Neil, The original motivation is for using AES-GMAC in a high-volume, high-throughput, hardware-accelerated environment; like you say it's fast at the expense of other aspects. During pre-internet-draft review Russ had asked if KMAC could be added here as well, and I obliged as both of these code point registrations are pretty lightweight with just a simple set of parameters for each.
If there is a WG preference for keeping algorithm registrations strictly separated by topic/family then I can pull these apart as separate drafts. Please let me know any opinions. Brian S. On Fri, Dec 13, 2024 at 5:20 PM Neil Madden <[email protected]> wrote: > What’s the motivation for adding these? They seem poles apart in terms of > security properties: GMAC is the live fast, die young of MACs, while KMAC > is slow and conservative. IMO GMAC should not be used outside of GCM. > > — Neil > > On 13 Dec 2024, at 21:39, Brian Sipos <[email protected]> wrote: > > > All, > A real first personal draft of adding GMAC and KMAC into the COSE and JOSE > ecosystems has now been created, linked below. Thanks to John and Russ for > earlier feedback. > I think this document is actually in good enough shape to start creating > some examples using a library such as pycose. If there are any > recommendations or other feedback please let me know. > Brian S. > > ---------- Forwarded message --------- > From: <[email protected]> > Date: Thu, Dec 12, 2024 at 10:41 PM > Subject: New Version Notification for draft-sipos-cose-gmac-kmac-00.txt > To: Brian Sipos <[email protected]> > > > A new version of Internet-Draft draft-sipos-cose-gmac-kmac-00.txt has been > successfully submitted by Brian Sipos and posted to the > IETF repository. > > Name: draft-sipos-cose-gmac-kmac > Revision: 00 > Title: GMAC and KMAC for COSE and JOSE > Date: 2024-12-12 > Group: Individual Submission > Pages: 12 > URL: > https://www.ietf.org/archive/id/draft-sipos-cose-gmac-kmac-00.txt > Status: https://datatracker.ietf.org/doc/draft-sipos-cose-gmac-kmac/ > HTML: > https://www.ietf.org/archive/id/draft-sipos-cose-gmac-kmac-00.html > HTMLized: https://datatracker.ietf.org/doc/html/draft-sipos-cose-gmac-kmac > > > Abstract: > > This document registers JOSE and COSE algorithm code points for using > two new Message Authentication Code (MAC) algorithm families. One is > the Advanced Encryption Standard (AES) in Galois/Counter Mode (GCM) > to generate a MAC (AES-GMAC), the other is the SHA-3-derived Keccak > MAC (KMAC). > > > > The IETF Secretariat > > > _______________________________________________ > jose mailing list -- [email protected] > To unsubscribe send an email to [email protected] > >
_______________________________________________ jose mailing list -- [email protected] To unsubscribe send an email to [email protected]
