From brr@kamstrup.com Thu Nov 9 03:43:30 2017 Return-Path: X-Original-To: cose@ietfa.amsl.com Delivered-To: cose@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D5B4D12717E for ; Thu, 9 Nov 2017 03:43:30 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.888 X-Spam-Level: X-Spam-Status: No, score=-1.888 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, T_REMOTE_IMAGE=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id W2z7jUL1cEUD for ; Thu, 9 Nov 2017 03:43:29 -0800 (PST) Received: from mail.kamstrup.com (mail.kamstrup.com [93.167.225.188]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0954A12FEE2 for ; Thu, 9 Nov 2017 03:43:29 -0800 (PST) Received: from EXCHANGE2010.kamstrup.dk ([::1]) by Exchange2010.kamstrup.dk ([::1]) with mapi id 14.03.0169.001; Thu, 9 Nov 2017 12:43:26 +0100 From: Brian Rasmussen To: "cose@ietf.org" Thread-Topic: Question regarding RFC 8152 Thread-Index: AdNZTi9XG9lxywdGR0Gr/qawmsCZzw== Date: Thu, 9 Nov 2017 11:43:26 +0000 Message-ID: Accept-Language: da-DK, en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [172.20.21.78] Content-Type: multipart/alternative; boundary="_000_FDF363AE41B29144B37CCBD910480B23016635F014Exchange2010k_" MIME-Version: 1.0 Archived-At: X-Mailman-Approved-At: Sun, 12 Nov 2017 05:01:08 -0800 Subject: [COSE] Question regarding RFC 8152 X-BeenThere: cose@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: CBOR Object Signing and Encryption List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 09 Nov 2017 11:45:03 -0000 --_000_FDF363AE41B29144B37CCBD910480B23016635F014Exchange2010k_ Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Hi I have a specific question regarding the COSE defined AES CCM (chapter 10.2= of RFC 8152) mode. The definition of CCM mode is referenced in RFC3610, bu= t RFC3610 only defines 128-bit block ciphers. In Table 10 in chapter 10.2 o= f RFC8152 there are specified AES CCM algorithms, that uses 256-bit block c= iphers like the AES-CCM-16-64-256 algorithm. Where is the CCM mode for 256-= bit block ciphers defined? Any advice would be helpful. Thanks in advance for your answer. Venlig hilsen / Best regards [Kamstrup A/S] Brian Rasmussen Teamlead Embedded SW Technology Kamstrup A/S Industrivej 28 DK-8660 Skanderborg T: +45 89 93 10 00 D: +45 89 93 16 17 brr@kamstrup.com kamstrup.com --_000_FDF363AE41B29144B37CCBD910480B23016635F014Exchange2010k_ Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable

I have a specific question regarding the COSE d= efined AES CCM (chapter 10.2 of RFC 8152) mode. The definition of CCM mode = is referenced in RFC3610, but RFC3610 only defines 128-bit block ciphers. In Table 10 in chapter 10.2 of RFC8152 there are sp= ecified AES CCM algorithms, that uses 256-bit block ciphers like the AES-CC= M-16-64-256 algorithm. Where is the CCM mode for 256-bit block ciphers defi= ned?

Any advice would be helpful. Thanks in advance = for your answer.

Venlig hils= en / Best regards

Brian R= asmussen
Teamlea= d Embedded SW
Techno= logy

Kamstrup A/= S
Industrivej= 28
DK-8660 Ska= nderborg
T: +45 = 89 93 10 00
D: +45 89 93 16 17

