https://mailarchive.ietf.org/arch/msg/jose/X32HdYLPan8XPDVCfNxel9aLFT8/
^ See the slides from lamps. OS On Wed, Nov 15, 2023 at 4:31 PM Derek Atkins <[email protected]> wrote: > Ilari, > > For those of us who were not in Prague, is there some published reference > to this attack? Or an accessible summary of it? > > Thanks! > > -derek > > On Wed, November 15, 2023 4:54 pm, Ilari Liusvaara wrote: > > On Wed, Nov 15, 2023 at 09:29:34PM +0000, lgl island-resort.com wrote: > >> > >> > >> The reason I say Context Info Structure (definition pasted below) > >> anticipated this is because of the AlgorithmID data item (and > >> keyDataLength). If I understand correctly, it exactly is the solution > >> proposed. > > > > The proposed solution is to perform KDF step in AEAD layer. > > > > > >> If the COSE-HPKE draft made Context Info mandatory, we’d be done, > >> though there may be a better solution. > > > > Nope. E.g., -29 has mandatory Context Information Structure, but that > > does nothing to block this attack. > > > > > > > > > > -Ilari > > > > _______________________________________________ > > COSE mailing list > > [email protected] > > https://www.ietf.org/mailman/listinfo/cose > > > > > -- > Derek Atkins 617-623-3745 > [email protected] www.ihtfp.com > Computer and Internet Security Consultant > > _______________________________________________ > COSE mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/cose > -- ORIE STEELE Chief Technology Officer www.transmute.industries <https://transmute.industries>
_______________________________________________ COSE mailing list [email protected] https://www.ietf.org/mailman/listinfo/cose
