- From: GALINDO Virginie <Virginie.GALINDO@gemalto.com>
- Date: Tue, 15 May 2012 16:49:10 +0200
- To: "public-webcrypto@w3.org" <public-webcrypto@w3.org>
- Message-ID: <1126F161F6F1B24FABD92B850CAFBD6E0102BDE8CEF4@CROEXCFWP04.gemalto.com>
Dear all, Lets try to decide which algorithms the WG API should support. We can make this decision on the basis that we are not trying to target a specific market, but rather trying to make the life easier of any developer thinking about any application. As a consequence we should stick to the state of the art in terms of advanced algorithms, but also state of the art in terms of current implementations. We had a proposal coming from Microsoft (which is not participant at the moment) based on current JSON work which can be used as a strawman. What do you think ? Regards, Virginie gemalto For signing/MAC: +--------------------+----------------------------------------------+ | Alg Parameter | Algorithm | | Value | | +--------------------+----------------------------------------------+ | HS256 | HMAC using SHA-256 hash algorithm | | HS384 | HMAC using SHA-384 hash algorithm | | HS512 | HMAC using SHA-512 hash algorithm | | RS256 | RSA using SHA-256 hash algorithm | | RS384 | RSA using SHA-384 hash algorithm | | RS512 | RSA using SHA-512 hash algorithm | | ES256 | ECDSA using P-256 curve and SHA-256 hash | | | algorithm | | ES384 | ECDSA using P-384 curve and SHA-384 hash | | | algorithm | | ES512 | ECDSA using P-521 curve and SHA-512 hash | | | algorithm | | none | No digital signature or HMAC value included | +--------------------+----------------------------------------------+ For key encryption: +-----------+-------------------------------------------------------+ | alg | Encryption Algorithm | | Parameter | | | Value | | +-----------+-------------------------------------------------------+ | RSA1_5 | RSA using RSA-PKCS1-1.5 padding, as defined in RFC | | | 3447 [RFC3447<http://tools.ietf.org/html/rfc3447>] | | RSA-OAEP | RSA using Optimal Asymmetric Encryption Padding | | | (OAEP), as defined in RFC 3447<http://tools.ietf.org/html/rfc3447> [RFC3447<http://tools.ietf.org/html/rfc3447>] | | ECDH-ES | Elliptic Curve Diffie-Hellman Ephemeral Static, as | | | defined in RFC 6090<http://tools.ietf.org/html/rfc6090> [RFC6090<http://tools.ietf.org/html/rfc6090>], and using the Concat | | | KDF, as defined in [NIST-800-56A<http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-01#ref-NIST-800-56A<http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-01>>], where the Digest | | | Method is SHA-256 and all OtherInfo parameters are | | | the empty bit string | | A128KW | Advanced Encryption Standard (AES) Key Wrap Algorithm | | | using 128 bit keys, as defined in RFC 3394<http://tools.ietf.org/html/rfc3394> [RFC3394<http://tools.ietf.org/html/rfc3394>] | | A256KW | Advanced Encryption Standard (AES) Key Wrap Algorithm | | | using 256 bit keys, as defined in RFC 3394<http://tools.ietf.org/html/rfc3394> [RFC3394<http://tools.ietf.org/html/rfc3394>] | +-----------+-------------------------------------------------------+ For block encryption: +-----------+-------------------------------------------------------+ | enc | Symmetric Encryption Algorithm | | Parameter | | | Value | | +-----------+-------------------------------------------------------+ | A128CBC | Advanced Encryption Standard (AES) using 128 bit keys | | | in Cipher Block Chaining mode using PKCS #5 padding, | | | as defined in [FIPS-197<http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-01#ref-FIPS-197<http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-01>>] and [NIST-800-38A<http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-01#ref-NIST-800-38A<http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-01>>] | | A256CBC | Advanced Encryption Standard (AES) using 256 bit keys | | | in Cipher Block Chaining mode using PKCS #5 padding, | | | as defined in [FIPS-197<http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-01#ref-FIPS-197<http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-01>>] and [NIST-800-38A<http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-01#ref-NIST-800-38A<http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-01>>] | | A128GCM | Advanced Encryption Standard (AES) using 128 bit keys | | | in Galois/Counter Mode, as defined in [FIPS-197<http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-01#ref-FIPS-197<http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-01>>] and | | | [NIST-800-38D<http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-01#ref-NIST-800-38D<http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-01>>] | | A256GCM | Advanced Encryption Standard (AES) using 256 bit keys | | | in Galois/Counter Mode, as defined in [FIPS-197<http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-01#ref-FIPS-197<http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-01>>] and | | | [NIST-800-38D<http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-01#ref-NIST-800-38D<http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-01>>] | +-----------+-------------------------------------------------------+ Virginie gemalto
Received on Tuesday, 15 May 2012 14:49:42 UTC