On Thu, Jul 03, 2025 at 12:33:40PM +0530, tirumal reddy wrote: > Thanks for the detailed feedback. I raised a PR > https://github.com/tireddy2/PQC_JOSE_COSE/pull/11 to address your comments, > please have a look.
AKP can not be used with Direct Key Agreement algorithms in JOSE due to causing serious operational issues with no workarounds. In COSE, there are workarounds, but using AKP with DKA still causes operational issues. The correct kty for ML-KEM keys in COSE and JOSE is OKP (yes, it looks a bit odd). Then the KDF seems to be busted, as it does not seem to mix in the context information. While many fields of standard COSE/JOSE context info are useless (especially the PartyU/PartyV ones), there are still some critical ones. Specifically, for COSE, AlgorithmID, keyDataLength and protected are critical. For JOSE, AlgorithmID and SuppPubInfo are critical. Then, the private context info goes to SuppPrivInfo. -Ilari _______________________________________________ jose mailing list -- [email protected] To unsubscribe send an email to [email protected]
