Hi all, In a discussion with Russ the following issue surfaced.
https://datatracker.ietf.org/doc/html/draft-ietf-cose-hpke-02 specifies a one-layer and a two-layer structure. The two-layer structure a sender to transmit ciphertext to multiple recipients while only encrypting the plaintext once with a content encryption key (CEK). Layer 0 contains the plaintext encrypted with the CEK. Layer 1 contains the encrypted CEK, which is a random value of suitable length encrypted using HPKE. The question is: Should we utilize AES-KW to wrap the CEK' by using HPKE to produce the Key Encryption Key? Ciao Hannes IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you. _______________________________________________ COSE mailing list [email protected] https://www.ietf.org/mailman/listinfo/cose
