Thanks Mike & Orie. This looks very sane.
Mike Prorock founder - mesur.io On Wed, Apr 10, 2024, 09:21 Michael Jones <[email protected]> wrote: > At IETF 119, we’d been asked to describe to the working group what > including fully-specified ECDH algorithms would look like. Please let us > know if you’re in favor of addressing this in > draft-ietf-jose-fully-specified-algorithms or not, and whether you agree > with the characterization of how to do so below, or if there are specific > changes you’d suggest. > > > > These registered JOSE algorithms are polymorphic, because they do not > include the algorithm to be used for the ephemeral key: > > > > ECDH-ES > > ECDH-ES using Concat KDF > > ECDH-ES+A128KW > > ECDH-ES using Concat KDF and "A128KW" wrapping > > ECDH-ES+A192KW > > ECDH-ES using Concat KDF and "A192KW" wrapping > > ECDH-ES+A256KW > > ECDH-ES using Concat KDF and "A256KW" wrapping > > > > Fully-specified versions of these algorithms using combinations that “make > sense”, per Brian Campbell’s suggestion > <https://mailarchive.ietf.org/arch/msg/jose/LGqdnxk-ziF2Odm6CuxTUYnaKnc/>, > would be: > > > > ECDH-ES-P-256 > > ECDH-ES using Concat KDF and P-256 > > ECDH-ES-P-384 > > ECDH-ES using Concat KDF and P-384 > > ECDH-ES-P-521 > > ECDH-ES using Concat KDF and P-521 > > ECDH-ES-X25519 > > ECDH-ES using Concat KDF and X25519 > > ECDH-ES-X448 > > ECDH-ES using Concat KDF and X448 > > ECDH-ES-P-256+A128KW > > ECDH-ES using Concat KDF and P-256 and "A128KW" wrapping > > ECDH-ES-X25519+A128KW > > ECDH-ES using Concat KDF and X25519 and "A128KW" wrapping > > ECDH-ES-P-384+A192KW > > ECDH-ES using Concat KDF and P-384 and "A192KW" wrapping > > ECDH-ES-P-521+A256KW > > ECDH-ES using Concat KDF and P-521 and "A256KW" wrapping > > ECDH-ES-X448+A256KW > > ECDH-ES using Concat KDF and X448 and "A256KW" wrapping > > > > These registered COSE algorithms are likewise polymorphic, because they do > not include the algorithm to be used with the ephemeral key or the static > key: > > > > ECDH-ES + HKDF-256 > > ECDH ES w/ HKDF -- generate key directly > > ECDH-ES + HKDF-512 > > ECDH ES w/ HKDF -- generate key directly > > ECDH-SS + HKDF-256 > > ECDH SS w/ HKDF -- generate key directly > > ECDH-SS + HKDF-512 > > ECDH SS w/ HKDF -- generate key directly > > ECDH-ES + A128KW > > ECDH ES w/ HKDF and AES Key Wrap w/ 128-bit key > > ECDH-ES + A192KW > > ECDH ES w/ HKDF and AES Key Wrap w/ 192-bit key > > ECDH-ES + A256KW > > ECDH ES w/ HKDF and AES Key Wrap w/ 256-bit key > > ECDH-SS + A128KW > > ECDH SS w/ HKDF and AES Key Wrap w/ 128-bit key > > ECDH-SS + A192KW > > ECDH SS w/ HKDF and AES Key Wrap w/ 192-bit key > > ECDH-SS + A256KW > > ECDH SS w/ HKDF and AES Key Wrap w/ 256-bit key > > > > Fully-specified versions of these algorithms, again using combinations > that make sense, would be: > > > > ECDH-ES-P-256 + HKDF-256 > > ECDH ES using P-256 w/ HKDF -- generate key directly > > ECDH-ES-X25519 + HKDF-256 > > ECDH ES using X25519 w/ HKDF -- generate key directly > > ECDH-ES-P-521 + HKDF-512 > > ECDH ES using P-521 w/ HKDF -- generate key directly > > ECDH-ES-X448 + HKDF-512 > > ECDH ES using X448 w/ HKDF -- generate key directly > > ECDH-SS-P-256 + HKDF-256 > > ECDH SS using P-256 w/ HKDF -- generate key directly > > ECDH-SS-X25519 + HKDF-256 > > ECDH SS using X25519 w/ HKDF -- generate key directly > > ECDH-SS-P-521 + HKDF-512 > > ECDH SS using P-521 w/ HKDF -- generate key directly > > ECDH-SS-X448 + HKDF-512 > > ECDH SS using X448 w/ HKDF -- generate key directly > > ECDH-ES-P-256 + A128KW > > ECDH ES using P-256 w/ HKDF and AES Key Wrap w/ 128-bit key > > ECDH-ES-X25519 + A128KW > > ECDH ES using X25519 w/ HKDF and AES Key Wrap w/ 128-bit key > > ECDH-ES-P-384 + A192KW > > ECDH ES using P-384 w/ HKDF and AES Key Wrap w/ 192-bit key > > ECDH-ES-P-521 + A256KW > > ECDH ES using P-521 w/ HKDF and AES Key Wrap w/ 256-bit key > > ECDH-ES-X448 + A256KW > > ECDH ES using X448 w/ HKDF and AES Key Wrap w/ 256-bit key > > ECDH-SS-P-256 + A128KW > > ECDH SS using P-256 w/ HKDF and AES Key Wrap w/ 128-bit key > > ECDH-SS-X25519 + A128KW > > ECDH SS using X25519 w/ HKDF and AES Key Wrap w/ 128-bit key > > ECDH-SS-P-384 + A192KW > > ECDH SS using P-384 w/ HKDF and AES Key Wrap w/ 192-bit key > > ECDH-SS-P-521 + A256KW > > ECDH SS using P-521 w/ HKDF and AES Key Wrap w/ 256-bit key > > ECDH-SS-X448 + A256KW > > ECDH SS using X448 w/ HKDF and AES Key Wrap w/ 256-bit key > > > > Thanks all, > > -- Mike & > Orie > > > _______________________________________________ > jose mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/jose >
_______________________________________________ jose mailing list [email protected] https://www.ietf.org/mailman/listinfo/jose
