W3C home > Mailing lists > Public > public-webcrypto@w3.org > May 2012

[W3C Web Crypto WG] Deciding the algorithms supported by the API

From: GALINDO Virginie <Virginie.GALINDO@gemalto.com>
Date: Tue, 15 May 2012 16:49:10 +0200
To: "public-webcrypto@w3.org" <public-webcrypto@w3.org>
Message-ID: <1126F161F6F1B24FABD92B850CAFBD6E0102BDE8CEF4@CROEXCFWP04.gemalto.com>
Dear all,

Lets try to decide which algorithms the WG API should support. We can make this decision on the basis that we are not trying to target a specific market, but rather trying to make the life easier of any developer thinking about any application. As a consequence we should stick to the state of the art in terms of advanced algorithms, but also state of the art in terms of current implementations.

We had a proposal coming from Microsoft (which is not participant at the moment) based on current JSON work which can be used as a strawman. What do you think ?

Regards,
Virginie
gemalto


For signing/MAC:
   +--------------------+----------------------------------------------+
   | Alg Parameter      | Algorithm                                    |
   | Value              |                                              |
   +--------------------+----------------------------------------------+
   | HS256              | HMAC using SHA-256 hash algorithm            |
   | HS384              | HMAC using SHA-384 hash algorithm            |
   | HS512              | HMAC using SHA-512 hash algorithm            |
   | RS256              | RSA using SHA-256 hash algorithm             |
   | RS384              | RSA using SHA-384 hash algorithm             |
   | RS512              | RSA using SHA-512 hash algorithm             |
   | ES256              | ECDSA using P-256 curve and SHA-256 hash     |
   |                    | algorithm                                    |
   | ES384              | ECDSA using P-384 curve and SHA-384 hash     |
   |                    | algorithm                                    |
   | ES512              | ECDSA using P-521 curve and SHA-512 hash     |
   |                    | algorithm                                    |
   | none               | No digital signature or HMAC value included  |
   +--------------------+----------------------------------------------+

For key encryption:

   +-----------+-------------------------------------------------------+

   | alg       | Encryption Algorithm                                  |

   | Parameter |                                                       |

   | Value     |                                                       |

   +-----------+-------------------------------------------------------+

   | RSA1_5    | RSA using RSA-PKCS1-1.5 padding, as defined in RFC    |

   |           | 3447 [RFC3447<http://tools.ietf.org/html/rfc3447>]                                        |

   | RSA-OAEP  | RSA using Optimal Asymmetric Encryption Padding       |

   |           | (OAEP), as defined in RFC 3447<http://tools.ietf.org/html/rfc3447> [RFC3447<http://tools.ietf.org/html/rfc3447>]              |

   | ECDH-ES   | Elliptic Curve Diffie-Hellman Ephemeral Static, as    |

   |           | defined in RFC 6090<http://tools.ietf.org/html/rfc6090> [RFC6090<http://tools.ietf.org/html/rfc6090>], and using the Concat   |

   |           | KDF, as defined in [NIST-800-56A<http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-01#ref-NIST-800-56A<http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-01>>], where the Digest   |

   |           | Method is SHA-256 and all OtherInfo parameters are    |

   |           | the empty bit string                                  |

   | A128KW    | Advanced Encryption Standard (AES) Key Wrap Algorithm |

   |           | using 128 bit keys, as defined in RFC 3394<http://tools.ietf.org/html/rfc3394> [RFC3394<http://tools.ietf.org/html/rfc3394>]  |

   | A256KW    | Advanced Encryption Standard (AES) Key Wrap Algorithm |

   |           | using 256 bit keys, as defined in RFC 3394<http://tools.ietf.org/html/rfc3394> [RFC3394<http://tools.ietf.org/html/rfc3394>]  |

   +-----------+-------------------------------------------------------+


For block encryption:

   +-----------+-------------------------------------------------------+

   | enc       | Symmetric Encryption Algorithm                        |

   | Parameter |                                                       |

   | Value     |                                                       |

   +-----------+-------------------------------------------------------+

   | A128CBC   | Advanced Encryption Standard (AES) using 128 bit keys |

   |           | in Cipher Block Chaining mode using PKCS #5 padding,  |

   |           | as defined in [FIPS-197<http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-01#ref-FIPS-197<http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-01>>] and [NIST-800-38A<http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-01#ref-NIST-800-38A<http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-01>>]           |

   | A256CBC   | Advanced Encryption Standard (AES) using 256 bit keys |

   |           | in Cipher Block Chaining mode using PKCS #5 padding,  |

   |           | as defined in [FIPS-197<http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-01#ref-FIPS-197<http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-01>>] and [NIST-800-38A<http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-01#ref-NIST-800-38A<http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-01>>]           |

   | A128GCM   | Advanced Encryption Standard (AES) using 128 bit keys |

   |           | in Galois/Counter Mode, as defined in [FIPS-197<http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-01#ref-FIPS-197<http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-01>>] and  |

   |           | [NIST-800-38D<http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-01#ref-NIST-800-38D<http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-01>>]                                        |

   | A256GCM   | Advanced Encryption Standard (AES) using 256 bit keys |

   |           | in Galois/Counter Mode, as defined in [FIPS-197<http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-01#ref-FIPS-197<http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-01>>] and  |

   |           | [NIST-800-38D<http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-01#ref-NIST-800-38D<http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-01>>]                                        |

   +-----------+-------------------------------------------------------+


Virginie
gemalto
Received on Tuesday, 15 May 2012 14:49:42 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Wednesday, 16 May 2012 18:59:57 GMT