I encourage the use of only the default IV with AES Key Wrap. Russ
On Apr 9, 2013, at 3:45 PM, jose issue tracker wrote: > #19: JWA needs to specify an IV for use with JWE AES Key Wrap > > Section 4.5 of JSON Web Algorithms specifies the use of AES Key Wrap with > JWE with reference to RFC3394. The RFC does not require a particular > Initial Value to be used, although it defined a "default Initial Value". > > Either: > (a) The JWA specification needs to specify that the default Initial Value > from RFC3394 must be used, or > (b) The JWE specification needs to include an object member to specify the > Initial Value that was used (note that is this distinct from the > Initialization Vector used for the payload encryption). > > I suggest (a) and I am uncertain of the security properties of (b). > > -- > -------------------------+------------------------------------------------- > Reporter: | Owner: draft-ietf-jose-json-web- > [email protected] | [email protected] > Type: defect | Status: new > Priority: minor | Milestone: > Component: json-web- | Version: > algorithms | Keywords: > Severity: - | > -------------------------+------------------------------------------------- > > Ticket URL: <http://trac.tools.ietf.org/wg/jose/trac/ticket/19> > jose <http://tools.ietf.org/jose/> > > _______________________________________________ > jose mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/jose _______________________________________________ jose mailing list [email protected] https://www.ietf.org/mailman/listinfo/jose
