Re: [COSE] Encrypted COSE_Key

Mon, 20 Feb 2023 07:07:37 -0800 

Hi Øyvind,

There is no specific spec for this but here is what I would do.

If you want to store a symmetric key (call it a CEK) that is encrypted
with a symmetric key (call it a KEK) I would use this structure:

      [ / recipients array /
           h'', / protected field /
           {    / unprotected field /
              1: -3,            / alg=A128KW /
              4: h'6B69642D31'  / key id /
           },
           / CEK encrypted with KEK /
           h'AF09622B4F40F17930129D18D0CEA46F159C49E7F68B644D'
        ]

You could potentially tag it.

Alternatively, with a bit more overhead you could do the following:
(ABC is a placeholder for some tag)

ABC(
    [
        / protected field /
       h'',
        / unprotected field /
        {},
        null,
        [ / recipients array /
           h'', / protected field /
           {    / unprotected field /
              1: -3,            / alg=A128KW /
              4: h'6B69642D31'  / key id /
           },
           / CEK encrypted with KEK /
           h'AF09622B4F40F17930129D18D0CEA46F159C49E7F68B644D'
        ]
    ]
)

Ciao

Hannes



Am 20.02.2023 um 13:40 schrieb Rønningstad, Øyvind:


Hi, I was looking at the spec, trying to find the best way to
represent an encrypted key with COSE. So, let’s say I want to store or
transmit a symmetric key in a COSE_Key structure, but I want the key
to be encrypted. In a way, I want key wrapping without the payload.

I could always wrap my COSE_Key in a COSE_Encrypt or COSE_Encrypt0,
but that also encrypts the metadata, which makes it more inconvenient
to scan a collection of keys to find the correct one to use. Ideally,
I’d like to wrap just the Key Value (“k”, with label -1) from the
COSE_Key in a COSE_Encrypt0 in-place, but the spec doesn’t seem to
give room for that: “k: This contains the value of the key.”

Can I instead use a COSE_recipient or a COSE_Encrypt(0) structure in
place of the COSE_Key, and place the different COSE_Key parameters
(except k) into the protected header or unprotected header? How should
I structure it if so?

What is the recommendation from the COSE WG? Did I miss something in
the spec about this?

Best Regards, Øyvind Rønningstad


_______________________________________________
COSE mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/cose

_______________________________________________
COSE mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/cose

Reply via email to