Hello Dmytro, thanks for bringing ASCON here, I'm eager to use it in COSE based systems.
There are concrete ASCON products I'd like to use: * The NIST IPD allows the truncation of the tag to 64 bit. (For comparison, the default algorithm used in RFC8613 OSCORE is AES-CCM-16-64-128, which has 64-bit tags). (If NIST still picks up the request from IEEE and others[1] and some more IETFers[2], also 32-bit tags). * Ascon-Hash256 would be a natural choice for combining with Ascon-AEAD into an EDHOC cipher suite (allowing small implementation sizes due to shared primitives of the AEAD and hash). There's probably no hurry to add them to the document now (when the first iteration cycle is rather about hammering out how things fit with COSE and JOSE), but please consider adding the shorter tag parametrization and the hash as the document matures -- those will be most useful together. BR Christian [1]: https://csrc.nist.gov/files/pubs/sp/800/232/ipd/docs/sp800-232-ipd-public-comments-received.pdf [2]: https://csrc.nist.gov/csrc/media/Events/2023/lightweight-cryptography-workshop-2023/documents/accepted-papers/03-proposals-for-standardization-of-ascon-family.pdf -- To use raw power is to make yourself infinitely vulnerable to greater powers. -- Bene Gesserit axiom
signature.asc
Description: PGP signature
_______________________________________________ COSE mailing list -- [email protected] To unsubscribe send an email to [email protected]
