[jose] #4: Impossible to separate wrapped key from encrypted data

"jose issue tracker" <trac+jose@trac.tools.ietf.org> Fri, 18 January 2013 23:24 UTC

Return-Path: <trac+jose@trac.tools.ietf.org>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id B82EF21F8713 for <jose@ietfa.amsl.com>; Fri, 18 Jan 2013 15:24:04 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.599
X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id OWoGT-Ej1P2p for <jose@ietfa.amsl.com>; Fri, 18 Jan 2013 15:24:04 -0800 (PST)
Received: from grenache.tools.ietf.org (grenache.tools.ietf.org [IPv6:2a01:3f0:1:2::30]) by ietfa.amsl.com (Postfix) with ESMTP id 28BB221F8698 for <jose@ietf.org>; Fri, 18 Jan 2013 15:24:04 -0800 (PST)
Received: from localhost ([]:39101 helo=grenache.tools.ietf.org ident=www-data) by grenache.tools.ietf.org with esmtp (Exim 4.80) (envelope-from <trac+jose@trac.tools.ietf.org>) id 1TwLHv-0006rQ-Ob; Sat, 19 Jan 2013 00:23:55 +0100
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: "jose issue tracker" <trac+jose@trac.tools.ietf.org>
X-Trac-Version: 0.12.3
Precedence: bulk
Auto-Submitted: auto-generated
X-Mailer: Trac 0.12.3, by Edgewall Software
To: draft-ietf-jose-json-web-encryption@tools.ietf.org, rbarnes@bbn.com
X-Trac-Project: jose
Date: Fri, 18 Jan 2013 23:23:55 -0000
X-URL: http://tools.ietf.org/jose/
X-Trac-Ticket-URL: http://trac.tools.ietf.org/wg/jose/trac/ticket/4
Message-ID: <054.24cd2b074db2dc2bbbcb828a8456fbe9@trac.tools.ietf.org>
X-Trac-Ticket-ID: 4
X-SA-Exim-Rcpt-To: draft-ietf-jose-json-web-encryption@tools.ietf.org, rbarnes@bbn.com, jose@ietf.org
X-SA-Exim-Mail-From: trac+jose@trac.tools.ietf.org
X-SA-Exim-Scanned: No (on grenache.tools.ietf.org); SAEximRunCond expanded to false
Resent-To: ekr@rtfm.com, jhildebr@cisco.com, mbj@microsoft.com
Resent-Message-Id: <20130118232404.28BB221F8698@ietfa.amsl.com>
Resent-Date: Fri, 18 Jan 2013 15:24:04 -0800 (PST)
Resent-From: trac+jose@trac.tools.ietf.org
X-Mailman-Approved-At: Fri, 18 Jan 2013 15:43:29 -0800
Cc: jose@ietf.org
Subject: [jose] #4: Impossible to separate wrapped key from encrypted data
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.12
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 18 Jan 2013 23:24:04 -0000

#4: Impossible to separate wrapped key from encrypted data

 Because the integrity check includes the wrapped key, all header
 parameters must be repeated for each recipient.  It is not possible to
 send ciphertext, then deliver wrapped keys (as in the XMPP use case),
 because the ciphertext must be different for each recipient (because the
 ICV is different).  In addition, in these asynchronous use cases, the
 sender must cache the plaintext of the message, rather than just the key
 (for wrapping to new recipients).  There has been no demonstrated security
 benefit to offset the added cost and risk.

 Reporter:               |      Owner:  draft-ietf-jose-json-web-
  rbarnes@bbn.com        |  encryption@tools.ietf.org
     Type:  defect       |     Status:  new
 Priority:  major        |  Milestone:
Component:  json-web-    |    Version:
  encryption             |   Keywords:
 Severity:  Active WG    |
  Document               |

Ticket URL: <http://trac.tools.ietf.org/wg/jose/trac/ticket/4>
jose <http://tools.ietf.org/jose/>