Re: [OAUTH-WG] JWE with A128CBC-HS256

John Bradley <ve7jtb@ve7jtb.com> Mon, 31 March 2014 12:34 UTC

Return-Path: <ve7jtb@ve7jtb.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BF0791A07EA for <oauth@ietfa.amsl.com>; Mon, 31 Mar 2014 05:34:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.145
X-Spam-Level:
X-Spam-Status: No, score=-0.145 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FRT_ADOBE2=2.455, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id x4wMs09V1v9C for <oauth@ietfa.amsl.com>; Mon, 31 Mar 2014 05:34:05 -0700 (PDT)
Received: from mail-ob0-f173.google.com (mail-ob0-f173.google.com [209.85.214.173]) by ietfa.amsl.com (Postfix) with ESMTP id CA2D91A082F for <oauth@ietf.org>; Mon, 31 Mar 2014 05:34:05 -0700 (PDT)
Received: by mail-ob0-f173.google.com with SMTP id gq1so9121024obb.32 for <oauth@ietf.org>; Mon, 31 Mar 2014 05:34:02 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:content-type:mime-version:subject:from :in-reply-to:date:cc:message-id:references:to; bh=xsSXLqgo1EwFJOgcTP+M8T9XQTlNtks+XT4sC80vNfU=; b=fZD0D05IGA6KjQPA63B6ka3vfZ1vBUrJkw1IKczkuB8buZjHW/zMG1IPrlXtnbIc5A scBdKtNYaEvfWoQIgpV42JCVxpKUfpvngTZRC+9SXsbbCsA/NTxrWCiaGUV6c9OXxTUf VfEMK9cAi0x11Rf8Daj8bVSGAwW8bXvGmGj9XSJBcpyDuU5yKpF/jm8hFPd7gF0dyBiB QGOGc+ChrJn6TdRRtuVsrEq3pKVzgnP+49oQu0Gtj1zAlej8QdGIuV9plM7kwSBUnmCH 04sfXd7uSLX3QGeB1nikUXO6c6tBWoLAjI4NmfUPfy9EEppfM3QfkJOhplM8s/6+SgmB XCSA==
X-Gm-Message-State: ALoCoQkTYBMo3WFCDKcRLksCSfYLLEQkkcxDuOM+guhqp67yNzbdh5LZgTna3mjrrphsJ9j2UA/T
X-Received: by 10.60.37.199 with SMTP id a7mr2804580oek.41.1396269242514; Mon, 31 Mar 2014 05:34:02 -0700 (PDT)
Received: from [192.168.10.212] (ip-64-134-11-246.public.wayport.net. [64.134.11.246]) by mx.google.com with ESMTPSA id c7sm60972107oek.12.2014.03.31.05.34.00 for <multiple recipients> (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Mon, 31 Mar 2014 05:34:00 -0700 (PDT)
Content-Type: multipart/alternative; boundary="Apple-Mail=_99EBCEE7-2AB0-4A6F-A234-1F1F723CCD5E"
Mime-Version: 1.0 (Mac OS X Mail 7.2 \(1874\))
From: John Bradley <ve7jtb@ve7jtb.com>
In-Reply-To: <9B0FC530-C3D7-4BA8-85FC-7457B7BEA194@adobe.com>
Date: Mon, 31 Mar 2014 09:34:00 -0300
Message-Id: <8480C7F7-E43B-4094-BBE3-95E13E8AE33A@ve7jtb.com>
References: <E03A5014-EDCB-4E7C-A05B-F474D72D1D0E@adobe.com> <C7692FDB-FAB0-4937-8354-9B2881207D4F@ve7jtb.com> <9B0FC530-C3D7-4BA8-85FC-7457B7BEA194@adobe.com>
To: Antonio Sanso <asanso@adobe.com>
X-Mailer: Apple Mail (2.1874)
Archived-At: http://mailarchive.ietf.org/arch/msg/oauth/LgfRcJ5rPCoE-MLX7IhAkrLhhdk
Cc: "oauth@ietf.org" <oauth@ietf.org>, "jose@ietf.org" <jose@ietf.org>
Subject: Re: [OAUTH-WG] JWE with A128CBC-HS256
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 31 Mar 2014 12:34:08 -0000

Thanks,  I will have a look.

On Mar 31, 2014, at 3:43 AM, Antonio Sanso <asanso@adobe.com> wrote:

> thanks a lot John,
> 
> On Mar 28, 2014, at 5:09 PM, John Bradley <ve7jtb@ve7jtb.com> wrote:
> 
>> This reference may be useful to you. http://tools.ietf.org/html/draft-mcgrew-aead-aes-cbc-hmac-sha2
>> 
>> The part of the spec you need is  http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-24#page-23
>> 
>> We originally used a KDF as you mention.  In order to simplify the alg and align with draft-mcgrew-aead-aes-cbc-hmac-sha2.
>> 
>> K is the concatenation of the AES key and teh HMAC Key.
> 
> question,  are the examples in the spec already updated to use the new mechanism? 
> There are some obsolete references in the JWE spec. E.g. in [2] says:
> 
> as described where this algorithm is
>    defined in Sections 4.8 and 4.8.3 of JWA,
> 
> These sections seems to point to on old version of the spec (Section 4.8.3 doesn’t even exist anymore in JWA)
> 
> regards
> 
> antonio
> 
> [2] http://tools.ietf.org/html/draft-ietf-jose-json-web-encryption-24#appendix-B
> 
>> 
>> John B.
>> 
>> 
>> On Mar 28, 2014, at 11:19 AM, Antonio Sanso <asanso@adobe.com> wrote:
>> 
>>> hi *,
>>> 
>>> in the JWT specification [0] there is an example of a JWE that use A128CBC-HS256 for content encrpyption.
>>> Now I am not a cryptographer my self but IIUC the same CEK is used for encrypting with AES and authentication HMAC.
>>> 
>>> AFAIK is better to use two different keys for those 2 different primitives (this will not obviously apply to AES_GCM).
>>> 
>>> Unless I am missing something... :)
>>> 
>>> regards
>>> 
>>> antonio
>>> 
>>> [0] http://tools.ietf.org/html/draft-ietf-oauth-json-web-token-19#appendix-A.1
>>> [1] http://tools.ietf.org/html/draft-ietf-jose-json-web-encryption-24#appendix-A.2
>>> _______________________________________________
>>> OAuth mailing list
>>> OAuth@ietf.org
>>> https://www.ietf.org/mailman/listinfo/oauth
>> 
>