Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Use HPKE #220

Open
wants to merge 29 commits into
base: formatv2
Choose a base branch
from
Open

Use HPKE #220

wants to merge 29 commits into from

Conversation

commial
Copy link
Contributor

@commial commial commented Aug 5, 2024
edited
Loading

Fix #211

This PR:

  • Wrap the DHKEM implementation from https://github.com/rozbb/rust-hpke
  • Add vector tests from RFC9180 to ensure DHKEM is working as expected
  • Use DHKEM instead of the current ECIES computation in Hybrid KEM. As a result, each recipient uses an different ephemeral key, ie. the optimization of using the same ephemeral key for each recipient has been removed. Indeed, the size gain is no more important regarding the size of the MLKEM encapped key, and the implementation is "more standard" this way
  • Implements the KeyScheduling<Mode Base> from RFC 9180 (instead of wrapping the rust-hpke one, for various reasons described in the code)
  • Add vector tests from RFC 9180 to ensure the KeyScheduling and the nonce computing are working as expected
  • Use compute_nonce from RFC 9180 to compute the nonce for each chunk in the Encrypt layer, replacing the STREAM implementation
  • Use HPKE (Hybrid KEM=0x1020, HKDF-SHA512, AES-256-GCM) to derive the key and nonce for the Encrypt layer
  • Use HPKE (Hybrid KEM-recipient=0x1120, HKDF-SHA512, AES-256-GCM) to derive the per-recipient key and nonce used in the Hybrid KEM

@commial commial added tests Relative to the testing capabilities refactoring Code refactoring labels Aug 5, 2024
@commial commial added this to the Format v2 milestone Aug 5, 2024
@commial commial changed the base branch from master to formatv2 August 5, 2024 15:21
@commial commial changed the title [WIP] Use HPKE Use HPKE Aug 13, 2024
@commial commial mentioned this pull request Aug 14, 2024
Open
@extiop
Copy link

extiop commented Nov 9, 2024

https://github.com/ANSSI-FR/MLA/actions/runs/11733324529/job/32687339656?pr=220 can't success as hybrid MLA crate is not yet published, but it does not affect other workflows, for instance tests.

@extiop
Copy link

extiop commented Nov 11, 2024

4eaf98d fix #182 for formatv2

@extiop extiop added the github_actions Pull requests that update GitHub Actions code label Nov 12, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
github_actions Pull requests that update GitHub Actions code refactoring Code refactoring tests Relative to the testing capabilities
Projects
None yet
Milestone
Format v2
Development

Successfully merging this pull request may close these issues.

[Format v2] Consider using HPKE (RFC9180)
2 participants
@commial @extiop