Hi List, I'm currently working with a project using both JOSE and COSE crypto. It is was a bit surprising finding that they do not only use different structures, but different algorithms as well.
The RFC made me even more confused since it on https://datatracker.ietf.org/doc/html/rfc8152#section-12.5.1 talks about a "Concat KDF" which is not mentioned anywhere else : +-----------+-------+---------+------------+--------+---------------+ | Name | Value | KDF | Ephemeral- | Key | Description | | | | | Static | Wrap | | +-----------+-------+---------+------------+--------+---------------+ | ECDH-ES + | -29 | HKDF - | yes | A128KW | ECDH ES w/ | | A128KW | | SHA-256 | | | Concat KDF | | | | | | | and AES Key | | | | | | | Wrap w/ | | | | | | | 128-bit key | That is, " ECDH-ES+A128KW" is not identical to the JOSE algorithm with the same name. The COSE version does NOT use the Concat KDF, right? Why is it mentioned? Looking at Jim's COSE sample code makes it more clear, he names it ECDH_ES_HKDF_256_AES_KW_128(-29, 0, 0) https://github.com/cose-wg/COSE-JAVA/blob/master/src/main/java/COSE/AlgorithmID.java#L52: which seems more logical. Question: would it be worthwhile to in some way address this in https://datatracker.ietf.org/doc/draft-ietf-cose-rfc8152bis-algs/ ? For my own project I intend to let JOSE/COSE use the same and thus extended set of algorithms. Would it be possible upgrading the IANA registries or will I have to use proprietary identifiers? Thanx, Anders _______________________________________________ COSE mailing list [email protected] https://www.ietf.org/mailman/listinfo/cose
