Use of Hybrid Public-Key Encryption (HPKE) with CBOR Object Signing and Encryption (COSE)Arm Limitedhannes.tschofenig@arm.comVigil Security, LLChousley@vigilsec.comArm LimitedBrendan.Moran@arm.com
Security
COSEInternet-DraftThis specification defines hybrid public-key encryption (HPKE) for use with
CBOR Object Signing and Encryption (COSE).Hybrid public-key encryption (HPKE) is a scheme that
provides public key encryption of arbitrary-sized plaintexts given a
recipient’s public key. HPKE utilizes a non-interactive ephemeral-static
Diffie-Hellman exchange to establish a shared secret, which is then used to
encrypt plaintext.The HPKE specification defines several features for use with public key encryption
and a subset of those features is applied to COSE . Since COSE provides
constructs for authenticcation, those are not re-used from the HPKE specification.
This specification uses the “base” mode (as it is called in HPKE specification
language).The key words “MUST”, “MUST NOT”, “REQUIRED”, “SHALL”, “SHALL NOT”, “SHOULD”,
“SHOULD NOT”, “RECOMMENDED”, “NOT RECOMMENDED”, “MAY”, and “OPTIONAL” in this
document are to be interpreted as described in BCP 14
when, and only when, they appear in all capitals, as shown here.This specification uses the following abbreviations and terms:
- Content-encryption key (CEK), a term defined in RFC 2630 .
- Hybrid Public Key Encryption (HPKE) is defined in .
- pkR is the public key of the recipient, as defined in .
- skR is the private key of the recipient, as defined in .The CDDL for the COSE_Encrypt structure, as used with this specification,
is shown in . The structures referenced below are found in the CDDL.HPKE, when used with COSE, follows a three layer structure:Layer 0 (corresponding to the COSE_Encrypt structure) contains content encrypted
with the CEK. This ciphertext may be detached. If not detached, then it is included
in the COSE_Encrypt structure.Layer 1 (see COSE_recipient_outer structure) includes the encrypted CEK.Layer 2 (in the COSE_recipient_inner structure) contains parameters needed for
HPKE to generate a shared secret used to encrypt the CEK from layer 1.The COSE_recipient_outer structure shown in includes the
encrypted CEK (in the encCEK structure) and the COSE_recipient_inner structure,
also shown in , contains the ephemeral public key
(in the unprotected structure).The SealBase(pkR, info, aad, pt) function is used to encrypt a plaintext pt to
a recipient’s public key (pkR). For use in this specification, the plaintext
“pt” passed into the SealBase is the CEK. The CEK is a random byte sequence of
length appropriate for the encryption algorithm selected in layer 0. For example,
AES-128-GCM requires a 16 byte key and the CEK would therefore be 16 bytes long.The “info” parameter can be used to influence the generation of keys and the
“aad” parameter provides additional authenticated data to the AEAD algorithm
in use. If successful, SealBase() will output a ciphertext “ct” and an encapsulated
key “enc”. The content of enc is the ephemeral public key.The content of the info parameter is based on the ‘COSE_KDF_Context’ structure,
which is detailed in .The recipient will use the OpenBase(enc, skR, info, aad, ct) function with the enc and
ct parameters received from the sender. The “aad” and the “info” parameters are obtained
via the context of the usage.The OpenBase function will, if successful, decrypt “ct”. When decrypted, the result
will be the CEK. The CK is the symmetric key used to decrypt the ciphertext in the
COSE_Encrypt structure.This specification re-uses the context information structure defined in
for use with the HPKE algorithm. This payload becomes the content
of the info parameter for the HPKE functions. For better readability of this specification
the COSE_KDF_Context structure is repeated in .Since this specification may be used in a number of different deployment environments
flexibility for populating the fields in the COSE_KDF_Context structure is provided.For better interoperability, the following recommended settings
are provided:PartyUInfo.identity corresponds to the kid found in the
COSE_Sign_Tagged or COSE_Sign1_Tagged structure (when a digital
signature is used). When utilizing a MAC, then the kid is found in
the COSE_Mac_Tagged or COSE_Mac0_Tagged structure.PartyVInfo.identity corresponds to the kid used for the respective
recipient from the inner-most recipients array.The value in the AlgorithmID field corresponds to the alg parameter
in the protected structure in the inner-most recipients array.keyDataLength is set to the number of bits of the desired output value.protected refers to the protected structure of the inner-most array.An example of the COSE_Encrypt structure using the HPKE scheme is
shown in . It uses the following algorithm
combination:AES-GCM-128 for encryption of detached ciphertext.AES-GCM-128 for encryption of the CEK.Key Encapsulation Mechanism (KEM): NIST P-256Key Derivation Function (KDF): HKDF-SHA256This specification is based on HPKE and the security considerations of HPKE
are therefore applicable also to this specification.HPKE assumes that the sender is in possession of the public key of the recipient.
