[jose] JEF (JSON Encryption Format) adoption of JWK

[Anders Rundgren]

Although JEF [1] doesn't offer as many advantages [2] as JCS [3] it shares a 
common characteristic: Removing the need for dressing protected headers in 
Base64Url thanks to the use of ES6 serialization for creating AAD.

Also in similarity with JCS, JEF runs flawlessly on some of the most popular 
platforms there are including Chrome, Android, Java, Node.js.

To make JEF more compliant with JOSE it nowadays builds on a subset of JWA and 
JWK.

Notation using JEF (JSON Encryption Format):
   {
     "algorithm": "A128CBC-HS256",
     "encryptedKey": {
       "algorithm": "ECDH-ES",
       "keyId": "20170101:mybank:ec",
       "ephemeralKey": {
         "kty": "EC",
         "crv": "P-256",
         "x": "ZuESJhuxPPTuloRigAh0aWZrgfFpBgjKQO3qzPFKiKs",
         "y": "_SwkU496ZCpmwiN2WvVVGFMfUstH1mGSZIbcvTtzdtc"
       }
     },
     "iv": "FwpBD07mlfkaoIcrEZouig",
     "tag": "MQYMFMpDtjmlxPop42hoQg",
     "cipherText": "ito6qBV4xYTIv7C4-vNs3d95NNRpCZLC6dhkInrWn8M"
   }

Notation using JWE (JSON Web Encryption):
   {
     "protected": "eyJhbGciOiJFQ0RILUVTIiwia2lkIjoibWVyaWFkb2MuYn
         JhbmR5YnVja0BidWNrbGFuZC5leGFtcGxlIiwiZXBrIjp7Imt0eSI6Ik
         VDIiwiY3J2IjoiUC0yNTYiLCJ4IjoibVBVS1RfYkFXR0hJaGcwVHBqan
         FWc1AxclhXUXVfdndWT0hIdE5rZFlvQSIsInkiOiI4QlFBc0ltR2VBUz
         Q2ZnlXdzVNaFlmR1RUMElqQnBGdzJTUzM0RHY0SXJzIn0sImVuYyI6Ik
         ExMjhDQkMtSFMyNTYifQ",
     "iv": "yc9N8v5sYyv3iGQT926IUg",
     "ciphertext": "BoDlwPnTypYq-ivjmQvAYJLb5Q6l-F3LIgQomlz87yW4O
         PKbWE1zSTEFjDfhU9IPIOSA9Bml4m7iDFwA-1ZXvHteLDtw4R1XRGMEs
         DIqAYtskTTmzmzNa-_q4F_evAPUmwlO-ZG45Mnq4uhM1fm_D9rBtWolq
         ZSF3xGNNkpOMQKF1Cl8i8wjzRli7-IXgyirlKQsbhhqRzkv8IcY6aHl2
         4j03C-AR2le1r7URUhArM79BY8soZU0lzwI-sD5PZ3l4NDCCei9XkoIA
         fsXJWmySPoeRb2Ni5UZL4mYpvKDiwmyzGd65KqVw7MsFfI_K767G9C9A
         zp73gKZD0DyUn1mn0WW5LmyX_yJ-3AROq8p1WZBfG-ZyJ6195_JGG2m9
         Csg",
     "tag": "WCCkNa-x4BeB9hIDIfFuhg"
   }

Anders

1] https://cyberphone.github.io/doc/security/jef.html

2] Non-intrusive enveloped signatures can simplify the design, debugging and 
documentation of message oriented JSON/JavaScript based systems.

3] https://cyberphone.github.io/doc/security/jcs.html

_______________________________________________
jose mailing list
jose@ietf.org
https://www.ietf.org/mailman/listinfo/jose