You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The derivation of application_traffic_secret_N+1 looks complicated to me. I don't see a need to use SealBase and OpenBase.
We could use HPKE encap and decap functions to solve the problem. The secret from the encap function can be used as input to the HKDF-Expand-Label to derive application_traffic_secret_N+1.
a) The server generates pkR and skR
b) The client will receive pkR from the server.
c) Client uses Encap
shared_secret, enc = Encap(pkR)
d) Client sends enc to server
e) The server uses Decap
shared_secret = Decap(enc, skR)
The derivation of application_traffic_secret_N+1 looks complicated to me. I don't see a need to use SealBase and OpenBase.
We could use HPKE encap and decap functions to solve the problem. The secret from the encap function can be used as input to the HKDF-Expand-Label to derive application_traffic_secret_N+1.
a) The server generates pkR and skR
b) The client will receive pkR from the server.
c) Client uses Encap
shared_secret, enc = Encap(pkR)
d) Client sends enc to server
e) The server uses Decap
shared_secret = Decap(enc, skR)
application_traffic_secret_N+1 =
HKDF-Expand-Label(shared_secret,
"traffic up2", application_traffic_secret_N, Hash.length)
The proposed approach in future will also be compatible with PQC KEM.
The text was updated successfully, but these errors were encountered: