" <ietf@augustcellars.com>, <rolf@noknok.com>, <jose-reg-review@ietf.org>
Cc: <jca@zurich.ibm.com>, <mbj@microsoft.com>, "'Hodges, Jeff'" <jeff.hodges@paypal.com>
References: <0ab801d3f9ce$40d7cca0$c28765e0$@noknok.com> <00b601d3f9e6$a3928840$eab798c0$@augustcellars.com>
In-Reply-To: <00b601d3f9e6$a3928840$eab798c0$@augustcellars.com>
Date: Fri, 1 Jun 2018 23:45:20 +0200
Organization: Nok Nok Labs
Message-ID: <0b9501d3f9f1$d8aa7280$89ff5780$@noknok.com>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----=_NextPart_000_0B96_01D3FA02.9C395D00"
X-Mailer: Microsoft Outlook 14.0
Thread-Index: AQGeHCvjivkU/KJfI12hng9o59W1hwHTHdwipKkSKvA=
Content-Language: de
Archived-At: <https://mailarchive.ietf.org/arch/msg/jose-reg-review/ssKmNJogakmt3BOyzgD0S5yBd0Y>
Subject: Re: [Jose-reg-review] Request to register JOSE algorithms for the FIDO Alliance
X-BeenThere: jose-reg-review@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "The JSON Web Algorithm standard \(RFC 7518\) establishes this email list for designated experts to discuss proposed changes, additions, and removals to the set of algorithms in the JSON Object Signing and Encryption \(JOSE\) registry, http://www.iana.org/assignments/jose." <jose-reg-review.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose-reg-review>, <mailto:jose-reg-review-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/jose-reg-review/>
List-Post: <mailto:jose-reg-review@ietf.org>
List-Help: <mailto:jose-reg-review-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose-reg-review>, <mailto:jose-reg-review-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 01 Jun 2018 21:45:27 -0000

Please see https://eprint.iacr.org/2015/1246 for that.

 

That is the reference included in the IANA considerations section of the
document (see
<https://fidoalliance.org/specs/fido-v2.0-id-20180227/fido-ecdaa-algorithm-v
2.0-id-20180227.html#iana-considerations>
https://fidoalliance.org/specs/fido-v2.0-id-20180227/fido-ecdaa-algorithm-v2
.0-id-20180227.html#iana-considerations)

 

Von: Jim Schaad [mailto:ietf@augustcellars.com] 
Gesendet: Freitag, 1. Juni 2018 22:25
An: rolf@noknok.com; jose-reg-review@ietf.org
Cc: jca@zurich.ibm.com; mbj@microsoft.com; 'Hodges, Jeff'
Betreff: RE: [Jose-reg-review] Request to register JOSE algorithms for the
FIDO Alliance

 

Are there any crypto analysis papers that I can peruse in case I am
interested?

 

From: Jose-reg-review <jose-reg-review-bounces@ietf.org>; On Behalf Of Rolf
Lindemann
Sent: Friday, June 1, 2018 10:31 AM
To: jose-reg-review@ietf.org
Cc: jca@zurich.ibm.com; mbj@microsoft.com; 'Hodges, Jeff'
<jeff.hodges@paypal.com>;
Subject: [Jose-reg-review] Request to register JOSE algorithms for the FIDO
Alliance

 

Hi,

 

The FIDO Alliance would like to register the following algorithms in the
IANA "JSON Web Signature and Encryption Algorithms" registry:

1. "ED256", see
<https://fidoalliance.org/specs/fido-v2.0-id-20180227/fido-ecdaa-algorithm-v
2.0-id-20180227.html#iana-considerations>
https://fidoalliance.org/specs/fido-v2.0-id-20180227/fido-ecdaa-algorithm-v2
.0-id-20180227.html#iana-considerations

2. "ED512", see
<https://fidoalliance.org/specs/fido-v2.0-id-20180227/fido-ecdaa-algorithm-v
2.0-id-20180227.html#iana-considerations>
https://fidoalliance.org/specs/fido-v2.0-id-20180227/fido-ecdaa-algorithm-v2
.0-id-20180227.html#iana-considerations

3. "ED638", see
<https://fidoalliance.org/specs/fido-v2.0-id-20180227/fido-ecdaa-algorithm-v
2.0-id-20180227.html#iana-considerations>
https://fidoalliance.org/specs/fido-v2.0-id-20180227/fido-ecdaa-algorithm-v2
.0-id-20180227.html#iana-considerations

4. "ED256-2", 

    - Name "ED256-2"

    - Algorithm Description: ECDAA algorithm based on ECC_BN_DSD_P256 (
<https://fidoalliance.org/specs/fido-v2.0-id-20180227/fido-ecdaa-algorithm-v
2.0-id-20180227.html#bib-DevScoDah2007>
https://fidoalliance.org/specs/fido-v2.0-id-20180227/fido-ecdaa-algorithm-v2
.0-id-20180227.html#bib-DevScoDah2007) curve using SHA256 algorithm.

    - Algorithm Usage Locations: "alg", i.e. used with JWS.

    - JOSE Implementation Requirements: optional

    - Change Controller: FIDO Alliance,  <https://fidoalliance.org/contact/>
https://fidoalliance.org/contact/ 

    - Sections 3. FIDO ECDAA Attestation (
<https://fidoalliance.org/specs/fido-v2.0-id-20180227/fido-ecdaa-algorithm-v
2.0-id-20180227.html#fido-ecdaa-attestation>
https://fidoalliance.org/specs/fido-v2.0-id-20180227/fido-ecdaa-algorithm-v2
.0-id-20180227.html#fido-ecdaa-attestation) and 4. FIDO ECDAA Object Formats
and Algorithm Details (
<https://fidoalliance.org/specs/fido-v2.0-id-20180227/fido-ecdaa-algorithm-v
2.0-id-20180227.html#fido-ecdaa-object-formats-and-algorithm-details>
https://fidoalliance.org/specs/fido-v2.0-id-20180227/fido-ecdaa-algorithm-v2
.0-id-20180227.html#fido-ecdaa-object-formats-and-algorithm-details) of
[FIDOEcdaaAlgorithm].

    - Algorithm Analysis Document(s):
<https://fidoalliance.org/specs/fido-v2.0-id-20180227/fido-ecdaa-algorithm-v
2.0-id-20180227.html#bib-FIDO-DAA-Security-Proof>
https://fidoalliance.org/specs/fido-v2.0-id-20180227/fido-ecdaa-algorithm-v2
.0-id-20180227.html#bib-FIDO-DAA-Security-Proof 

("ED256-2" should have also been in the IANA Considerations section but
isn't due to a clerical error.)

 

These names are related to cryptographic algorithms for Direct Anonymous
Attestation.  The relevant details are described in
<https://fidoalliance.org/specs/fido-v2.0-id-20180227/fido-ecdaa-algorithm-v
2.0-id-20180227.html#iana-considerations>
https://fidoalliance.org/specs/fido-v2.0-id-20180227/fido-ecdaa-algorithm-v2
.0-id-20180227.html#iana-considerations. 

The algorithms were developed by Jan Camenisch of IBM (cc'ed) - a
cryptographic expert.  They are in production use in FIDO deployments.

 

Kind regards,

     Rolf Lindemann