Carsten, when you say “separating AEAD from unauthenticated encryption” are you referring to separating the storage of the tag from the encrypted ciphertext?
Ciao Hannes From: COSE <[email protected]> On Behalf Of Sophie Schmieg Sent: Monday, October 31, 2022 11:18 PM To: Carsten Bormann <[email protected]> Cc: Arciszewski, Scott <[email protected]>; Zundel, Brent <[email protected]>; [email protected] Subject: Re: [COSE] COSE Support for AES-CTR and AES-CBC Yes, I think that should be another way of fixing this issue. On Mon, Oct 31, 2022 at 2:02 PM Carsten Bormann <[email protected]<mailto:[email protected]>> wrote: On 27. Oct 2022, at 20:12, Sophie Schmieg <[email protected]<mailto:[email protected]>> wrote: > > In COSE, this weakness is currently mitigated due to the limited selection of > algorithms and the strict separation of digital signatures and MACs. So, would separating AEAD from unauthenticated encryption help? Grüße, Carsten -- Sophie Schmieg | Information Security Engineer | ISE Crypto | [email protected]<mailto:[email protected]> IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.
_______________________________________________ COSE mailing list [email protected] https://www.ietf.org/mailman/listinfo/cose
