cms interoperability matrix
DESCRIPTION
CMS Interoperability Matrix. Jim Schaad Soaring Hawk Security. Status for RFC 3369. Errata for ASN.1 module Report document is started Signed Data FINISHED Encrypted Data FINISHED. Status for RFC 3370. Key Derivation Algorithms PBKDF2 Message Authentication Code Algorithms - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: CMS Interoperability Matrix](https://reader036.vdocuments.us/reader036/viewer/2022062500/56815a75550346895dc7dd69/html5/thumbnails/1.jpg)
CMS Interoperability Matrix
Jim Schaad
Soaring Hawk Security
![Page 2: CMS Interoperability Matrix](https://reader036.vdocuments.us/reader036/viewer/2022062500/56815a75550346895dc7dd69/html5/thumbnails/2.jpg)
Status for RFC 3369
• Errata for ASN.1 module
• Report document is started
Signed Data– FINISHED
• Encrypted Data– FINISHED
![Page 3: CMS Interoperability Matrix](https://reader036.vdocuments.us/reader036/viewer/2022062500/56815a75550346895dc7dd69/html5/thumbnails/3.jpg)
Status for RFC 3370
• Key Derivation Algorithms– PBKDF2
• Message Authentication Code Algorithms– HMAC with SHA-1
• Need final ruling from IESG if these are blocking advancement.
![Page 4: CMS Interoperability Matrix](https://reader036.vdocuments.us/reader036/viewer/2022062500/56815a75550346895dc7dd69/html5/thumbnails/4.jpg)
Questions
![Page 5: CMS Interoperability Matrix](https://reader036.vdocuments.us/reader036/viewer/2022062500/56815a75550346895dc7dd69/html5/thumbnails/5.jpg)
RSA PSS and CMS
Jim Schaad
Soaring Hawk Security
![Page 6: CMS Interoperability Matrix](https://reader036.vdocuments.us/reader036/viewer/2022062500/56815a75550346895dc7dd69/html5/thumbnails/6.jpg)
Overview
• PSS is a “new” signature algorithm for RSA key pairs
• Parameters– Digest Hash Algorithm (H1)– Internal Hash Algorithm (H2)– Internal Mask Generation Function (MGF)
• MGF Hash Algorithm (H3)
– Salt Length (should be length of H2)
![Page 7: CMS Interoperability Matrix](https://reader036.vdocuments.us/reader036/viewer/2022062500/56815a75550346895dc7dd69/html5/thumbnails/7.jpg)
Requirements
• H1 and H2 SHOULD be the same
• H2 and H3 RECOMMENDED to be the same
![Page 8: CMS Interoperability Matrix](https://reader036.vdocuments.us/reader036/viewer/2022062500/56815a75550346895dc7dd69/html5/thumbnails/8.jpg)
Resolved Issues
• Should key identifier and signature identifier be the same OID– Will be the case for PSS
• PSS Parameter comparison– MUST do comparisons if the parameters are
present in the certificate.
