idnits 2.17.00 (12 Aug 2021) /tmp/idnits37610/draft-ietf-cose-hash-sig-03.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (May 10, 2019) is 1107 days in the past. Is this intentional? -- Found something which looks like a code comment -- if you have code sections in the document, please surround them with '' and '' lines. Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) -- Looks like a reference, but probably isn't: '0' on line 300 -- Looks like a reference, but probably isn't: '1' on line 255 == Missing Reference: 'Nspk-2' is mentioned on line 199, but not defined == Missing Reference: 'Nspk-1' is mentioned on line 200, but not defined ** Downref: Normative reference to an Informational RFC: RFC 8554 (ref. 'HASHSIG') -- Possible downref: Non-RFC (?) normative reference: ref. 'SHS' Summary: 1 error (**), 0 flaws (~~), 3 warnings (==), 5 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group R. Housley 3 Internet-Draft Vigil Security 4 Intended status: Standards Track May 10, 2019 5 Expires: November 11, 2019 7 Use of the Hash-based Signature Algorithm with CBOR Object Signing and 8 Encryption (COSE) 9 draft-ietf-cose-hash-sig-03 11 Abstract 13 This document specifies the conventions for using the HSS/LMS hash- 14 based signature algorithm with the CBOR Object Signing and Encryption 15 (COSE) syntax. The HSS/LMS algorithm is one form of hash-based 16 digital signature; it is described in RFC 8554. 18 Status of This Memo 20 This Internet-Draft is submitted in full conformance with the 21 provisions of BCP 78 and BCP 79. 23 Internet-Drafts are working documents of the Internet Engineering 24 Task Force (IETF). Note that other groups may also distribute 25 working documents as Internet-Drafts. The list of current Internet- 26 Drafts is at https://datatracker.ietf.org/drafts/current/. 28 Internet-Drafts are draft documents valid for a maximum of six months 29 and may be updated, replaced, or obsoleted by other documents at any 30 time. It is inappropriate to use Internet-Drafts as reference 31 material or to cite them other than as "work in progress." 33 This Internet-Draft will expire on November 11, 2019. 35 Copyright Notice 37 Copyright (c) 2019 IETF Trust and the persons identified as the 38 document authors. All rights reserved. 40 This document is subject to BCP 78 and the IETF Trust's Legal 41 Provisions Relating to IETF Documents 42 (https://trustee.ietf.org/license-info) in effect on the date of 43 publication of this document. Please review these documents 44 carefully, as they describe your rights and restrictions with respect 45 to this document. Code Components extracted from this document must 46 include Simplified BSD License text as described in Section 4.e of 47 the Trust Legal Provisions and are provided without warranty as 48 described in the Simplified BSD License. 50 Table of Contents 52 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 53 1.1. Algorithm Security Considerations . . . . . . . . . . . . 3 54 1.2. Terminology . . . . . . . . . . . . . . . . . . . . . . . 4 55 2. LMS Digital Signature Algorithm Overview . . . . . . . . . . 4 56 2.1. Hierarchical Signature System (HSS) . . . . . . . . . . . 4 57 2.2. Leighton-Micali Signature (LMS) . . . . . . . . . . . . . 5 58 2.3. Leighton-Micali One-time Signature Algorithm (LM-OTS) . . 6 59 3. Hash-based Signature Algorithm Identifiers . . . . . . . . . 7 60 4. Security Considerations . . . . . . . . . . . . . . . . . . . 8 61 4.1. Implementation Security Considerations . . . . . . . . . 8 62 5. Operational Considerations . . . . . . . . . . . . . . . . . 9 63 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 9 64 6.1. COSE Algorithms Registry Entry . . . . . . . . . . . . . 9 65 6.2. COSE Key Types Registry Entry . . . . . . . . . . . . . . 10 66 7. References . . . . . . . . . . . . . . . . . . . . . . . . . 10 67 7.1. Normative References . . . . . . . . . . . . . . . . . . 10 68 7.2. Informative References . . . . . . . . . . . . . . . . . 10 69 Appendix A. Examples . . . . . . . . . . . . . . . . . . . . . . 11 70 A.1. Example COSE Full Message Signature . . . . . . . . . . . 11 71 A.2. Example COSE_Sign0 Message . . . . . . . . . . . . . . . 17 72 Appendix B. Acknowledgements . . . . . . . . . . . . . . . . . . 