The question was more to the group whether someone could see a benefit or a use case.
-----Original Message----- From: COSE <[email protected]> On Behalf Of Ilari Liusvaara Sent: Monday, August 22, 2022 1:14 PM To: [email protected] Subject: Re: [COSE] COSE HPKE and the use of AES-KW On Mon, Aug 22, 2022 at 10:25:20AM +0000, Hannes Tschofenig wrote: > Hi all, > > In a discussion with Russ the following issue surfaced. > > https://datatracker.ietf.org/doc/html/draft-ietf-cose-hpke-02 > specifies a one-layer and a two-layer structure. The two-layer > structure a sender to transmit ciphertext to multiple recipients while > only encrypting the plaintext once with a content encryption key > (CEK). > > Layer 0 contains the plaintext encrypted with the CEK. > > Layer 1 contains the encrypted CEK, which is a random value of > suitable length encrypted using HPKE. > > The question is: Should we utilize AES-KW to wrap the CEK' by using > HPKE to produce the Key Encryption Key? You mean using HPKE exporter mode to produce KEK, which then encrypts the CEK using AES-KW? Or something else? And what would the usecase be? Using AES-192 or CCM mode? All the other COSE bulk encryptions seem to be in HPKE. And if this is about using HPKE exporter for KEK, I am not seeing any nice way to map it to two-layer structure. -Ilari _______________________________________________ COSE mailing list [email protected] https://www.ietf.org/mailman/listinfo/cose IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you. _______________________________________________ COSE mailing list [email protected] https://www.ietf.org/mailman/listinfo/cose
