From: COSE <[email protected]> On Behalf Of Mason Fischer Sent: Wednesday, September 23, 2020 5:33 AM To: [email protected] Subject: [COSE] Nonces Used in Signing Messages Hello, I’m building a cryptocurrency called Ellipticoin and following the COSE standard for transaction signing. I’m looking for a way to include nonces in edwards25519 Sign1 messages to prevent replay attacks. I could include the nonces in the message body but would prefer to keep the message body application specific. I searched for “nonce” in the RFC but didn’t find anything about nonces used in signature algorithms. Would it make sense to add nonce to "Table 2: Common Header Parameters"? [JLS] No it would not make sense to add nonce to Table 2 as we are trying not to do anything new or novel at this point in time for the new RFC document. However, it would make sense to create a document to add a nonce to “COSE Header Parameters” table on the IANA pages. If not which would be preferred: putting the nonce in the message body or putting it in a non-standard key? [JLS] This is going to be a philosophical discussion rather than there is one way which is better or worse than the other. A major question is going to be where the nonce enforcement is going to be done. Do you do it as part of processing the body or prior to getting to the body processing? Most of the applications that I have worked with put the nonce in the body because it was during the processing of the body that enforcement or use of the nonce value, either for reflection to match quests and responses, or to check if the message has been processed recently. Jim Thanks in advance and thank you all for the work you all do to keep standards open and free! Best, -Mason
_______________________________________________ COSE mailing list [email protected] https://www.ietf.org/mailman/listinfo/cose
