FYI the respective PR that reverted to use "dir" is https://github.com/tireddy2/JOSE_HPKE/pull/23/files
S pozdravem, *Filip Skokan* On Tue, 11 Jun 2024 at 10:09, Filip Skokan <[email protected]> wrote: > I've previously pushed exactly this narrative as well and managed to > convince the authors about it. But alas before the latest ID this was > reverted to use dir again. > > - Filip > > 11. 6. 2024 v 9:44, Neil Madden <[email protected]>: > > > > > On 10 Jun 2024, at 22:30, Orie Steele <[email protected]> wrote: > > > Brian wrote: > > > The 'dir" Key Management algorithm for JWE is defined in JWA as Direct > Encryption with a Shared Symmetric Key, which is not what's happening with > that HPKE Direct Encryption mode. > > > This section defines the specifics of directly performing symmetric > key encryption without performing a key wrapping step. In this case, > the shared symmetric key is used directly as the Content Encryption > Key (CEK) value for the "enc" algorithm. > > https://www.rfc-editor.org/rfc/rfc7518.html#section-4.5 > > It is true that when 7518 was written, "alg : dir" only had one meaning, > for example: > > https://datatracker.ietf.org/doc/html/rfc7520#section-5.6 > > In the case of "HPKE Direct Encryption", consider the single shot APIs: > > https://datatracker.ietf.org/doc/html/rfc9180#name-single-shot-apis > > Instead of seeing: > > { > "alg": "dir", > "kid": "77c7e2b8-6e13-45cf-8672-617b5b45243a", > "enc": "A128GCM" > } > > You would see: > > { > "alg": "dir", > "kid": "77c7e2b8-6e13-45cf-8672-617b5b45243a", > "enc": "HPKE-Base-P256-SHA256-A128GCM" > } > > > This is a total nonstarter. “Dir” with any “enc” value currently provides > symmetric *authenticated encryption*. You cannot just change this to > suddenly provide public key unauthenticated encryption. That is an enormous > change in security properties that will absolutely lead to vulnerabilities. > > — Neil > _______________________________________________ > jose mailing list -- [email protected] > To unsubscribe send an email to [email protected] > >
_______________________________________________ jose mailing list -- [email protected] To unsubscribe send an email to [email protected]
