[Openid-specs-ab] Changes to the JOSE use of the Concat KDF to add additional inputs

Mike Jones Michael.Jones at microsoft.com
Wed Aug 29 00:51:41 UTC 2012


Updated sample Concat KDF inputs and outputs are attached.  Previously the Concat inputs for each hash round were:

*        Round number

*        Content Master Key

*        ASCII label ("Encryption" or "Integrity")

Now the hash inputs for each hash round are:

*        Round number

*        Content Master Key

*        Output length in bits

*        ASCII "enc" parameter value

*        ASCII label ("Encryption" or "Integrity")

Note that the former "enc", "int", and "kdf" parameters are being combined into a single composite "enc" parameter.  The defined values for it will be "A128CBC+HS256", "A256CBC+HS512", "A128GCM", and "A256GCM" (no change for the latter two).  There's one example each for the first two composite algorithms.

Also note that the HMAC SHA-512 hash function is used in second case.  (Previously, HMAC SHA-256 was always used.)

Let me know if any of this is unclear, or if you want to provide other feedback, please let me know.  I'll be producing encryption examples using these values next.

It would be *great* if one or more of you could verify that you can reproduce these results.

                                                            Thanks again,
                                                            -- Mike

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20120829/355394f6/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: KeyDerivation.log
Type: application/octet-stream
Size: 3664 bytes
Desc: KeyDerivation.log
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20120829/355394f6/attachment-0001.obj>


More information about the Openid-specs-ab mailing list