brr@kamstrup.com
kamstrup= .com

--_000_FDF363AE41B29144B37CCBD910480B23016635F014Exchange2010k_-- From nobody Sun Nov 12 05:28:47 2017 Return-Path: X-Original-To: cose@ietfa.amsl.com Delivered-To: cose@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EC124120725 for ; Sun, 12 Nov 2017 05:28:45 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.979 X-Spam-Level: X-Spam-Status: No, score=-1.979 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, T_REMOTE_IMAGE=0.01, T_SPF_PERMERROR=0.01] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ihtfp.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RIdrk4SwQxjc for ; Sun, 12 Nov 2017 05:28:44 -0800 (PST) Received: from mail2.ihtfp.org (MAIL2.IHTFP.ORG [204.107.200.7]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1C0C81200F1 for ; Sun, 12 Nov 2017 05:28:44 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by mail2.ihtfp.org (Postfix) with ESMTP id 13F81E2055; Sun, 12 Nov 2017 08:28:13 -0500 (EST) Received: from mail2.ihtfp.org ([127.0.0.1]) by localhost (mail2.ihtfp.org [127.0.0.1]) (amavisd-maia, port 10024) with ESMTP id 05376-03; Sun, 12 Nov 2017 08:27:40 -0500 (EST) Received: from [192.168.248.155] (IHTFP-DHCP-155.IHTFP.ORG [192.168.248.155]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client did not present a certificate) by mail2.ihtfp.org (Postfix) with ESMTPSA id 4DF00E2047; Sun, 12 Nov 2017 08:27:39 -0500 (EST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ihtfp.com; s=default; t=1510493259; bh=Ug2vEloBAlWEH9UJ1yYeRxmHoHmxEEfluVpdH3C2ei8=; h=From:To:Date:In-Reply-To:References:Subject; b=Z+9bwTxn5HPrZ03SOJFxcq+/gppfb0ylL8JXNj9k54LY1ylZ3m9SGqtHdpVuUJFu3 zZtTscblTbJ24XlpYyQb2NjsO6J/J7lUX5J9dxt9ly2hSnz+TwSKOPhuakS0CUjUXy s6sVF+yeatAdjcpJEL4oPxJFM4Vg6kjd//8MR+04= From: Derek Atkins To: Brian Rasmussen , Date: Sun, 12 Nov 2017 08:27:37 -0500 Message-ID: <15fb069fd28.27ea.ee0929d4f8247208f860e07266211506@ihtfp.com> In-Reply-To: References: User-Agent: AquaMail/1.12.0-651 (build: 101200001) MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----------15fb069ffd57d6c27ea40561ae" X-Virus-Scanned: Maia Mailguard 1.0.2a Archived-At: Subject: Re: [COSE] Question regarding RFC 8152 X-BeenThere: cose@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: CBOR Object Signing and Encryption List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 12 Nov 2017 13:28:46 -0000 This is a multi-part message in MIME format. ------------15fb069ffd57d6c27ea40561ae Content-Type: text/plain; format=flowed; charset="us-ascii" Content-Transfer-Encoding: 8bit You are confusing block size and key size All instances of AES are 128-bit block size, regardless of key size. -derek Sent using my mobile device. Please excuse any typos. On November 12, 2017 8:01:49 AM Brian Rasmussen wrote: > Hi > > I have a specific question regarding the COSE defined AES CCM (chapter 10.2 > of RFC 8152) mode. The definition of CCM mode is referenced in RFC3610, but > RFC3610 only defines 128-bit block ciphers. In Table 10 in chapter 10.2 of > RFC8152 there are specified AES CCM algorithms, that uses 256-bit block > ciphers like the AES-CCM-16-64-256 algorithm. Where is the CCM mode for > 256-bit block ciphers defined? > > Any advice would be helpful. Thanks in advance for your answer. > > Venlig hilsen / Best regards > [Kamstrup A/S] > Brian Rasmussen > Teamlead Embedded SW > Technology > > Kamstrup A/S > Industrivej 28 > DK-8660 Skanderborg > T: +45 89 93 10 00 > D: +45 89 93 16 17 > > brr@kamstrup.com > kamstrup.com > > > > ---------- > _______________________________________________ > COSE mailing list > COSE@ietf.org > https://www.ietf.org/mailman/listinfo/cose > ------------15fb069ffd57d6c27ea40561ae Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: 8bit

You are confusing block size and key size
All instances of AES are 128-bit block size, regardless of key size.

-derek
Sent using my mobile device. Please excuse any typos.

