Yes, I think that should be another way of fixing this issue. On Mon, Oct 31, 2022 at 2:02 PM Carsten Bormann <[email protected]> wrote:
> On 27. Oct 2022, at 20:12, Sophie Schmieg <sschmieg= > [email protected]> wrote: > > > > In COSE, this weakness is currently mitigated due to the limited > selection of algorithms and the strict separation of digital signatures and > MACs. > > So, would separating AEAD from unauthenticated encryption help? > > Grüße, Carsten > > -- Sophie Schmieg | Information Security Engineer | ISE Crypto | [email protected]
_______________________________________________ COSE mailing list [email protected] https://www.ietf.org/mailman/listinfo/cose