A system using HPKE COSE has to assume the same assumptions and public key distribution
mechanism is assumed to exist.Since the CEK is randomly generated it must be ensured that the guidelines for
random number generations are followed, see .The SUIT_Encryption_Info structure shown in this document does not provide
authentication. Hence, the SUIT_Encryption_Info structure has to be used in
combination with other COSE constructs, such as the COSE_Sign or COSE_Sign1.This document requests IANA to create new entries in the COSE Algorithms
registry established with .Key words for use in RFCs to Indicate Requirement LevelsIn many standards track documents several words are used to signify the requirements in the specification. These words are often capitalized. This document defines these words as they should be interpreted in IETF documents. This document specifies an Internet Best Current Practices for the Internet Community, and requests discussion and suggestions for improvements.Ambiguity of Uppercase vs Lowercase in RFC 2119 Key WordsRFC 2119 specifies common key words that may be used in protocol specifications. This document aims to reduce the ambiguity by clarifying that only UPPERCASE usage of the key words have the defined special meanings.Hybrid Public Key EncryptionCiscoInriaInriaCloudflare This document describes a scheme for hybrid public-key encryption
(HPKE). This scheme provides a variant of public-key encryption of
arbitrary-sized plaintexts for a recipient public key. It also
includes three authenticated variants, including one which
authenticates possession of a pre-shared key, and two optional ones
which authenticate possession of a KEM private key. HPKE works for
any combination of an asymmetric key encapsulation mechanism (KEM),
key derivation function (KDF), and authenticated encryption with
additional data (AEAD) encryption function. Some authenticated
variants may not be supported by all KEMs. We provide instantiations
of the scheme using widely used and efficient primitives, such as
Elliptic Curve Diffie-Hellman key agreement, HKDF, and SHA2.
This document is a product of the Crypto Forum Research Group (CFRG)
in the IRTF.
CBOR Object Signing and Encryption (COSE)Concise Binary Object Representation (CBOR) is a data format designed for small code size and small message size. There is a need for the ability to have basic security services defined for this data format. This document defines the CBOR Object Signing and Encryption (COSE) protocol. This specification describes how to create and process signatures, message authentication codes, and encryption using CBOR for serialization. This specification additionally describes how to represent cryptographic keys using CBOR.Randomness Improvements for Security ProtocolsRandomness is a crucial ingredient for Transport Layer Security (TLS) and related security protocols. Weak or predictable "cryptographically secure" pseudorandom number generators (CSPRNGs) can be abused or exploited for malicious purposes. An initial entropy source that seeds a CSPRNG might be weak or broken as well, which can also lead to critical and systemic security problems. This document describes a way for security protocol implementations to augment their CSPRNGs using long-term private keys. This improves randomness from broken or otherwise subverted CSPRNGs.This document is a product of the Crypto Forum Research Group (CFRG) in the IRTF.Cryptographic Message SyntaxThis document describes the Cryptographic Message Syntax. This syntax is used to digitally sign, digest, authenticate, or encrypt arbitrary messages. [STANDARDS-TRACK]TBD: Add your name here.