IETF Logo Mail Archive

Re: [jose] Draft describing encrypting JWK key representations, with JWE

Richard Barnes <rlb@ipv.sx> Fri, 15 March 2013 16:43 UTC

Return-Path: <rlb@ipv.sx>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 53AEE21F86DE for <jose@ietfa.amsl.com>; Fri, 15 Mar 2013 09:43:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.435
X-Spam-Level:
X-Spam-Status: No, score=-0.435 tagged_above=-999 required=5 tests=[AWL=-0.010, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RDNS_NONE=0.1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QXwAyPjsb89C for <jose@ietfa.amsl.com>; Fri, 15 Mar 2013 09:43:17 -0700 (PDT)
Received: from mail-ob0-x22f.google.com (mail-ob0-x22f.google.com [IPv6:2607:f8b0:4003:c01::22f]) by ietfa.amsl.com (Postfix) with ESMTP id EA97A21F8881 for <jose@ietf.org>; Fri, 15 Mar 2013 09:43:15 -0700 (PDT)
Received: by mail-ob0-f175.google.com with SMTP id uz6so3396510obc.20 for <jose@ietf.org>; Fri, 15 Mar 2013 09:43:14 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:x-received:x-originating-ip:in-reply-to:references :date:message-id:subject:from:to:cc:content-type:x-gm-message-state; bh=GNyai0NY0ud8mJSWozwZJkyGPhLhn3SEduTa9Bs/FD8=; b=aIKvrKDbH8ebT1ZX6CtDBuBeKc0qQqVc90FcZZLAHxlT3qrawDZNrfNQcmg4SmNPW0 KmPD7xPapI52RxFqY8sQbKOYq0R9RLQ3tYUswEpIGMTLf199OPS4RT1/k8v3S0o3XyK2 0UnPW1tiAP33hfG6LVL6Uq3gRkvu7nEwXZLER4N7OQnWp1VAEtHqqYrx3Y7V5yJmWBDq gzpULkYGmbx0L5GNvaDTlUzGmKx6ja6R56uEE/FQ4VoP0Xo8otYJvf3QCTnFOQQ2Dmwm jT53ouqgjm1F+kEuz+Bn9Tg23pYu8LzDtZNwvWK0dLg6TigpyZEXZtfzMsIWh1o2gvAR sI3A==
MIME-Version: 1.0
X-Received: by 10.60.9.1 with SMTP id v1mr3097159oea.130.1363365794408; Fri, 15 Mar 2013 09:43:14 -0700 (PDT)
Received: by 10.60.40.233 with HTTP; Fri, 15 Mar 2013 09:43:14 -0700 (PDT)
X-Originating-IP: [128.89.254.149]
In-Reply-To: <4E1F6AAD24975D4BA5B168042967394367526568@TK5EX14MBXC284.redmond.corp.microsoft.com>
References: <mailman.4019.1363356696.3432.cfrg@irtf.org> <51433B12.1020703@gmail.com> <4E1F6AAD24975D4BA5B168042967394367526568@TK5EX14MBXC284.redmond.corp.microsoft.com>
Date: Fri, 15 Mar 2013 12:43:14 -0400
Message-ID: <CAL02cgQ8=yKwArwvR228Z=xi0N3U6yvoOHt6M-3EuCD_HYkyww@mail.gmail.com>
From: Richard Barnes <rlb@ipv.sx>
To: Mike Jones <Michael.Jones@microsoft.com>
Content-Type: multipart/alternative; boundary="e89a8fb20318e0001104d7f95560"
X-Gm-Message-State: ALoCoQm33H2TDVPRYy0Q3rEhw2POloBoasK/4JgY/wQ0fbff5j0paqf3MLrIJm1DIyANx8g4GvWP
Cc: Yaron Sheffer <yaronf.ietf@gmail.com>, "cfrg@irtf.org" <cfrg@irtf.org>, "jose@ietf.org" <jose@ietf.org>
Subject: Re: [jose] Draft describing encrypting JWK key representations, with JWE
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 15 Mar 2013 16:43:18 -0000

So, Mike, would you be OK with adding PBE to JWE / JWA, as a new key
wrapping algorithm?

--Richard



On Fri, Mar 15, 2013 at 12:14 PM, Mike Jones <Michael.Jones@microsoft.com>wrote:

> [Adding JOSE mailing list to the thread]
>
> For clarification, PBKDF2 is not the only algorithm that could be used to
> wrap keys in this scheme.  This draft *adds* PBKDF2 to the set of
> algorithms already specified for use with encryption in the JSON Web
> Algorithms (JWA) specification (
> http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-08).  In
> particular, other algorithms such as AES Key Wrap and AES GCM are also
> present there.
>
> I'll let others who are experts in PBKDF2 and password-based encryption
> respond to Yaron's specific comment.
>
>                                 -- Mike
>
> -----Original Message-----
> From: Yaron Sheffer [mailto:yaronf.ietf@gmail.com]
> Sent: Friday, March 15, 2013 8:16 AM
> To: cfrg@irtf.org; Mike Jones
> Subject: Re: Draft describing encrypting JWK key representations, with JWE
>
> Hi Mike,
>
> I'm probably missing something, but I'm worried about the security of this
> scheme (though I do appreciate the usability/convenience of passwords).
>
> PBKDF2 is meant to make dictionary attacks on stored passwords harder, as
> a second line defense, once the server has been breached. Using it to
> encrypt data and then sending the data on the wire, makes the data
> vulnerable to this same dictionary attack (in this case the effort comes to
> the space of all possible passwords - say 1 million - times 1000).
> Moreover, this also puts the password itself in danger.
>
> Thanks,
>         Yaron
>
> >
> > ------------------------------
> >
> > Message: 5
> > Date: Fri, 15 Mar 2013 14:10:32 +0000
> > From: Mike Jones <Michael.Jones@microsoft.com>
> > To: "cfrg@irtf.org" <cfrg@irtf.org>
> > Subject: [Cfrg] Draft describing encrypting JWK key representations
> >       with JWE
> > Message-ID:
> >
> > <4E1F6AAD24975D4BA5B168042967394367522C60@TK5EX14MBXC284.redmond.corp.
> > microsoft.com>
> >
> > Content-Type: text/plain; charset="us-ascii"
> >
> > http://tools.ietf.org/html/draft-miller-jose-jwe-protected-jwk-01
> >
> > This also adds password-based encryption to the algorithm registry.
> >
> >                                                              -- Mike
> >
> > -------------- next part -------------- An HTML attachment was
> > scrubbed...
> > URL:
> > <http://www.irtf.org/mail-archive/web/cfrg/attachments/20130315/02e36b
> > 24/attachment.htm>
> >
> > ------------------------------
> >
> > _______________________________________________
> > Cfrg mailing list
> > Cfrg@irtf.org
> > http://www.irtf.org/mailman/listinfo/cfrg
> >
> >
> > End of Cfrg Digest, Vol 95, Issue 3
> > ***********************************
> >
> _______________________________________________
> jose mailing list
> jose@ietf.org
> https://www.ietf.org/mailman/listinfo/jose
>

v2.23.0 | Report a Bug | By Email