[openpgp] Deterministic generation of (symmetric) public key params from private key params
Daniel Huigens <d.huigens@protonmail.com> Tue, 12 November 2024 11:12 UTC
Return-Path: <d.huigens@protonmail.com>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 74670C151543 for <openpgp@ietfa.amsl.com>; Tue, 12 Nov 2024 03:12:43 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.102
X-Spam-Level:
X-Spam-Status: No, score=-2.102 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=protonmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0tmrky68MFUK for <openpgp@ietfa.amsl.com>; Tue, 12 Nov 2024 03:12:39 -0800 (PST)
Received: from mail-4322.protonmail.ch (mail-4322.protonmail.ch [185.70.43.22]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 62631C14F714 for <openpgp@ietf.org>; Tue, 12 Nov 2024 03:12:39 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=protonmail.com; s=protonmail3; t=1731409957; x=1731669157; bh=ZOSrn4iP8Ikwue7OfnV9VVDGr1rAsBJ/no8O1hk5RVY=; h=Date:To:From:Subject:Message-ID:Feedback-ID:From:To:Cc:Date: Subject:Reply-To:Feedback-ID:Message-ID:BIMI-Selector: List-Unsubscribe:List-Unsubscribe-Post; b=CyOEAF1ftds27zIVSQGQCl/PT+I5pfBv45p2/WYoas/rh1GhjMTN1MTlDoIUTuurD NmVgDmkpqUYllLXeNlYFnDS+Tc1DLrNCCEvu05JjpC6naA2oQupgzwDuszaivGqd0B AtrNl6MZBY3vZM1l6oyec4UQMvWI7gPr7vk8nDbVXc1IhuWwAcuaPwfdi5EXCs+2up /QgYRvmXTK3JPLm8pQXzD5BkLHD+ousB4daLmtzLvVHO5dVbyGxVI+m4ZpiIu0/rad o2b/MQoQGReiCBWqCHjbeVmp+IjEbNV4uCuQylH/+5ZTt5bqW9+ePcP3jgzCbjDFId c6L9riUhMb9Ww==
Date: Tue, 12 Nov 2024 11:12:32 +0000
To: IETF OpenPGP WG <openpgp@ietf.org>
From: Daniel Huigens <d.huigens@protonmail.com>
Message-ID: <FxKXcgs81L4JQJjqV8sB_941ghtKVj5cjVYx6povy95enL27NdtRWhG5cLgElc9jJXQRqFqbTroNYlSL1agjgDVfRTmKJtKVwJkC0U1PmS8=@protonmail.com>
Feedback-ID: 2934448:user:proton
X-Pm-Message-ID: d5f08693ec7903d1c6b0c41191ee6b0153379d55
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Message-ID-Hash: APAVWXUNUJY7BIHT26PNP6UMJS2WNG3A
X-Message-ID-Hash: APAVWXUNUJY7BIHT26PNP6UMJS2WNG3A
X-MailFrom: d.huigens@protonmail.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-openpgp.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [openpgp] Deterministic generation of (symmetric) public key params from private key params
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/a-yVzabCbhB6VnpqStsI9aFO3Ac>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Owner: <mailto:openpgp-owner@ietf.org>
List-Post: <mailto:openpgp@ietf.org>
List-Subscribe: <mailto:openpgp-join@ietf.org>
List-Unsubscribe: <mailto:openpgp-leave@ietf.org>
Hi folks, In the meeting last week, Justus noted that folks might want to deterministically generate key pairs from the private key material (presumably by storing some metadata like the key generation time). And, the change in draft-ietf-openpgp-persistent-symmetric-keys-00 complicates this, by no longer storing the hash seed in the private key material. So, you'd have to store some additional algorithm-specific metadata from the public key material, namely the fingerprint seed. Since we didn't have much time for discussion last week, I thought I'd ask the wider WG here whether this is a use case people care about, and whether this workaround would be sufficient? Best, Daniel
- [openpgp] Deterministic generation of (symmetric)… Daniel Huigens
- [openpgp] Re: Deterministic generation of (symmet… Justus Winter
- [openpgp] Re: Deterministic generation of (symmet… Daniel Huigens
- [openpgp] Re: Deterministic generation of (symmet… Simo Sorce
- [openpgp] Re: Deterministic generation of (symmet… Justus Winter
- [openpgp] Re: Deterministic generation of (symmet… Daniel Huigens
- [openpgp] Re: Deterministic generation of (symmet… vedaal
- [openpgp] Re: Deterministic generation of (symmet… Daniel Huigens