22 73 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 22 75 1. Introduction 77 This document specifies the conventions for using the HSS/LMS hash- 78 based signature algorithm with the CBOR Object Signing and Encryption 79 (COSE) [RFC8152] syntax. The Leighton-Micali Signature (LMS) system 80 provides a one-time digital signature that is a variant of Merkle 81 Tree Signatures (MTS). The Hierarchical Signature System (HSS) is 82 built on top of the LMS system to efficiently scale for a larger 83 numbers of signatures. The HSS/LMS algorithm is one form of hash- 84 based digital signature, and it is described in [HASHSIG]. The HSS/ 85 LMS signature algorithm can only be used for a fixed number of 86 signing operations. The number of signing operations depends upon 87 the size of the tree. The HSS/LMS signature algorithm uses small 88 public keys, and it has low computational cost; however, the 89 signatures are quite large. The HSS/LMS private key can be very 90 small when the signer is willing to perform additional computation at 91 signing time; alternatively, the private key can consume additional 92 memory and provide a faster signing time. 94 1.1. Algorithm Security Considerations 96 There have been recent advances in cryptanalysis and advances in the 97 development of quantum computers. Each of these advances pose a 98 threat to widely deployed digital signature algorithms. 100 At Black Hat USA 2013, some researchers gave a presentation on the 101 current state of public key cryptography. They said: "Current 102 cryptosystems depend on discrete logarithm and factoring which has 103 seen some major new developments in the past 6 months" [BH2013]. Due 104 to advances in cryptanalysis, they encouraged preparation for a day 105 when RSA and DSA cannot be depended upon. 107 Peter Shor showed that a large-scale quantum computer could be used 108 to factor a number in polynomial time [S1997], effectively breaking 109 RSA. If large-scale quantum computers are ever built, these 110 computers will be able to break many of the public-key cryptosystems 111 currently in use. A post-quantum cryptosystem [PQC] is a system that 112 is secure against quantum computers that have more than a trivial 113 number of quantum bits (qu-bits). It is open to conjecture when it 114 will be feasible to build such computers; however, RSA, DSA, ECDSA, 115 and EdDSA are all vulnerable if large-scale quantum computers come to 116 pass. 118 The HSS/LMS signature algorithm does not depend on the difficulty of 119 discrete logarithm or factoring, as a result these algorithms are 120 considered to be post-quantum secure. 122 Hash-based signatures [HASHSIG] are currently defined to use 123 exclusively SHA-256 [SHS]. An IANA registry is defined so that other 124 hash functions could be used in the future. LM-OTS signature 125 generation prepends a random string as well as other metadata before 126 computing the hash value. The inclusion of the random value reduces 127 the chances of an attacker being able to find collisions, even if the 128 attacker has a large-scale quantum computer. 130 Today, RSA is often used to digitally sign software updates. This 131 means that the distribution of software updates could be compromised 132 if a significant advance is made in factoring or a large-scale 133 quantum computer is invented. The use of HSS/LMS hash-based 134 signatures to protect software update distribution, perhaps using the 135 format that is being specified by the IETF SUIT Working Group, will 136 allow the deployment of software that implements new cryptosystems. 138 1.2. Terminology 140 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 141 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 142 "OPTIONAL" in this document are to be interpreted as described in 143 BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all 144 capitals, as shown here. 146 2. LMS Digital Signature Algorithm Overview 148 This specification makes use of the hash-based signature algorithm 149 specified in [HASHSIG], which is the Leighton and Micali adaptation 150 [LM] of the original Lamport-Diffie-Winternitz-Merkle one-time 151 signature system [M1979][M1987][M1989a][M1989b]. 153 The hash-based signature algorithm has three major components: 155 o Hierarchical Signature System (HSS) -- see Section 2.1; 157 o Leighton-Micali Signature (LMS) -- see Section 2.2; and 159 o Leighton-Micali One-time Signature Algorithm (LM-OTS) -- see 160 Section 2.3. 162 As implied by the name, the hash-based signature algorithm depends on 163 a collision-resistant hash function. The the hash-based signature 164 algorithm specified in [HASHSIG] currently makes use of the SHA-256 165 one-way hash function [SHS], but it also establishes an IANA registry 166 to permit the registration of additional one-way hash functions in 167 the future. 169 2.1. Hierarchical Signature System (HSS) 171 The hash-based signature algorithm specified in [HASHSIG] uses a 172 hierarchy of trees. The Hierarchical N-time Signature System (HSS) 173 allows subordinate trees to be generated when needed by the signer. 