Re: [jose] 192 bit AES keys

Richard Barnes <rlb@ipv.sx> Fri, 19 July 2013 17:14 UTC

Return-Path: <rlb@ipv.sx>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 85F5E11E814E for <jose@ietfa.amsl.com>; Fri, 19 Jul 2013 10:14:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.076
X-Spam-Level:
X-Spam-Status: No, score=-3.076 tagged_above=-999 required=5 tests=[AWL=-0.100, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id p3kRmpRDr+lW for <jose@ietfa.amsl.com>; Fri, 19 Jul 2013 10:14:02 -0700 (PDT)
Received: from mail-oa0-f45.google.com (mail-oa0-f45.google.com [209.85.219.45]) by ietfa.amsl.com (Postfix) with ESMTP id 5595911E80FD for <jose@ietf.org>; Fri, 19 Jul 2013 10:14:02 -0700 (PDT)
Received: by mail-oa0-f45.google.com with SMTP id j1so6381978oag.18 for <jose@ietf.org>; Fri, 19 Jul 2013 10:14:01 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:x-originating-ip:in-reply-to:references:date :message-id:subject:from:to:cc:content-type:x-gm-message-state; bh=HOIqz8ecQUG4RiCFPktfGs+YHadBMk0VgK1u/DBxJDw=; b=KslQ0IO7xJUPPD89tAm9htNToZLZGZBnVnrRaHYG/jwCqcntg5HpH1ct0hc1fCiEAk Q1lJS5yNMsDlMhGB6ejRI2+4kTQ07d6JClcOHFK9xOjnxqvkLJc+t6q9iLfIj84sMWFY oymQ8qoKPa1XCQMLh7LKcirdpl0Xc/fLzBMXYo2ix6ZQ1DNI/idTMW9HULJJ3zzRGEAf Cs5t7AJxvNd3b28PUJxwzuWtn9ckTg1qa+i96NDqLc6Gb9DLf3EvEjpWrjDuR9Lrwxv6 zXg8d5Fk0UHyKL6jzUVc5Mws1EHV/AEv9Nsv/5JFb+CizzUtRE5KtsvTq3wwVovM7m8R NSzA==
MIME-Version: 1.0
X-Received: by 10.182.105.99 with SMTP id gl3mr13093976obb.94.1374254041796; Fri, 19 Jul 2013 10:14:01 -0700 (PDT)
Received: by 10.60.26.135 with HTTP; Fri, 19 Jul 2013 10:14:01 -0700 (PDT)
X-Originating-IP: [192.1.51.54]
In-Reply-To: <038401ce84a2$f670a970$e351fc50$@augustcellars.com>
References: <4E1F6AAD24975D4BA5B16804296739436B6EC698@TK5EX14MBXC284.redmond.corp.microsoft.com> <5CC365A3-7A21-40B3-B5A1-044E4B82D221@ve7jtb.com> <CAL02cgQH5czkGRn2daZh71Jci5oKFBoOfTzOfmHVD-Tah0g-sw@mail.gmail.com> <038401ce84a2$f670a970$e351fc50$@augustcellars.com>
Date: Fri, 19 Jul 2013 13:14:01 -0400
Message-ID: <CAL02cgSdEMgXNzu3OSctTLmAcK5N9VUjEC9UtiNwE0zsFr7wUg@mail.gmail.com>
From: Richard Barnes <rlb@ipv.sx>
To: Jim Schaad <ietf@augustcellars.com>
Content-Type: multipart/alternative; boundary=e89a8ff2545cfe254e04e1e073e4
X-Gm-Message-State: ALoCoQkRFBLhOMWKdfvaaWLsKu3giDswSVDaobfiykktR8WObMsxflEVkJbqniPtI+oYdg4zCqUV
Cc: John Bradley <ve7jtb@ve7jtb.com>, Mike Jones <Michael.Jones@microsoft.com>, "jose@ietf.org" <jose@ietf.org>
Subject: Re: [jose] 192 bit AES keys
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 19 Jul 2013 17:14:07 -0000

Ok, fine.  :)

I can buy that it needs to be there for key derivation in the combined
cases (e.g., ECDH-ES+A128GCM).  The need to specify key length at
generation time is not a JOSE issue.


On Fri, Jul 19, 2013 at 1:11 PM, Jim Schaad <ietf@augustcellars.com> wrote:

> We need to keep key lengths in algorithm ids for the purpose of key
> derivation.  Additionally there would need to be some way to signal the key
> length to the system when doing key generation****
>
> ** **
>
> i.e. you would need to change****
>
> jose.SetCEKAlgorithm(“AES128”) to****
>
> jose.SetCEKAlgoirthm(“AES”, 128)****
>
> ** **
>
> jim****
>
> ** **
>
> ** **
>
> *From:* jose-bounces@ietf.org [mailto:jose-bounces@ietf.org] *On Behalf
> Of *Richard Barnes
> *Sent:* Friday, July 19, 2013 9:47 AM
> *To:* John Bradley
> *Cc:* Mike Jones; jose@ietf.org
> *Subject:* Re: [jose] 192 bit AES keys****
>
> ** **
>
> Or we could just remove the key lengths from the algorithm IDs altogether
> ;)  They really don't add any value.****
>
> ** **
>
> On Thu, Jul 18, 2013 at 6:17 PM, John Bradley <ve7jtb@ve7jtb.com> wrote:**
> **
>
> I am OK with registering the 192 bit versions.
>
> Sent from my iPhone****
>
>
> On Jul 18, 2013, at 5:17 PM, Mike Jones <Michael.Jones@microsoft.com>
> wrote:****
>
> Richard had previously requested that we register algorithm identifiers
> for AES using 192 bit keys.  As he previously pointed out, “It seems like
> if we're going to support AES, then we should support AES.  Every AES
> library I know of supports all three key lengths, so it's not like there's
> extra cost besides the registry entry.”  (I’ll note that we already have
> algorithm identifiers for the “mid-size” HMAC and signature functions
> “HS384”, “RS384”, and “ES384”.)****
>
>  ****
>
> I heard no objections at the time.  I’m therefore thinking that we should
> register algorithm identifiers for these key sizes as well.  Specifically,
> we would add:****
>
> “A192KW”, “ECDH-ES+A192KW”, “A192GCMKW”, “PBES2-HS256+A192KW”,
> “A192CBC-HS384”, and “A192GCM”.  Support for these algorithms would be
> optional.****
>
>  ****
>
> What do people think?****
>
>  ****
>
>                                                             -- Mike****
>
>  ****
>
> _______________________________________________
> jose mailing list
> jose@ietf.org
> https://www.ietf.org/mailman/listinfo/jose****
>
>
> _______________________________________________
> jose mailing list
> jose@ietf.org
> https://www.ietf.org/mailman/listinfo/jose****
>
> ** **
>