Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Requirement about key wrapping #2511

Open
randomstuff opened this issue Jan 8, 2025 · 3 comments
Open

Requirement about key wrapping #2511

randomstuff opened this issue Jan 8, 2025 · 3 comments
Labels
1) Discussion ongoing Issue is opened and assigned but no clear proposal yet AppendixV Appendix with crypto details _5.0 - Not blocker This issue does not block 5.0 so if it gets addressed then great, if not then fine.

Comments

@randomstuff
Copy link
Contributor

Received this feedback form Bart Preneel:

I would add a note stating that a symmetric key should always be wrapped by a key of at least the same length in bits.
@tghosth
Copy link
Collaborator

tghosth commented Jan 8, 2025

@randomstuff where would this fit in? Does this need to be a requirement?

@tghosth tghosth added 1) Discussion ongoing Issue is opened and assigned but no clear proposal yet _5.0 - Not blocker This issue does not block 5.0 so if it gets addressed then great, if not then fine. AppendixV Appendix with crypto details labels Jan 8, 2025
@randomstuff
Copy link
Contributor Author

@tghosth: I don't know :)

Very-strawman proposal:

6.4.X Verify that when a symmetric key is encrypted by another key, this key encryption key has at least as much entropy as the protected key.

Questions:

  • Do we need to say "key wrap" or is my wording OK?
  • I said "when symmetric key is encrypted" but I think this should apply to private keys as well, isn't it?
  • I replaced "least the same length in bit" by "at least as much entropy", is this OK?

@tghosth
Copy link
Collaborator

tghosth commented Jan 16, 2025

I think keep this in the appendix as it is more of an implementation detail...

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
1) Discussion ongoing Issue is opened and assigned but no clear proposal yet AppendixV Appendix with crypto details _5.0 - Not blocker This issue does not block 5.0 so if it gets addressed then great, if not then fine.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@randomstuff @tghosth