![Page 9: CMS Interoperability Matrix](https://reader036.vdocuments.us/reader036/viewer/2022062500/56815a75550346895dc7dd69/html5/thumbnails/9.jpg)
Questions
![Page 10: CMS Interoperability Matrix](https://reader036.vdocuments.us/reader036/viewer/2022062500/56815a75550346895dc7dd69/html5/thumbnails/10.jpg)
RSA KEM
Jim Schaad
Soaring Hawk Security
for Burt Kaliski
![Page 11: CMS Interoperability Matrix](https://reader036.vdocuments.us/reader036/viewer/2022062500/56815a75550346895dc7dd69/html5/thumbnails/11.jpg)
Algorithm Review
• Generate random value z range 0…n-1
• Encrypt z with recip. pub. key c=E(z)
• Derive a KEK k = KDF(z)
• Encrypt CEK with KEK wk = KEKk(cek)
• EncryptedKeyValue c || wk
![Page 12: CMS Interoperability Matrix](https://reader036.vdocuments.us/reader036/viewer/2022062500/56815a75550346895dc7dd69/html5/thumbnails/12.jpg)
CMS Details
Use key transport option
id-kts2-basic OID ::= { x9-44 schemes(2) kts2-basic(7) }
KTS2-Parms ::= SEQUENCE {
kas [0] KTS2-KeyAgreementScheme,
kws [1] KTS2-SymmetricKeyWrappingScheme,
labelMethod [2] KTS2-LabelMethod
}
![Page 13: CMS Interoperability Matrix](https://reader036.vdocuments.us/reader036/viewer/2022062500/56815a75550346895dc7dd69/html5/thumbnails/13.jpg)
id-kas1-basic OID ::= { x9-44 schemes(2) kas1-basic(1) }
KAS1-Parms ::= SEQUENCE {
sves [0] KAS1-SecretValueEncapsulationScheme,
kdf [1] KAS1-KeyDerivationFunction,
otherInfoMethod [2] KAS1-OtherInfoMethod
}
![Page 14: CMS Interoperability Matrix](https://reader036.vdocuments.us/reader036/viewer/2022062500/56815a75550346895dc7dd69/html5/thumbnails/14.jpg)
Open Issues
• Matching rules on usage
• SMimeCapabilities
• Single ASN.1 module
![Page 15: CMS Interoperability Matrix](https://reader036.vdocuments.us/reader036/viewer/2022062500/56815a75550346895dc7dd69/html5/thumbnails/15.jpg)
Questions
![Page 16: CMS Interoperability Matrix](https://reader036.vdocuments.us/reader036/viewer/2022062500/56815a75550346895dc7dd69/html5/thumbnails/16.jpg)
ESSbis
Jim Schaad
Soaring Hawk Security
![Page 17: CMS Interoperability Matrix](https://reader036.vdocuments.us/reader036/viewer/2022062500/56815a75550346895dc7dd69/html5/thumbnails/17.jpg)
Changes
• Separate the functions of – Receipt Behavior
• id-aa-receiptPolicy
– ML Loop Detection• id-aa-mlExpandHistory
• Rewrite processing rules
• Move id-aa-contentIdentifier and id-aa-contentReference to section 4
![Page 18: CMS Interoperability Matrix](https://reader036.vdocuments.us/reader036/viewer/2022062500/56815a75550346895dc7dd69/html5/thumbnails/18.jpg)
ReceiptPolicy
ReceiptPolicy ::= CHOICE {
none [0] NULL,
insteadOf [1] SEQUENCE SIZE (1..MAX) OF GeneralNames,
inAdditionTo [2] SEQUENCE SIZE (1..MAX) OF GeneralNames }
id-aa-receiptPolicy OBJECT IDENTIFIER ::= {id-aa XX}
![Page 19: CMS Interoperability Matrix](https://reader036.vdocuments.us/reader036/viewer/2022062500/56815a75550346895dc7dd69/html5/thumbnails/19.jpg)
MLAExpandHistory
MLAExpandHistory ::= SEQUENCE
SIZE (1..ub-ml-expansion-history) OF MLAData
id-aa-mlExpandHistory OBJECT IDENTIFIER ::= {id-aa(2) XX}
ub-ml-expansion-history INTEGER ::= 64
MLAData ::= SEQUENCE {
mailListIdentifier EntityIdentifier,
expansionTime GeneralizedTime }
![Page 20: CMS Interoperability Matrix](https://reader036.vdocuments.us/reader036/viewer/2022062500/56815a75550346895dc7dd69/html5/thumbnails/20.jpg)
Status
• First draft to be published next week
• Open questions on some nested cases for receipt processing behavior
• Open questions on MLA attribute propigations
![Page 21: CMS Interoperability Matrix](https://reader036.vdocuments.us/reader036/viewer/2022062500/56815a75550346895dc7dd69/html5/thumbnails/21.jpg)
Questions