Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Externally Supplied AAD only processed at layer 0 #23

Open
hannestschofenig opened this issue Mar 16, 2023 · 1 comment
Open

Externally Supplied AAD only processed at layer 0 #23

hannestschofenig opened this issue Mar 16, 2023 · 1 comment

Comments

@hannestschofenig
Copy link
Collaborator

Laurence wrote:

However, it doesn’t seem so strongly stated in 9052 that we couldn’t consider an alternative. If I understand correctly Illari recently suggested that external_aad be an empty bstr in COSE_Recipients.

I see some implementation benefits to this. The Externally Supplied AAD would only be processed at layer 0 and wouldn't have to be passed to COSE_Recipient creation saving some code. Theoretically, Externally Supplied AAD can be large which means you have to either have a buffer to hold the entire Enc_structure. While you can’t avoid this at layer 0 it might be nice to avoid it at layer 1.

I don’t see a security issue here. The Externally Supplied AAD is covered just fine at layer 0.

We could specify this only for HPKE.

I don’t think this is a big deal either way and what’s in the -04 draft is OK, but thought I’d bring up the alternative.

Also, It seems like there should be Errata for 9052 here. It could say either it is always Externally Supplied AAD, always an empty bstr or it varies with the key distribution method.

@OR13
Copy link
Contributor

OR13 commented Oct 10, 2023

@hannestschofenig whats your opinion on the relationship of this issue to #25

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants