COSE WG, After feedback about document scope and dis-interest in GMAC from JOSE WG I have reduced the draft, referenced below, to just AES-GMAC in just the COSE registry. I also added some explanation that the security strengths being registered are in parity with existing AES-GCM for AEAD.
Due to the simplicity of this document I am requesting WG adoption now, expecting that any feedback will be editorial rather than technical. I understand that there are technical caveats to using nonce-based MAC such as this but I believe that these are currently explained in the document and it's up to individual uses to determine whether any specific algorithm(s) are appropriate for their situation. There may be some benefit in explaining in-document the rationale for GMAC in the first place is its speed and likely hardware acceleration for high-rate and high-volume authentication. Thanks for comments, Brian S. ---------- Forwarded message --------- From: <[email protected]> Date: Thu, Jan 23, 2025 at 9:54 AM Subject: New Version Notification for draft-sipos-cose-gmac-00.txt To: Brian Sipos <[email protected]> A new version of Internet-Draft draft-sipos-cose-gmac-00.txt has been successfully submitted by Brian Sipos and posted to the IETF repository. Name: draft-sipos-cose-gmac Revision: 00 Title: AES-GMAC for COSE Date: 2025-01-23 Group: Individual Submission Pages: 7 URL: https://www.ietf.org/archive/id/draft-sipos-cose-gmac-00.txt Status: https://datatracker.ietf.org/doc/draft-sipos-cose-gmac/ HTML: https://www.ietf.org/archive/id/draft-sipos-cose-gmac-00.html HTMLized: https://datatracker.ietf.org/doc/html/draft-sipos-cose-gmac Abstract: This document registers COSE algorithm code points for using the Advanced Encryption Standard (AES) in Galois/Counter Mode (GCM) to generate a Message Authentication Code (AES-GMAC). The security strength provided by these registrations is identical to existing COSE registrations for AES-GCM authenticated encryption. The IETF Secretariat
_______________________________________________ COSE mailing list -- [email protected] To unsubscribe send an email to [email protected]
