Mathematical Mesh 3.0 Part VIII: Cryptographic Algorithms
draft-hallambaker-mesh-cryptography-07
Network Working Group P. M. Hallam-Baker
Internet-Draft 2 November 2020
Intended status: Informational
Expires: 6 May 2021
Mathematical Mesh 3.0 Part VIII: Cryptographic Algorithms
draft-hallambaker-mesh-cryptography-07
Abstract
The Mathematical Mesh 'The Mesh' is an infrastructure that
facilitates the exchange of configuration and credential data between
multiple user devices and provides end-to-end security. This
document describes the cryptographic algorithm suites used in the
Mesh and the implementation of Multi-Party Encryption and Multi-Party
Key Generation used in the Mesh.
[Note to Readers]
Discussion of this draft takes place on the MATHMESH mailing list
(mathmesh@ietf.org), which is archived at
https://mailarchive.ietf.org/arch/search/?email_list=mathmesh.
This document is also available online at
http://mathmesh.com/Documents/draft-hallambaker-mesh-
cryptography.html.
Status of This Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on 6 May 2021.
Hallam-Baker Expires 6 May 2021 [Page 1]
Internet-Draft Mesh Cryptographic Algorithms November 2020
Copyright Notice
Copyright (c) 2020 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents (https://trustee.ietf.org/
license-info) in effect on the date of publication of this document.
Please review these documents carefully, as they describe your rights
and restrictions with respect to this document.
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3
2. Definitions . . . . . . . . . . . . . . . . . . . . . . . . . 3
2.1. Requirements Language . . . . . . . . . . . . . . . . . . 3
2.2. Defined Terms . . . . . . . . . . . . . . . . . . . . . . 3
2.3. Related Specifications . . . . . . . . . . . . . . . . . 4
2.4. Implementation Status . . . . . . . . . . . . . . . . . . 4
3. Recommended and Required Algorithms . . . . . . . . . . . . . 4
3.1. Mesh Device . . . . . . . . . . . . . . . . . . . . . . . 4
3.2. Constrained Device . . . . . . . . . . . . . . . . . . . 5
4. Multi-Party Cryptography . . . . . . . . . . . . . . . . . . 6
4.1. Application to Diffie Hellman (not normative) . . . . . . 6
4.2. Multi-Party Key Generation . . . . . . . . . . . . . . . 6
4.3. Multi-Party Decryption . . . . . . . . . . . . . . . . . 7
4.4. Mutually Authenticated Key Exchange. . . . . . . . . . . 7
4.5. Implementation . . . . . . . . . . . . . . . . . . . . . 7
4.5.1. Implementation for Ed25519 and Ed448 . . . . . . . . 8
4.5.2. Implementation for X25519 and X448 . . . . . . . . . 8
5. Multi-Party Key Generation . . . . . . . . . . . . . . . . . 9
6. Multi-Party Decryption . . . . . . . . . . . . . . . . . . . 9
6.1. Mechanism . . . . . . . . . . . . . . . . . . . . . . . . 11
6.2. Implementation . . . . . . . . . . . . . . . . . . . . . 12
6.2.1. Group Creation . . . . . . . . . . . . . . . . . . . 12
6.2.2. Provisioning a Member . . . . . . . . . . . . . . . . 13
6.2.3. Message Encryption and Decryption . . . . . . . . . . 13
7. Mutually Authenticated Key Agreement . . . . . . . . . . . . 14
8. Security Considerations . . . . . . . . . . . . . . . . . . . 15
9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 15
10. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 15
11. Examples . . . . . . . . . . . . . . . . . . . . . . . . . . 15
11.1. Key Combination . . . . . . . . . . . . . . . . . . . . 15
11.1.1. Ed25519 . . . . . . . . . . . . . . . . . . . . . . 16
11.1.2. Ed448 . . . . . . . . . . . . . . . . . . . . . . . 16
11.1.3. X25519 . . . . . . . . . . . . . . . . . . . . . . . 16
11.1.4. X448 . . . . . . . . . . . . . . . . . . . . . . . . 16
11.2. Group Encryption . . . . . . . . . . . . . . . . . . . . 16
Hallam-Baker Expires 6 May 2021 [Page 2]
Show full document text