Ilari, For those of us who were not in Prague, is there some published reference to this attack? Or an accessible summary of it?
Thanks! -derek On Wed, November 15, 2023 4:54 pm, Ilari Liusvaara wrote: > On Wed, Nov 15, 2023 at 09:29:34PM +0000, lgl island-resort.com wrote: >> >> >> The reason I say Context Info Structure (definition pasted below) >> anticipated this is because of the AlgorithmID data item (and >> keyDataLength). If I understand correctly, it exactly is the solution >> proposed. > > The proposed solution is to perform KDF step in AEAD layer. > > >> If the COSE-HPKE draft made Context Info mandatory, we’d be done, >> though there may be a better solution. > > Nope. E.g., -29 has mandatory Context Information Structure, but that > does nothing to block this attack. > > > > > -Ilari > > _______________________________________________ > COSE mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/cose > -- Derek Atkins 617-623-3745 [email protected] www.ihtfp.com Computer and Internet Security Consultant _______________________________________________ COSE mailing list [email protected] https://www.ietf.org/mailman/listinfo/cose
