draft-thomson-ppm-prss-00 5.1: Why include `Npk` and `Nenc` in `LabeledExtract`?

private-attribution / i-d

Interoperable Private Attributions Internet Drafts

Other

3 stars 3 forks source link

draft-thomson-ppm-prss-00 5.1: Why include `Npk` and `Nenc` in `LabeledExtract`? #27

Closed tgeoghegan closed 3 months ago

tgeoghegan commented 3 months ago

Section 5.1 instructs implementations to include the Npk and Nenc values in the label used to extract entropy from a shared secret. These values are constant parameters of the KEM in use, whose unique ID is already in the label. So why include them? Seems like this just introduces the risk of implementations getting this wrong.

martinthomson commented 3 months ago

I doubt that this will result in an interoperability problem (this is stuff that you have to be careful with anyway), but I do agree that this is redundant. Absent objections, I'll remove this.