Re: [jose] [COSE] Fwd: New Version Notification for draft-reddy-cose-jose-pqc-kem-00.txt
Ilari Liusvaara <ilariliusvaara@welho.com> Wed, 06 March 2024 14:19 UTC
Return-Path: <ilariliusvaara@welho.com>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9E171C14F5FA; Wed, 6 Mar 2024 06:19:51 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.906
X-Spam-Level:
X-Spam-Status: No, score=-6.906 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xwnqcsynHBI1; Wed, 6 Mar 2024 06:19:50 -0800 (PST)
Received: from welho-filter4.welho.com (welho-filter4b.welho.com [83.102.41.30]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0AA6FC14F5F4; Wed, 6 Mar 2024 06:19:48 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by welho-filter4.welho.com (Postfix) with ESMTP id D14536887F; Wed, 6 Mar 2024 16:19:45 +0200 (EET)
X-Virus-Scanned: Debian amavisd-new at pp.htv.fi
Received: from welho-smtp1.welho.com ([IPv6:::ffff:83.102.41.84]) by localhost (welho-filter4.welho.com [::ffff:83.102.41.26]) (amavisd-new, port 10024) with ESMTP id RBz5KKtH1dcV; Wed, 6 Mar 2024 16:19:45 +0200 (EET)
Received: from LK-Perkele-VII2 (78-27-96-203.bb.dnainternet.fi [78.27.96.203]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by welho-smtp1.welho.com (Postfix) with ESMTPSA id 862907A; Wed, 6 Mar 2024 16:19:43 +0200 (EET)
Date: Wed, 06 Mar 2024 16:19:43 +0200
From: Ilari Liusvaara <ilariliusvaara@welho.com>
To: cose <cose@ietf.org>, JOSE WG <jose@ietf.org>
Message-ID: <Zeh7f_RnEhSQey3w@LK-Perkele-VII2.locald>
References: <170944215832.65165.15558599263256086018@ietfa.amsl.com> <CAFpG3gdGiw2wap8C1H+AOWvEn1ewSjmtBmghKKAvNBmXnDmoYg@mail.gmail.com> <CAN8C-_KZifohssn3WoZa6Qn3QMeh0YMya6c8RGa1ZieWgRY9=A@mail.gmail.com> <CAFWvErUpD+p5enboksM1QiPq1ixJnRMi2NM4oyu+_8XQo_f++Q@mail.gmail.com> <F60D40C8-1870-4485-9EDC-F906AF4A60F2@gmail.com> <CAFpG3gdxu7L4nwrTdKhLHKEJ3qciWV2A+xXPwHieH5DMtj+vjw@mail.gmail.com> <ZegskkAfMziZfEur@LK-Perkele-VII2.locald> <CAFpG3gczXHm9sPvX6LAcMHdKCcMn0QBoR=XTyz+wbWZLwin5CQ@mail.gmail.com> <CFD846C5-C599-4CF6-95A2-342493050500@gmail.com> <CAFpG3gd9pP7MtJWmX_k5tTSEmDK9KoBiZxWByatYBCeTR=_n4g@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Disposition: inline
In-Reply-To: <CAFpG3gd9pP7MtJWmX_k5tTSEmDK9KoBiZxWByatYBCeTR=_n4g@mail.gmail.com>
Sender: ilariliusvaara@welho.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/jose/uvVQsjZ2oEJfbMDRseSOyF_Ce1Y>
Subject: Re: [jose] [COSE] Fwd: New Version Notification for draft-reddy-cose-jose-pqc-kem-00.txt
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/jose/>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 06 Mar 2024 14:19:51 -0000
On Wed, Mar 06, 2024 at 05:21:02PM +0530, tirumal reddy wrote: > > HPKE already specifies the combination of KEM, KDF, and AEAD. The need for > specifying the AEAD is two-fold: to restrict the number of combinations and > to address the threat to symmetric cryptography from quantum computers (see > https://www.ietf.org/archive/id/draft-ietf-pquip-pqc-engineers-03.html#section-7.1 > for details). HPKE does that because it also does bulk encryption. Direct Key Agreement does not use AEAD anywhere. And JWE fundamentally assumes that any supported alg and enc can be combined. Then draft-ietf-jose-fully-specified-algorithms-02 makes that an explicit requirement on any alg/enc registration, with no exceptions. And COSE fundamentally assumes similar things, being based on composition of algorithms in any way that makes sense[1]. The reason both do that is that coupling the two would make complexity absolutely explode. [1] E.g., have Direct Key Agreement drive Key Wrap drive bulk encryption (can't do that in JWE). And why not mix-and-match that with Key Wrap or Key Transport? Or whatever HPKE is. -Ilari
- [jose] Fwd: New Version Notification for draft-re… tirumal reddy
- Re: [jose] Fwd: New Version Notification for draf… Orie Steele
- Re: [jose] [COSE] Fwd: New Version Notification f… AJITOMI Daisuke
- Re: [jose] [COSE] Fwd: New Version Notification f… Neil Madden
- Re: [jose] Fwd: New Version Notification for draf… Ilari Liusvaara
- Re: [jose] [COSE] Fwd: New Version Notification f… Ilari Liusvaara
- Re: [jose] Fwd: New Version Notification for draf… tirumal reddy
- Re: [jose] [COSE] Fwd: New Version Notification f… tirumal reddy
- Re: [jose] [COSE] Fwd: New Version Notification f… tirumal reddy
- Re: [jose] [COSE] Fwd: New Version Notification f… Ilari Liusvaara
- Re: [jose] [COSE] Fwd: New Version Notification f… tirumal reddy
- Re: [jose] [COSE] Fwd: New Version Notification f… Ilari Liusvaara
- Re: [jose] [COSE] Fwd: New Version Notification f… tirumal reddy
- Re: [jose] [COSE] Fwd: New Version Notification f… Ilari Liusvaara
- Re: [jose] [COSE] Fwd: New Version Notification f… Neil Madden
- Re: [jose] [COSE] Fwd: New Version Notification f… tirumal reddy
- Re: [jose] [COSE] Fwd: New Version Notification f… tirumal reddy
- Re: [jose] [COSE] Fwd: New Version Notification f… Neil Madden
- Re: [jose] [COSE] Fwd: New Version Notification f… Ilari Liusvaara
- Re: [jose] [COSE] Fwd: New Version Notification f… tirumal reddy