On Wed, Nov 15, 2023 at 09:29:34PM +0000, lgl island-resort.com wrote: > > > The reason I say Context Info Structure (definition pasted below) > anticipated this is because of the AlgorithmID data item (and > keyDataLength). If I understand correctly, it exactly is the solution > proposed.
The proposed solution is to perform KDF step in AEAD layer. > If the COSE-HPKE draft made Context Info mandatory, we’d be done, > though there may be a better solution. Nope. E.g., -29 has mandatory Context Information Structure, but that does nothing to block this attack. -Ilari _______________________________________________ COSE mailing list [email protected] https://www.ietf.org/mailman/listinfo/cose
