> On Nov 1, 2022, at 6:40 AM, Carsten Bormann <[email protected]> wrote: > > On 2022-11-01, at 11:29, Hannes Tschofenig <[email protected]> wrote: >> >> when you say “separating AEAD from unauthenticated encryption” are you >> referring to separating the storage of the tag from the encrypted ciphertext? > > I actually meant separating it in the way COSE_Mac and COSE_Sign are > separated in COSE, based on Sophie’s observation that separating Macs and > Signatures provides some protection for these. I was not sure, however, that > this new separation would actually be useful. > Just an idea.
I'm trying to see how the recipient would find this helpful. It is just another value that would need to be adjusted by the attacker to mount the attacks that Sophie is sharing. Russ _______________________________________________ COSE mailing list [email protected] https://www.ietf.org/mailman/listinfo/cose
