Markdown Version | Session Recording

Session Date/Time: 08 Nov 2024 13:00

cose

Summary

This meeting covered several COSE-related drafts, including post-quantum cryptography algorithms, the hash envelope, HPKE security considerations, Merkle mountain range proofs, and a CCF profile for COSE receipts. Key discussions revolved around algorithm agility, the inclusion of context information in key derivation functions, and the interplay between COSE and existing systems.

Key Discussion Points

• Dilithium: Discussion on pre-hashing and separate algorithm identifiers for pre-hashed versions. Working group last call initiated.
• Sphincs: Implementations and test vectors needed.
• Falcon: Waiting for NIST updates.
• Hash Envelope: Presentation on its purpose, the request for IANA allocation of the new labels, and discussion on its use cases compared to other approaches such as EAT and SUIT.
• HPKE: Focus on the "info" parameter, key derivation, and inclusion of algorithm information. A wide variety of options for the construction of the information required as part of key generation were discussed. Concerns were raised about potential attacks due to manipulation of header information.
• Hybrid HPKE: Discussion of combining post-quantum algorithms with established elliptic curve cryptography.
• Merkle Mountain Range Proofs: Presentation on the data structure and its application in COSE receipts. Need to align on profile/individual draft strategy with the CCF profile.
• CCF Profile: Integration of COSE receipts with the Confidential Consortium Framework (CCF).

Decisions and Action Items

• Action Item: Mike ProRock to provide drafts for pre-hashed algorithms for Dilithium.

• Action Item: Steve Lasker to request IANA allocation of tags for the cozy hash envelope.

• Action Item: Gary to suggest text on the list regarding other solutions such as EAT.

• Action Item: Hannes to check and make sure the hash of the payload is not hashed again when it contains a hash-algorithm that already uses hashes.

• Action Item: Reviewers to read and provide feedback on the list:

  • Dilithium
  • Sphincs
  • COSE HPKE KDF draft
  • Merkle mountain range draft (Yogesh, Desh Pandey, Cedric, Peter)
  • CCF profile draft (John, Cetrick)

• Decision: Working group last call initiated for dilithium draft.

• Decision: The implementation of the recommendations made for HPKE should follow a general approach and not a per algorithm approach.

Next Steps

• Authors to update drafts based on feedback.
• Encourage implementations and testing, especially for Sphincs.
• Address open issues and potential security considerations identified in the HPKE discussion.
• Alignment of approach with receipts drafts.