On November 12, 2017 8:01:49 AM Brian Rasmussen <brr@kamstrup.com> wrote:

Hi

I have a specific question regarding the COSE defined AES CCM (chapter 10.2 of RFC 8152) mode. The definition of CCM mode is referenced in RFC3610, but RFC3610 only defines 128-bit block ciphers. In Table 10 in chapter 10.2 of RFC8152 there are specified AES CCM algorithms, that uses 256-bit block ciphers like the AES-CCM-16-64-256 algorithm. Where is the CCM mode for 256-bit block ciphers defined?

Any advice would be helpful. Thanks in advance for your answer.

Venlig hilsen / Best regards

Brian Rasmussen
Teamlead Embedded SW
Technology

Kamstrup A/S
Industrivej 28
DK-8660 Skanderborg
T: +45 89 93 10 00
D: +45 89 93 16 17

brr@kamstrup.com
kamstrup.com

_______________________________________________
COSE mailing list
COSE@ietf.org
https://www.ietf.org/mailman/listinfo/cose

------------15fb069ffd57d6c27ea40561ae-- From nobody Wed Nov 22 13:59:14 2017 Return-Path: X-Original-To: cose@ietfa.amsl.com Delivered-To: cose@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 57B7F126BF7 for ; Wed, 22 Nov 2017 13:59:13 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.3 X-Spam-Level: X-Spam-Status: No, score=-4.3 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=qti.qualcomm.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FMIQzgHoouqC for ; Wed, 22 Nov 2017 13:59:12 -0800 (PST) Received: from alexa-out.qualcomm.com (alexa-out.qualcomm.com [129.46.98.28]) (using TLSv1.2 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 26438126BF6 for ; Wed, 22 Nov 2017 13:59:12 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=qti.qualcomm.com; i=@qti.qualcomm.com; q=dns/txt; s=qcdkim; t=1511387952; x=1542923952; h=from:to:subject:date:message-id:mime-version; bh=L0lxbGt2GBo9PxEn7+pBYR1FBfjgMxrYgnnoJCz5jW4=; b=ZQMSnIyIBC6HLICt80y28OF7Lr4kf83h92KDp6epG/NJzStgKGO4Oaoe uf6DCVD3fBbYvexK9Nq8l+eBRdz5cC3ZZCv9L7AORoGPtFD/aVD/UGJFS umXU7rlStXJJxfU2Rx1UAp1NKLLquJM/weOC6342f37kM7IAV3FYYb1lU s=; Received: from ironmsg02-l-new.qualcomm.com (HELO ironmsg02-L.qualcomm.com) ([10.53.140.109]) by alexa-out.qualcomm.com with ESMTP; 22 Nov 2017 13:59:11 -0800 X-IronPort-AV: E=McAfee;i="5900,7806,8723"; a="1043066112" X-MGA-submission: =?us-ascii?q?MDFVyhRBcb6gCao2FDso1cWL7/6QY/nYgyY34r?= =?us-ascii?q?0qFKgiDnrtnzYBL6xS/et2igBZfYqSo+w/ryiiiHrWdXZqWnPaR8G5wV?= =?us-ascii?q?VbyUuagMZsDc2CivyAvCXgaRMT0+OHpwTX11H3ft6F27dWnWcS2T4xDX?= =?us-ascii?q?pK?= Received: from nasanexm01f.na.qualcomm.com ([10.85.0.32]) by ironmsg02-L.qualcomm.com with ESMTP/TLS/AES256-SHA; 22 Nov 2017 13:59:11 -0800 Received: from NASANEXM01B.na.qualcomm.com (10.85.0.82) by NASANEXM01F.na.qualcomm.com (10.85.0.32) with Microsoft SMTP Server (TLS) id 15.0.1293.2; Wed, 22 Nov 2017 13:59:10 -0800 Received: from NASANEXM01B.na.qualcomm.com ([10.85.0.82]) by NASANEXM01B.na.qualcomm.com ([10.85.0.82]) with mapi id 15.00.1293.002; Wed, 22 Nov 2017 13:59:10 -0800 From: Laurence Lundblade To: cose Thread-Topic: ECIES key transport? Thread-Index: AQHTY90f+OPqWBLJQkCujrjq/7cFNw== Date: Wed, 22 Nov 2017 21:59:09 +0000 Message-ID: <6BF52439-20D0-4C47-B3B5-DDC73CF1F790@qti.qualcomm.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-mailer: Apple Mail (2.3273) x-ms-exchange-messagesentrepresentingtype: 1 x-ms-exchange-transport-fromentityheader: Hosted x-originating-ip: [199.106.107.6] Content-Type: multipart/alternative; boundary="_000_6BF5243920D04C47B3B5DDC73CF1F790qtiqualcommcom_" MIME-Version: 1.0 Archived-At: Subject: [COSE] ECIES key transport? X-BeenThere: cose@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: CBOR Object Signing and Encryption List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 22 Nov 2017 21:59:13 -0000 --_000_6BF5243920D04C47B3B5DDC73CF1F790qtiqualcommcom_ Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Has anyone done any work on ECIES key transport for COSE? LL --_000_6BF5243920D04C47B3B5DDC73CF1F790qtiqualcommcom_ Content-Type: text/html; charset="us-ascii" Content-ID: <4C4432A7CD183C44A646F269117E8C6F@qualcomm.com> Content-Transfer-Encoding: quoted-printable Has anyone done any work on ECIES key transport for COSE?

