Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

No reference to each suit-cose-profiles #356

Open
kentakayama opened this issue Sep 6, 2023 · 3 comments
Open

No reference to each suit-cose-profiles #356

kentakayama opened this issue Sep 6, 2023 · 3 comments
Assignees
@dthaler
Labels
ready to close

Comments

@kentakayama
Copy link
Contributor

draft-ietf-suit-mti-02 has replaced two profiles we depends.

before -01 => after -02
suit-sha256-es256-ecdh-a128gcm suit-sha256-ecdsa-ecdh-a128ctr
suit-sha256-eddsa-ecdh-a128gcm suit-sha256-eddsa-ecdh-a128ctr

Should we replace each of them?
@kentakayama
Copy link
Contributor Author

@hannestschofenig commented on SUIT ML related to this topic.
The document may re-define suit-sha256-es256-ecdh-a128gcm as [-16, -7, -25, 1] in the future.

https://mailarchive.ietf.org/arch/msg/suit/UksL5L8CuUAcSpU13LSe1kF13HE/

Hi all,

I just realized that the SUIT MTI draft needs to create two versions of the profiles, namely one with

  • an AEAD cipher for use with regular software, configuration data, personalization data, etc. (as used in TEEP). Some IoT devices will also utilize algorithms from this category.
  • Confidentiality-only ciphers. The SUIT MTI draft refers to AES-CTR in the algorithm recommendations.
    The document must also mention that AES-CTR and AES-CBC have to be used only when needed by the use case described in the firmware encryption draft. AEAD ciphers are the default choice.

dthaler added a commit that referenced this issue Sep 27, 2023
@dthaler
Update suit cose profiles
7bf2045 
Addresses #356

Signed-off-by: Dave Thaler <dthaler@microsoft.com>
@dthaler dthaler mentioned this issue Sep 27, 2023
Merged
@dthaler dthaler self-assigned this Sep 27, 2023
@dthaler dthaler mentioned this issue Sep 27, 2023
Merged
@mingpeiwk
Copy link
Collaborator

Noted a typo in the original description:
"suit-sha256-ecdsa-ecdh-a128ctr" should be "suit-sha256-es256-ecdh-a128ctr"

@mingpeiwk
Copy link
Collaborator

@kentakayama Was it a replacement of GCM with CTR or the additional profiles allowed?

dthaler added a commit that referenced this issue Nov 4, 2023
@dthaler
Update suit cose profiles
5b7b43f 
Addresses #356

Signed-off-by: Dave Thaler <dthaler@microsoft.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@dthaler dthaler

Labels
ready to close
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@dthaler @mcd500 @mingpeiwk @kentakayama