Re: [OAUTH-WG] ECDH-1PU encryption algorithm
Dave Tonge <dave.tonge@momentumft.co.uk> Mon, 10 August 2020 06:18 UTC
Return-Path: <dave.tonge@moneyhub.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6C37B3A13FF for <oauth@ietfa.amsl.com>; Sun, 9 Aug 2020 23:18:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.987
X-Spam-Level:
X-Spam-Status: No, score=-1.987 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_KAM_HTML_FONT_INVALID=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=momentumft.co.uk
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RgOH-RefByXa for <oauth@ietfa.amsl.com>; Sun, 9 Aug 2020 23:17:59 -0700 (PDT)
Received: from mail-pg1-x52b.google.com (mail-pg1-x52b.google.com [IPv6:2607:f8b0:4864:20::52b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5C3A23A0433 for <oauth@ietf.org>; Sun, 9 Aug 2020 23:17:59 -0700 (PDT)
Received: by mail-pg1-x52b.google.com with SMTP id x6so4265969pgx.12 for <oauth@ietf.org>; Sun, 09 Aug 2020 23:17:59 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=momentumft.co.uk; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=2CRrRMGAliyaneg0T9FkHraZuJpx1WtKGq6YOshDLN8=; b=X1o1axOROX9bEa2baZ3fDSuqcBvbmfC0k5+au92RqJJNLStT3iNiV9EbxZu/Pr+a// zNyF40hwxv4sNnNfP3YI6GuVSeqaIyGM1qFL7xy2IJh024cmHwldankuDNg5rndoakK7 bMn0jOZJ9eEJQuAhcqKP0n667Ep9mEaH7Nooo=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=2CRrRMGAliyaneg0T9FkHraZuJpx1WtKGq6YOshDLN8=; b=k/2kzyiZK6asvW/rB0oZMsGTchWNaeNR4KLUvDsn6Ovy7O5kxr40HHBWvUDqeJraK/ AmoTe+jpjs/r2GXpPkb/HEXEkRSX6Al0f/kphCXNVn55BMeYy9LtQO9f19RNooXzkLGk YfZcpq2Zxhydz1TmouPmmJVj/FM88JvTPce8924FqaYMFz9zTdxV8h+DUXJu4IGR7mwe im+J+GJG3RZt9jXyYKwDNdrIm5DHdgZJR7Wo+IviaAoaQ1RN53N8/HhxAKrN8mp2mQ5T tbUT1nZsE2q9A2yyLukyRBEluIYlPn0AxyeAhawrAjFiUtIJRyutyURqaDeO+WV43GB0 di6A==
X-Gm-Message-State: AOAM530/pfMthTbQKtU8CayCcP6L8xH+9x6TlhrMzvc0SCT21X0bHWHg bMd7MGT7TYsVv+TRrVxj29iwi7y+buNeYn2K3Ll5Cn3PUYhj3o24XDm5Ww6Js6cbOj0g/1LPQgZ mqD8C8N60blIzLnyThi9eSw==
X-Google-Smtp-Source: ABdhPJwget8VThC+e9gyFqHA2JLujHmltQVqmQ8GfmPYWQgQ+i233k0SgVzYJhemdr1KmsOeGu5EC81V1trrRo4JDdY=
X-Received: by 2002:a63:4c48:: with SMTP id m8mr21027943pgl.290.1597040278637; Sun, 09 Aug 2020 23:17:58 -0700 (PDT)
MIME-Version: 1.0
References: <0DEE1AC7-2EA7-420F-B0B5-6F96A3D04D1C@forgerock.com>
In-Reply-To: <0DEE1AC7-2EA7-420F-B0B5-6F96A3D04D1C@forgerock.com>
From: Dave Tonge <dave.tonge@momentumft.co.uk>
Date: Mon, 10 Aug 2020 08:17:47 +0200
Message-ID: <CAP-T6TQFDht6n2=zt7cujQfouEmeOA02e0-sLF_vR96JSFhGaA@mail.gmail.com>
To: Neil Madden <neil.madden@forgerock.com>
Cc: oauth <oauth@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000080317205ac7fea44"
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/3lIrVbgJRYAHIkS4IgGKWVdpx-c>
Subject: Re: [OAUTH-WG] ECDH-1PU encryption algorithm
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 10 Aug 2020 06:18:01 -0000
Hi Neil I'd be interested in seeing this draft discussed. Dave On Wed, 5 Aug 2020 at 12:02, Neil Madden <neil.madden@forgerock.com> wrote: > Hi all, > > You may remember me from such I-Ds as > https://tools.ietf.org/html/draft-madden-jose-ecdh-1pu-03, which proposes > adding a new encryption algorithm to JOSE. I’d like to reserve a bit of > time to discuss it at one of the upcoming interim meetings. > > The basic idea is that in many cases in OAuth and OIDC you want to ensure > both confidentiality and authenticity of some token - for example when > transferring an ID token containing PII to the client through the front > channel, or for access tokens intended to be handled by a specific RS > without online token introspection (such as the JWT access token draft). If > you have a shared secret key between the AS and the client/RS then you can > use symmetric authenticated encryption (alg=dir or alg=A128KW etc). But if > you need to use public key cryptography then currently you are limited to a > nested signed-then-encrypted JOSE structure, which produces much larger > token sizes. > > The draft adds a new “public key authenticated encryption” mode based on > ECDH in the NIST standard “one-pass unified” model. The primary advantage > for OAuth usage is that the tokens produced are more compact compared to > signing+encryption (~30% smaller for typical access/ID token sizes