--_000_6BF5243920D04C47B3B5DDC73CF1F790qtiqualcommcom_-- From nobody Wed Nov 22 22:13:55 2017 Return-Path: X-Original-To: cose@ietfa.amsl.com Delivered-To: cose@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 24E6E129C40 for ; Wed, 22 Nov 2017 22:13:55 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2 X-Spam-Level: X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=augustcellars.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bTNJVTIkNypT for ; Wed, 22 Nov 2017 22:13:53 -0800 (PST) Received: from mail4.augustcellars.com (augustcellars.com [50.45.239.150]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A93521205F1 for ; Wed, 22 Nov 2017 22:13:53 -0800 (PST) Content-Type: multipart/alternative; boundary="----=_NextPart_000_027E_01D363DF.2B08A500" Content-Language: en-us DKIM-Signature: v=1; a=rsa-sha256; d=augustcellars.com; s=winery; c=simple/simple; t=1511417631; h=from:subject:to:date:message-id; bh=/bT0LCGWQJLXYok4msJWurKIh6dREZmqUWN4qVw8xJ0=; b=f6vXON01k9rO6zGnFBw8oFEI/brIVWQNrqeadATk2G5HAfv9fIaW+tPpPd6ki0PbvM6w1Xmu0jB Ou5Q4eGtMTwxccxegKnvaE9a2+Keci0GroAqC5KEU9x0DXFRM74IOGjCI/ZtDhBf9tZn6uIM1Xd5o TCRsz0Q6Moo6SmFQaIo6/0CvdYc6HOjwvyqrQsRIDL8BUI9nbZsdUe2PsbcmPrRPiGB/0W/SIpAKP gtssdSWh+TjclgnHrpdLeN0Eubcp5k9OcLmi8ZdI0SlfaxiURUpSH6fFGXDBUCskpaQUjCjgaAvdz 8Jge7lFPywRPovtPiS2R9M8z8ZiiLKlcawjA== Received: from mail2.augustcellars.com (192.168.1.201) by mail4.augustcellars.com (192.168.1.153) with Microsoft SMTP Server (TLS) id 15.0.1263.5; Wed, 22 Nov 2017 22:13:51 -0800 Received: from Jude (73.180.8.170) by mail2.augustcellars.com (192.168.0.56) with Microsoft SMTP Server (TLS) id 15.0.1263.5; Wed, 22 Nov 2017 22:12:40 -0800 From: Jim Schaad To: 'Laurence Lundblade' , 'cose' References: <6BF52439-20D0-4C47-B3B5-DDC73CF1F790@qti.qualcomm.com> In-Reply-To: <6BF52439-20D0-4C47-B3B5-DDC73CF1F790@qti.qualcomm.com> Date: Wed, 22 Nov 2017 22:13:44 -0800 Message-ID: <027d01d36422$392aac80$ab800580$@augustcellars.com> MIME-Version: 1.0 X-Mailer: Microsoft Outlook 16.0 Thread-Index: AQKySN++xmyx9VG1jqit93fMZ+S7kKFjsjGQ X-Originating-IP: [73.180.8.170] Archived-At: Subject: Re: [COSE] ECIES key transport? X-BeenThere: cose@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: CBOR Object Signing and Encryption List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 23 Nov 2017 06:13:55 -0000 ------=_NextPart_000_027E_01D363DF.2B08A500 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit I am not sure what you mean by this, however from the brief description on Wikipedia I think you are looking for the Direct ECDH algorithm w/ the AEAD encryption algorithm (Section 12.4). Jim From: COSE [mailto:cose-bounces@ietf.org] On Behalf Of Laurence Lundblade Sent: Wednesday, November 22, 2017 1:59 PM To: cose Subject: [COSE] ECIES key transport? Has anyone done any work on ECIES key transport for COSE? LL ------=_NextPart_000_027E_01D363DF.2B08A500 Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable

