Re: [jose] PBES2-HS256+A128KW: where do salt and iteration count go?

"Matt Miller (mamille2)" <mamille2@cisco.com> Wed, 17 July 2013 01:51 UTC

Return-Path: <mamille2@cisco.com>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 26C4D21F9A72 for <jose@ietfa.amsl.com>; Tue, 16 Jul 2013 18:51:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -11.599
X-Spam-Level:
X-Spam-Status: No, score=-11.599 tagged_above=-999 required=5 tests=[AWL=1.000, BAYES_00=-2.599, GB_I_LETTER=-2, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9Pj661c7bwlZ for <jose@ietfa.amsl.com>; Tue, 16 Jul 2013 18:51:41 -0700 (PDT)
Received: from rcdn-iport-6.cisco.com (rcdn-iport-6.cisco.com [173.37.86.77]) by ietfa.amsl.com (Postfix) with ESMTP id 39AC521F9A18 for <jose@ietf.org>; Tue, 16 Jul 2013 18:51:41 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=8077; q=dns/txt; s=iport; t=1374025901; x=1375235501; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=oW0aNAPtwP1qZy85JgTPRoC3A/BSURcjgj/AjD1EeDs=; b=E7zR35Y+rO7+EUmPHXVgOzaE45QD8GHo3fatqpNgEgPvzHDWzfce+Xn8 q3CPyv8EWU2ectArCK/Xq4aSe4BMiP0LUlrc4KMhNt6nc38MPHK42RjHL Ib4qVWR+0NROQfpn2luuXYeSjrvMIHlTta2B2toZ8pO4Th3ysu7Eus3aW I=;
X-Files: smime.p7s : 4136
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AggFAH325VGtJXG9/2dsb2JhbABagwaBA8IdgRAWdIIjAQEBBAxtEAIBCBEEAQEBCg4MAwcCMBQJCAIEDgUIBodwAw+oN4Q3HYhOjz0xBwQUgnRuA5APgS2XbYMSgig
X-IronPort-AV: E=Sophos; i="4.89,681,1367971200"; d="p7s'?scan'208"; a="235736989"
Received: from rcdn-core2-2.cisco.com ([173.37.113.189]) by rcdn-iport-6.cisco.com with ESMTP; 17 Jul 2013 01:51:39 +0000
Received: from xhc-rcd-x05.cisco.com (xhc-rcd-x05.cisco.com [173.37.183.79]) by rcdn-core2-2.cisco.com (8.14.5/8.14.5) with ESMTP id r6H1pdSw023572 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Wed, 17 Jul 2013 01:51:39 GMT
Received: from xmb-aln-x11.cisco.com ([169.254.6.51]) by xhc-rcd-x05.cisco.com ([173.37.183.79]) with mapi id 14.02.0318.004; Tue, 16 Jul 2013 20:51:39 -0500
From: "Matt Miller (mamille2)" <mamille2@cisco.com>
To: "Manger, James H" <James.H.Manger@team.telstra.com>
Thread-Topic: [jose] PBES2-HS256+A128KW: where do salt and iteration count go?
Thread-Index: Ac6Bwa7E5l6r/DDHRwe+2UU0iYcgFQA1v0SAAAL1IQAAAHhBgAAAPH+AAAEVKoAAA5ttAA==
Date: Wed, 17 Jul 2013 01:51:38 +0000
Message-ID: <BF7E36B9C495A6468E8EC573603ED941152C1638@xmb-aln-x11.cisco.com>
References: <255B9BB34FB7D647A506DC292726F6E1151C7C31BF@WSMSG3153V.srv.dir.telstra.com> <BF7E36B9C495A6468E8EC573603ED941152C0944@xmb-aln-x11.cisco.com> <CAL02cgQF1O67LMivM+tzuAb-6BawPDL1m0mPC7+s=FzN7zrjwg@mail.gmail.com> <4E1F6AAD24975D4BA5B16804296739436B6C8153@TK5EX14MBXC283.redmond.corp.microsoft.com> <CAL02cgS8iVs5Qz0T6CeA-6uCoVGYwfjvDf4KvZ7svxwkVvmcGg@mail.gmail.com> <255B9BB34FB7D647A506DC292726F6E1151C7C3E1D@WSMSG3153V.srv.dir.telstra.com>
In-Reply-To: <255B9BB34FB7D647A506DC292726F6E1151C7C3E1D@WSMSG3153V.srv.dir.telstra.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-originating-ip: [10.21.122.149]
Content-Type: multipart/signed; boundary="Apple-Mail=_85649700-0EC5-4451-A51D-3D81F10CEC84"; protocol="application/pkcs7-signature"; micalg=sha1
MIME-Version: 1.0
Cc: Richard Barnes <rlb@ipv.sx>, Mike Jones <Michael.Jones@microsoft.com>, "jose@ietf.org" <jose@ietf.org>
Subject: Re: [jose] PBES2-HS256+A128KW: where do salt and iteration count go?
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 17 Jul 2013 01:51:47 -0000

I think the basic concept is fine, but I would rather not add any more human-facing fields.  It has too much potential to open the Pandora's box that is localization and internationalization.  Hint is something one human enters directly (I assume), so said human could communicate it to other humans.

I do understand your concerns with "password" (or "pwd" to continue our exuberant use of three-letter fields), but that seems like a more general issue to discuss.


- m&m

Matt Miller < mamille2@cisco.com >
Cisco Systems, Inc.

On Jul 16, 2013, at 6:08 PM, "Manger, James H" <James.H.Manger@team.telstra.com>
 wrote:

> "kty":"PBKDF2" feels unnecessary, though "kty":"password" would be useful. A key set could have an entry like the following:
> 
> {
>  "kty":"password",
> "alg":" PBES2-HS256+A128KW",
> "c-min":2000,
> "prompt":"Payment approval PIN",
> "hint":"last 4 digits of \u03C0"
> }
> 
> The entry could also have a "password" field holding the actual password.
> Mind you, I think mixing public (eg kty, alg) and sensitive (eg hint, password) fields side-by-side in a JSON object is a design guaranteed to lead to security breaches from poor handling.
> 
> --
> James Manger
> 
> From: Richard Barnes [mailto:rlb@ipv.sx]
> Sent: Wednesday, 17 July 2013 9:37 AM
> To: Mike Jones
> Cc: Matt Miller (mamille2); Manger, James H; jose@ietf.org
> Subject: Re: [jose] PBES2-HS256+A128KW: where do salt and iteration count go?
> 
> I was thinking that the "jwk" would be unnecessary.  We could have "hint" at the top level, or just use "kid" for that purpose.
> 
> --Richard
> 
> On Tue, Jul 16, 2013 at 7:30 PM, Mike Jones <Michael.Jones@microsoft.com<mailto:Michael.Jones@microsoft.com>> wrote:
> If we move “s” and “c” to being header parameters from the JWK, would we still need the JWK with “kty”:”PBKDF2”?  All that would be left would be the “hint” JWK parameter.