in > compact serialization). Performance-wise, it’s roughly equivalent. I know > that size concerns are often a limiting factor in choosing whether to > encrypt tokens, so this should help. > > In terms of implementation, it’s essentially just a few extra lines of > code compared to an ECDH-ES implementation. (Some JOSE library APIs might > need an adjustment to accommodate the extra private key needed for > encryption/public key for decryption). > > I’ve received a few emails off-list from people interested in using it for > non-OAuth use-cases such as secure messaging applications. I think these > use-cases can be accommodated without significant changes, so I think the > OAuth WG would be a good venue for advancing this. > > I’d be interested to hear thoughts and discussion on the list prior to any > discussion at an interim meeting. > > — Neil > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth > -- Dave Tonge CTO [image: Moneyhub Enterprise] <http://www.google.com/url?q=http%3A%2F%2Fmoneyhubenterprise.com%2F&sa=D&sntz=1&usg=AFQjCNGUnR5opJv5S1uZOVg8aISwPKAv3A> Moneyhub Financial Technology, 5th Floor, 10 Temple Back, Bristol, BS1 6FL t: +44 (0)117 280 5120 Moneyhub Enterprise is a trading style of Moneyhub Financial Technology Limited which is authorised and regulated by the Financial Conduct Authority ("FCA"). Moneyhub Financial Technology is entered on the Financial Services Register (FRN 809360) at fca.org.uk/register. Moneyhub Financial Technology is registered in England & Wales, company registration number 06909772 . Moneyhub Financial Technology Limited 2018 © DISCLAIMER: This email (including any attachments) is subject to copyright, and the information in it is confidential. Use of this email or of any information in it other than by the addressee is unauthorised and unlawful. Whilst reasonable efforts are made to ensure that any attachments are virus-free, it is the recipient's sole responsibility to scan all attachments for viruses. All calls and emails to and from this company may be monitored and recorded for legitimate purposes relating to this company's business. Any opinions expressed in this email (or in any attachments) are those of the author and do not necessarily represent the opinions of Moneyhub Financial Technology Limited or of any other group company. -- Moneyhub Enterprise is a trading style of Moneyhub Financial Technology Limited which is authorised and regulated by the Financial Conduct Authority ("FCA"). Moneyhub Financial Technology is entered on the Financial Services Register (FRN 809360) at https://register.fca.org.uk/ <https://register.fca.org.uk/>. Moneyhub Financial Technology is registered in England & Wales, company registration number 06909772. Moneyhub Financial Technology Limited 2020 © Moneyhub Enterprise, Regus Building, Temple Quay, 1 Friary, Bristol, BS1 6EA. DISCLAIMER: This email (including any attachments) is subject to copyright, and the information in it is confidential. Use of this email or of any information in it other than by the addressee is unauthorised and unlawful. Whilst reasonable efforts are made to ensure that any attachments are virus-free, it is the recipient's sole responsibility to scan all attachments for viruses. All calls and emails to and from this company may be monitored and recorded for legitimate purposes relating to this company's business. Any opinions expressed in this email (or in any attachments) are those of the author and do not necessarily represent the opinions of Moneyhub Financial Technology Limited or of any other group company.
- [OAUTH-WG] ECDH-1PU encryption algorithm Neil Madden
- Re: [OAUTH-WG] ECDH-1PU encryption algorithm Vladimir Dzhuvinov
- Re: [OAUTH-WG] ECDH-1PU encryption algorithm Dave Tonge
- Re: [OAUTH-WG] ECDH-1PU encryption algorithm Neil Madden
- Re: [OAUTH-WG] ECDH-1PU encryption algorithm Filip Skokan
- Re: [OAUTH-WG] ECDH-1PU encryption algorithm Dick Hardt
- Re: [OAUTH-WG] ECDH-1PU encryption algorithm Mike Jones
- Re: [OAUTH-WG] ECDH-1PU encryption algorithm Vladimir Dzhuvinov
- Re: [OAUTH-WG] ECDH-1PU encryption algorithm Matthew A. Miller
- Re: [OAUTH-WG] ECDH-1PU encryption algorithm Neil Madden
- Re: [OAUTH-WG] ECDH-1PU encryption algorithm Thibault Normand