ietf-smime
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[smime] New ID of possible interest

2011-04-21 09:09:30
from [Herzog, Jonathan - 0668 - MITLL] [Permanent Link] 
I would like to inform the SMIME working group of a newly-submitted
Internet Draft that may be of interest:


 The With-MAC key-wrapping algorithm for Cryptographic Message Syntax

  draft-herzog-withmac-keywrap-00

Abstract:

   This document describes a new key-wrapping algorithm to be used in
   the EnvelopedData, AuthenticatedData and AuthEnvelopedData structures
   of the Cryptographic Message Syntax.  Because these structures do not
   provide data-origin authentication, a recipient cannot
   cryptographically verify that the plaintext received was the
   plaintext encapsulated by the message's original sender.  The With-
   MAC key-wrapping algorithm allows an EncryptedKey value to hold both
   a wrapped symmetric key and a MAC value on the data to be
   authenticated.  When used in EnvelopedData, AuthenticatedData and
   AuthEnvelopedData structures, therefore, these structures can achieve
   data-origin authentication (in some circumstances) using only
   symmetric-key algorithms.


https://datatracker.ietf.org/doc/draft-herzog-withmac-keywrap/


A side note: this draft should probably be read in combination with our 
previous draft on static-static ECDH 
(https://datatracker.ietf.org/doc/draft-herzog-static-ecdh/). That draft 
described how a sender might use a certified ECDH key to create an 
EnvelopedData structure (for example). It is unclear, however, how such a 
sender could also provide data-origin authentication without using digital 
signatures. However, that requires a certified signature-capable key, something 
they may not have. This draft provides an alternate approach-- the sender 
provides a MAC value for each recipient.

We welcome all comments and reviews.

Thank you.

-- 
Jonathan Herzog                                                 voice:  (781) 
981-2356
Technical Staff                                                 fax:    (781) 
981-7687
Cyber Systems and Technology Group              email:  
jherzog(_at_)ll(_dot_)mit(_dot_)edu
MIT Lincoln Laboratory                                  www:    
http://www.ll.mit.edu/CST/
244 Wood Street    
Lexington, MA 02420-9185

Attachment: smime.p7s
Description: S/MIME cryptographic signature

_______________________________________________
smime mailing list
smime(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/smime
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
  • [smime] New ID of possible interest, Herzog, Jonathan - 0668 - MITLL <=
Previous by Date:  [smime] Fwd: RFC 6162 on Elliptic Curve Algorithms for Cryptographic Message Syntax (CMS) Asymmetric Key Package Content Type, Paul Hoffman
Next by Date:  [smime] Fwd: Document Action: 'Suite B in Secure/Multipurpose Internet Mail Extensions (S/MIME)' to Informational RFC (draft-housley-rfc5008bis-01.txt), Sean Turner
Previous by Thread:  [smime] Fwd: RFC 6162 on Elliptic Curve Algorithms for Cryptographic Message Syntax (CMS) Asymmetric Key Package Content Type, Paul Hoffman
Next by Thread:  [smime] Fwd: Document Action: 'Suite B in Secure/Multipurpose Internet Mail Extensions (S/MIME)' to Informational RFC (draft-housley-rfc5008bis-01.txt), Sean Turner
Indexes:  [Date] [Thread] [Top] [All Lists]