I am not sure what you mean by this, however from the = brief description on Wikipedia I think you are looking for the Direct = ECDH algorithm w/ the AEAD encryption algorithm (Section = 12.4).

Jim

From: COSE = [mailto:cose-bounces@ietf.org] On Behalf Of Laurence = Lundblade
Sent: Wednesday, November 22, 2017 1:59 = PM
To: cose <cose@ietf.org>
Subject: [COSE] = ECIES key transport?

Has anyone = done any work on ECIES key transport for COSE? =

------=_NextPart_000_027E_01D363DF.2B08A500-- From nobody Thu Nov 23 10:19:36 2017 Return-Path: X-Original-To: cose@ietfa.amsl.com Delivered-To: cose@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B30EB126C26 for ; Thu, 23 Nov 2017 10:19:34 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.3 X-Spam-Level: X-Spam-Status: No, score=-4.3 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=qti.qualcomm.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 63o0SwlXgLiX for ; Thu, 23 Nov 2017 10:19:33 -0800 (PST) Received: from alexa-out.qualcomm.com (alexa-out.qualcomm.com [129.46.98.28]) (using TLSv1.2 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9BF4F124D6C for ; Thu, 23 Nov 2017 10:19:33 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=qti.qualcomm.com; i=@qti.qualcomm.com; q=dns/txt; s=qcdkim; t=1511461174; x=1542997174; h=from:to:subject:date:message-id:references:in-reply-to: mime-version; bh=lPoc+DtaN/nbaTIGoD+v72fkbk0CPqpotQ/e3OyYj7Q=; b=HThMvE3CFXfzlytV5zYWF1m9CLWEq2OsjEIOLhEbLcVAQDtblKEFg39l /jJhbiR1BQgm5MED5kVJejCTlNAc49podMtOJxdX7wMdtpqbtzCIQUYXM GRf7R4IiONN7S6LZknghuPkSl96Xc2hJztUqugw0G8Y4CdjaUx7eIfwWf 0=; Received: from ironmsg04-r-new.qualcomm.com (HELO Ironmsg04-R.qualcomm.com) ([10.53.140.108]) by alexa-out.qualcomm.com with ESMTP; 23 Nov 2017 10:19:33 -0800 X-IronPort-AV: E=McAfee;i="5900,7806,8724"; a="1539200104" X-MGA-submission: =?us-ascii?q?MDGt339Epp82Gg/BWW5gc+DqM7bmgr6x2Afx0A?= =?us-ascii?q?aAzCiF/pI8jz94lxa+BB6EVZ7zThp1CZSx8JoJNgk5z5/glA340CksQx?= =?us-ascii?q?TdZtdCI1qAUxBovY1Ohl62ZkHdxMmR3NCwGfBewOwGNLAIpm57WwVIMG?= =?us-ascii?q?X8?= Received: from nasanexm01b.na.qualcomm.com ([10.85.0.82]) by Ironmsg04-R.qualcomm.com with ESMTP/TLS/AES256-SHA; 23 Nov 2017 10:19:32 -0800 Received: from NASANEXM01B.na.qualcomm.com (10.85.0.82) by NASANEXM01B.na.qualcomm.com (10.85.0.82) with Microsoft SMTP Server (TLS) id 15.0.1293.2; Thu, 23 Nov 2017 10:19:32 -0800 Received: from NASANEXM01B.na.qualcomm.com ([10.85.0.82]) by NASANEXM01B.na.qualcomm.com ([10.85.0.82]) with mapi id 15.00.1293.002; Thu, 23 Nov 2017 10:19:32 -0800 From: Laurence Lundblade To: Jim Schaad , 'cose' Thread-Topic: [COSE] ECIES key transport? Thread-Index: AQHTZCJAnFdfiLedsUG6uBR3oZSdpKMiQFc8 Date: Thu, 23 Nov 2017 18:19:31 +0000 Message-ID: <1511461171881.64975@qti.qualcomm.com> References: <6BF52439-20D0-4C47-B3B5-DDC73CF1F790@qti.qualcomm.com>, <027d01d36422$392aac80$ab800580$@augustcellars.com> In-Reply-To: <027d01d36422$392aac80$ab800580$@augustcellars.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-ms-exchange-transport-fromentityheader: Hosted x-originating-ip: [199.106.107.6] Content-Type: multipart/alternative; boundary="_000_151146117188164975qtiqualcommcom_" MIME-Version: 1.0 Archived-At: Subject: Re: [COSE] ECIES key transport? X-BeenThere: cose@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: CBOR Object Signing and Encryption List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 23 Nov 2017 18:19:35 -0000 --_000_151146117188164975qtiqualcommcom_ Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable I'm looking for a scheme that uses elliptic curves where the sender encrypt= s and the receiver decrypts. The receiver has given the sender some key mat= erial out of band in a one-time exchange that is secured by some other mean= s. The sender can't decrypt with the key material given by the receiver. I understand how to do this with RSA and CMS -- RSA OEAP to wrap an AES CE= K, but not yet how to do it with EC and COSE. The integration of both integrity protection and data enveloping is nice, b= ut it's mostly the data protection I'm after. I did look at 12.4, but ephemeral-static nor static-static seem right. 12.5= seems closer. Thanks! LL ________________________________ From: COSE on behalf of Jim Schaad Sent: Wednesday, November 22, 2017 10:13 PM To: Laurence Lundblade; 'cose' Subject: Re: [COSE] ECIES key transport? I am not sure what you mean by this, however from the brief description on = Wikipedia I think you are looking for the Direct ECDH algorithm w/ the AEAD= encryption algorithm (Section 12.4). Jim From: COSE [mailto:cose-bounces@ietf.org] On Behalf Of Laurence Lundblade Sent: Wednesday, November 22, 2017 1:59 PM To: cose Subject: [COSE] ECIES key transport? Has anyone done any work on ECIES key transport for COSE? LL --_000_151146117188164975qtiqualcommcom_ Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable

I'm looking for a scheme that uses elliptic curves where the sender= encrypts and the receiver decrypts. The receiver has given the sender some= key material out of band in a one-time exchange that is secured by some ot= her means. The sender can't decrypt with the key material given by the receiver.

I understand how to do this with RSA and CMS -- RSA = ;OEAP to wrap an AES CEK, but not yet how to do it with EC and COSE. <= br>

The integration of both integrity protection and data enveloping is nice= , but it's mostly the data protection I'm after.

I did look at 12.4, but ephemeral-static nor static-static seem right. 1= 2.5 seems closer.

Thanks!

From: COSE <cose-bounces= @ietf.org> on behalf of Jim Schaad <ietf@augustcellars.com>
Sent: Wednesday, November 22, 2017 10:13 PM
To: Laurence Lundblade; 'cose'
Subject: Re: [COSE] ECIES key transport?

