[COSE] Re: [EXT] Re: AES-GMAC in COSE

Thu, 31 Oct 2024 09:06:16 -0700 

Russ,

I looked into KMAC and it seems like it can also be included as a set of fully 
specified algorithms parameterized like you mentioned. Other proposed uses in 
IPsec [3] do make use of different customization strings, which might apply in 
this situation but I’ll leave that detail to other experts.

 

I have an initial draft going through internal release review. After that I can 
add you as coauthor if you’d like and can point me to (e.g. a recent draft that 
has) your contact info.

 

Thanks in advance,

Brian S.

 

[3] https://datatracker.ietf.org/doc/draft-salter-ipsecme-sha3/

 

From: Russ Housley <[email protected]> 
Sent: Friday, July 19, 2024 1:49 PM
To: Sipos, Brian J. <[email protected]>
Cc: [email protected]
Subject: [EXT] Re: [COSE] AES-GMAC in COSE

 

Brian:

 

I am willing to assist on the GMAC document.

 

Any reason not to do KMAC as well?  See RFC 8702.   I would think that KMAC 
with SHAKE128 (outputs 256 bits with no customization string) and KMAC with 
SHAKE256 (outputs 512 bitswith no customization string).  I am willing to 
consider other parameter choices if people see a need.

 

Russ





On Jul 19, 2024, at 11:28 AM, Sipos, Brian J. <[email protected]> wrote:

 

All,

I was looking in the COSE algorithms registry [1] for any existing allocations 
for GMAC uses but don’t see any. My reason for looking was that in some 
hardware-accelerated environments AES-GCM is faster than HMAC processing, so a 
GMAC would also benefit from the acceleration.

I expect that a COSE use of AES-GMAC would look similar to the use in CMS [2] 
except that COSE algorithms typically combine options like authentication tag 
size into a single code point, so an initial thought would be max-length tags 
like: AES-GMAC 128/128, AES-GMAC 192/128, AES-GMAC 256/128

 

Would there be WG interest in allocating GMAC algorithms in the near-term time 
supporting max-length tags?

Thanks,

Brian S.

 

[1]  <https://www.iana.org/assignments/cose/cose.xhtml#algorithms> 
https://www.iana.org/assignments/cose/cose.xhtml#algorithms

[2]  <https://datatracker.ietf.org/doc/html/rfc9044> 
https://datatracker.ietf.org/doc/html/rfc9044

Attachment: smime.p7s
Description: S/MIME cryptographic signature

_______________________________________________
COSE mailing list -- [email protected]
To unsubscribe send an email to [email protected]

Reply via email to