Hi all,
Let me add a bit of history to the announcement of this new draft. As you may know, we have been working for quite a while on the COSE-HPKE specification, see https://datatracker.ietf.org/doc/draft-ietf-cose-hpke/. After a lot of discussions we managed to make fundamental design decisions recently. During those discussions we also talked about the mapping of HPKE to JOSE and we learned (off-list) about implementation work. At the same time Tiru and Aritra looked into ways to combine PQC algorithms and convential cryptography in JOSE, which lead to the publication of https://datatracker.ietf.org/doc/draft-ra-cose-hybrid-encrypt/. This is referred as "hybrid key exchange". <draft-ra-cose-hybrid-encrypt> uses a classical ephemeral-static Diffie-Hellman (ES-DH) and combines it with Kyber. With the registration of X25519Kyber768Draft00 in the IANA HPKE registry, see https://www.iana.org/assignments/hpke/hpke.xhtml, we also have a way to accomplish the same functionality with HPKE. Hence, we got together and worked on <draft-rha-jose-hpke-encrypt-00.txt>. I believe it is good to have a JOSE-based version of HPKE that aligns with the work done in COSE. (It is a -00 version and details will change.) I could imagine that many of you will agree with me. Here is the question that is more difficult to answer: Do we need two solutions offering the "hybrid key exchange" functionality - an HPKE-based and a regular ES-DH-based solution? I am looking forward to the discussion at the upcoming IETF meeting. Ciao Hannes Am 12.10.2023 um 15:55 schrieb Aritra Banerjee (Nokia):
Hello all, We published a new draft draft-rha-jose-hpke-encrypt-00 - Use of Hybrid Public-Key Encryption (HPKE) with Javascript Object Signing and Encryption (JOSE) (ietf.org) <https://datatracker.ietf.org/doc/draft-rha-jose-hpke-encrypt/>to the JOSE WG. This document defines the use of the HPKE with JOSE. Feedback and suggestions are welcome. Regards, Aritra. *From: *[email protected] <[email protected]> *Date: *Thursday, 12. October 2023 at 14:48 *To: *Michael B. Jones <[email protected]>, Tirumaleswar Reddy.K <[email protected]>, Aritra Banerjee (Nokia) <[email protected]>, Hannes Tschofenig <[email protected]>, Hannes Tschofenig <[email protected]>, Michael Jones <[email protected]>, Orie Steele <[email protected]>, Tirumaleswar Reddy <[email protected]> *Subject: *New Version Notification for draft-rha-jose-hpke-encrypt-00.txt CAUTION: This is an external email. Please be very careful when clicking links or opening attachments. See the URL nok.it/ext for additional information. A new version of Internet-Draft draft-rha-jose-hpke-encrypt-00.txt has been successfully submitted by Tirumaleswar Reddy and posted to the IETF repository. Name: draft-rha-jose-hpke-encrypt Revision: 00 Title: Use of Hybrid Public-Key Encryption (HPKE) with Javascript Object Signing and Encryption (JOSE) Date: 2023-10-12 Group: Individual Submission Pages: 23 URL: https://www.ietf.org/archive/id/draft-rha-jose-hpke-encrypt-00.txt <https://www.ietf.org/archive/id/draft-rha-jose-hpke-encrypt-00.txt> Status: https://datatracker.ietf.org/doc/draft-rha-jose-hpke-encrypt/ <https://datatracker.ietf.org/doc/draft-rha-jose-hpke-encrypt/> HTML: https://www.ietf.org/archive/id/draft-rha-jose-hpke-encrypt-00.html <https://www.ietf.org/archive/id/draft-rha-jose-hpke-encrypt-00.html> HTMLized: https://datatracker.ietf.org/doc/html/draft-rha-jose-hpke-encrypt <https://datatracker.ietf.org/doc/html/draft-rha-jose-hpke-encrypt> Abstract: This specification defines Hybrid public-key encryption (HPKE) for use with Javascript Object Signing and Encryption (JOSE). HPKE offers a variant of public-key encryption of arbitrary-sized plaintexts for a recipient public key. HPKE works for any combination of an asymmetric key encapsulation mechanism (KEM), key derivation function (KDF), and authenticated encryption with additional data (AEAD) function. Authentication for HPKE in JOSE is provided by JOSE-native security mechanisms or by one of the authenticated variants of HPKE. This document defines the use of the HPKE with JOSE. The IETF Secretariat _______________________________________________ jose mailing list [email protected] https://www.ietf.org/mailman/listinfo/jose
_______________________________________________ jose mailing list [email protected] https://www.ietf.org/mailman/listinfo/jose