I am not sure what you mean by this, however from th= e brief description on Wikipedia I think you are looking for the Direct ECD= H algorithm w/ the AEAD encryption algorithm (Section 12.4).

Jim

From: COSE [mailto:cose-bounces@ietf.org] = On Behalf Of Laurence Lundblade
Sent: Wednesday, November 22, 2017 1:59 PM
To: cose <cose@ietf.org>
Subject: [COSE] ECIES key transport?

Has anyone done any work on ECIES key transport for COSE?

--_000_151146117188164975qtiqualcommcom_-- From nobody Thu Nov 23 11:43:04 2017 Return-Path: X-Original-To: cose@ietfa.amsl.com Delivered-To: cose@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 75722127871 for ; Thu, 23 Nov 2017 11:43:01 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.9 X-Spam-Level: X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JdiuW_SNDl-a for ; Thu, 23 Nov 2017 11:42:59 -0800 (PST) Received: from welho-filter1.welho.com (welho-filter1.welho.com [83.102.41.23]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 72C59127005 for ; Thu, 23 Nov 2017 11:42:59 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by welho-filter1.welho.com (Postfix) with ESMTP id 9FA955372D; Thu, 23 Nov 2017 21:42:57 +0200 (EET) X-Virus-Scanned: Debian amavisd-new at pp.htv.fi Received: from welho-smtp3.welho.com ([IPv6:::ffff:83.102.41.86]) by localhost (welho-filter1.welho.com [::ffff:83.102.41.23]) (amavisd-new, port 10024) with ESMTP id VmB2bBj0zobe; Thu, 23 Nov 2017 21:42:57 +0200 (EET) Received: from LK-Perkele-VII (87-92-19-27.bb.dnainternet.fi [87.92.19.27]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by welho-smtp3.welho.com (Postfix) with ESMTPSA id 4DB372313; Thu, 23 Nov 2017 21:42:55 +0200 (EET) Date: Thu, 23 Nov 2017 21:42:55 +0200 From: Ilari Liusvaara To: Laurence Lundblade Cc: 'cose' Message-ID: <20171123194255.GA28646@LK-Perkele-VII> References: <6BF52439-20D0-4C47-B3B5-DDC73CF1F790@qti.qualcomm.com> <027d01d36422$392aac80$ab800580$@augustcellars.com> <1511461171881.64975@qti.qualcomm.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: <1511461171881.64975@qti.qualcomm.com> User-Agent: Mutt/1.9.1 (2017-09-22) Sender: ilariliusvaara@welho.com Archived-At: Subject: Re: [COSE] ECIES key transport? X-BeenThere: cose@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: CBOR Object Signing and Encryption List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 23 Nov 2017 19:43:01 -0000 On Thu, Nov 23, 2017 at 06:19:31PM +0000, Laurence Lundblade wrote: > I'm looking for a scheme that uses elliptic curves where the sender encrypts and the receiver decrypts. The receiver has given the sender some key material out of band in a one-time exchange that is secured by some other means. The sender can't decrypt with the key material given by the receiver. > > I understand how to do this with RSA and CMS -- RSA OEAP to wrap an AES CEK, but not yet how to do it with EC and COSE. > > The integration of both integrity protection and data enveloping is nice, but it's mostly the data protection I'm after. > > I did look at 12.4, but ephemeral-static nor static-static seem right. 12.5 seems closer. Something like this might do (enveloped structure, as simple encrypted does not seem to suffice): 84 -- Top level array 51 -- Wrapping bstr, 17 bytes. A2 -- Two headers 01 03 -- AES-256-GCM 05 4C -- IV, 12 bytes <12 bytes of random IV> A0 -- Empty unprotected A3 -- Recipients 40 -- Empty protected A3 -- Unprotected 01 38 18 -- ECDH-ES+HKDF-256 20 A3 -- Ephemeral key, 3 fields. 01 01 -- OKP 20 04 -- X25519 21 58 20 -- X25519 public key. <32 bytes pubkey> F6 -- NULL That seems to be 85-93 bytes of overhead (60 of those are crypto) depending on the message size. -Ilari