On Mon, Jul 08, 2024 at 10:46:29AM -0500, Orie Steele wrote: > Because of how COSE handles bulk encryption, any new algorithm that > encrypts a content encryption key needs to explain how that key is > protected from cross mode attacks. > > Laurence's proposal for HPKE specific enc structure seems the most viable > to me.
Yes, it is very much in the right direction. One issue is handling layer0. I think the easiest way would be to use null (0xF6) for next algorithm on layer0. Then there could be full depth instead of traditional Encrypt0/0/1/2+ split. Not that I know any reason to use 2+. -Ilari _______________________________________________ COSE mailing list -- [email protected] To unsubscribe send an email to [email protected]
