Hi all, If the chairs make an adoption call, I would support it and below would be additional input to be considered for the draft.
Beside KMACs (NIST-approved MACs and PRFs), below are additional functions to be considered adding. When additional protection against side channel attacks are desired, the 2 MACs below are good ones. HopMAC128(Key, M, C, L) = KT128(Key, KT128(M, C, 32), L) [1] and (A) HopMAC256(Key, M, C, L) = KT256(Key, KT256(M, C, 64), L). Otherwise, KT128(M, Key, L) and KT256(M, Key, L), or KT128(M||Key, C, L) and KT256(M||Key, C, L) should be used. (B) C is an optional customization string. B options are more performance efficient than A. Regards, Quynh. [1] https://www.ietf.org/archive/id/draft-irtf-cfrg-kangarootwelve-17.html On Thu, Jun 26, 2025 at 8:31 AM Sipos, Brian J. <brian.si...@jhuapl.edu> wrote: > Leonard, > > I see that the purely hash algorithm family SHAKE is defined in RFC 9054 > [1], are these what you are looking for? > > > > I had also started, but effectively abandoned, a small draft to add KMAC > to COSE and JOSE [2] which is a SHA-3 derived MAC algorithm family. If this > is something you are interested in, and there is WG support, the draft of > just KMAC could be revived. > > > > Brian S. > > > > [1] https://datatracker.ietf.org/doc/html/rfc9054#section-3.3 > > [2] https://datatracker.ietf.org/doc/draft-sipos-cose-gmac-kmac/ > > > > *From:* Leonard Rosenthol <lrosenth=40adobe....@dmarc.ietf.org> > *Sent:* Wednesday, June 25, 2025 6:07 PM > *To:* cose@ietf.org > *Subject:* [EXT] [COSE] Why is SHA-3 not supported in COSE? > > > > *APL external email warning: *Verify sender forwardingalgori...@ietf.org > before clicking links or attachments > > > > Checking the current state of the COSE Algorithm Registry ( > https://www.iana.org/assignments/cose/cose.xhtml#algorithms) shows that > it is not there. > > > > Is there a technical reason for this? Lack of interest by implementors? > Other? > > > > I ask because we are getting requests to add it to the C2PA specification, > but as we note in our spec ( > https://c2pa.org/specifications/specifications/2.2/specs/C2PA_Specification.html#_hashing) > since the SHA-3 algorithms aren’t on the list, we don’t support it. > > > > Thanks in advance for the info. > > > > Leonard > > > _______________________________________________ > COSE mailing list -- cose@ietf.org > To unsubscribe send an email to cose-le...@ietf.org >
_______________________________________________ COSE mailing list -- cose@ietf.org To unsubscribe send an email to cose-le...@ietf.org
