Convenience and security of one key pair for Diffie-Hellman and signing

core-wg / oscore-groupcomm

Other

1 stars 1 forks source link

Convenience and security of one key pair for Diffie-Hellman and signing #72

Closed marco-tiloca-sics closed 3 years ago

marco-tiloca-sics commented 3 years ago

Elaborate on the convenience together with the security [DeGabriele] of using the same key pair for Diffie-Hellman (in pairwise mode) and for signing (in group mode). This can extend the text in Section 10.13 "Cryptographic Considerations".

[DeGabriele] Degabriele, J., Lehmann, A., Paterson, K., Smart, N., and M. Strefler, "On the Joint Security of Encryption and Signature in EMV", December 2011. https://eprint.iacr.org/2011/615

marco-tiloca-sics commented 3 years ago

Addressed in https://github.com/core-wg/oscore-groupcomm/commit/1fe710c720aab07b50af876d17e9fa72a55efc18 and https://github.com/core-wg/oscore-groupcomm/commit/92122dc8952d364f69f99b490f7afd5d1d20753f

marco-tiloca-sics commented 3 years ago

This was addressed in v -12 through the commits above, building on [1] and adapting the derivation of pairwise keys accordingly. Followed-up by issue #73

[1] https://eprint.iacr.org/2021/509