174 Otherwise, generation of the entire tree might take weeks or longer. 176 An HSS signature as specified in [HASHSIG] carries the number of 177 signed public keys (Nspk), followed by that number of signed public 178 keys, followed by the LMS signature as described in Section 2.2. The 179 public key for the top-most LMS tree is the public key of the HSS 180 system. The LMS private key in the parent tree signs the LMS public 181 key in the child tree, and the LMS private key in the bottom-most 182 tree signs the actual message. The signature over the public key and 183 the signature over the actual message are LMS signatures as described 184 in Section 2.2. 186 The elements of the HSS signature value for a stand-alone tree (a top 187 tree with no children) can be summarized as: 189 u32str(0) || 190 lms_signature /* signature of message */ 192 The elements of the HSS signature value for a tree with Nspk signed 193 public keys can be summarized as: 195 u32str(Nspk) || 196 signed_public_key[0] || 197 signed_public_key[1] || 198 ... 199 signed_public_key[Nspk-2] || 200 signed_public_key[Nspk-1] || 201 lms_signature /* signature of message */ 203 where, as defined in Section 3.3 of [HASHSIG], a signed_public_key is 204 the lms_signature over the public key followed by the public key 205 itself. Note that Nspk is the number of levels in the hierarchy of 206 trees minus 1. 208 2.2. Leighton-Micali Signature (LMS) 210 Each tree in the hash-based signature algorithm specified in 211 [HASHSIG] uses the Leighton-Micali Signature (LMS) system. LMS 212 systems have two parameters. The first parameter is the height of 213 the tree, h, which is the number of levels in the tree minus one. 214 The [HASHSIG] includes support for five values of this parameter: 215 h=5; h=10; h=15; h=20; and h=25. Note that there are 2^h leaves in 216 the tree. The second parameter is the number of bytes output by the 217 hash function, m, which is the amount of data associated with each 218 node in the tree. This specification supports only SHA-256, with 219 m=32. An IANA registry is defined so that other hash functions could 220 be used in the future. 222 The [HASHSIG] specification supports five tree sizes: 224 LMS_SHA256_M32_H5; 225 LMS_SHA256_M32_H10; 226 LMS_SHA256_M32_H15; 227 LMS_SHA256_M32_H20; and 228 LMS_SHA256_M32_H25. 230 The [HASHSIG] specification establishes an IANA registry to permit 231 the registration of additional hash functions and additional tree 232 sizes in the future. 234 The LMS public key can be summarized as: 236 u32str(lms_algorithm_type) || u32str(otstype) || I || T[1] 238 An LMS signature consists of four elements: the number of the leaf 239 associated with the LM-OTS signature, an LM-OTS signature as 240 described in Section 2.3, a typecode indicating the particular LMS 241 algorithm, and an array of values that is associated with the path 242 through the tree from the leaf associated with the LM-OTS signature 243 to the root. The array of values contains the siblings of the nodes 244 on the path from the leaf to the root but does not contain the nodes 245 on the path itself. The array for a tree with height h will have h 246 values. The first value is the sibling of the leaf, the next value 247 is the sibling of the parent of the leaf, and so on up the path to 248 the root. 250 The four elements of the LMS signature value can be summarized as: 252 u32str(q) || 253 ots_signature || 254 u32str(type) || 255 path[0] || path[1] || ... || path[h-1] 257 2.3. Leighton-Micali One-time Signature Algorithm (LM-OTS) 259 The hash-based signature algorithm depends on a one-time signature 260 method. This specification makes use of the Leighton-Micali One-time 261 Signature Algorithm (LM-OTS) [HASHSIG]. An LM-OTS has five 262 parameters: 264 n - The number of bytes output by the hash function. This 265 specification supports only SHA-256 [SHS], with n=32. 267 H - A preimage-resistant hash function that accepts byte strings 268 of any length, and returns an n-byte string. This 269 specification supports only SHA-256 [SHS]. 271 w - The width in bits of the Winternitz coefficients. [HASHSIG] 272 supports four values for this parameter: w=1; w=2; w=4; and 273 w=8. 275 p - The number of n-byte string elements that make up the LM-OTS 276 signature. 278 ls - The number of left-shift bits used in the checksum function, 279 which is defined in Section 4.5 of [HASHSIG]. 281 The values of p and ls are dependent on the choices of the parameters 282 n and w, as described in Appendix A of [HASHSIG]. 284 The [HASHSIG] specification supports four LM-OTS variants: 286 LMOTS_SHA256_N32_W1; 287 LMOTS_SHA256_N32_W2; 288 LMOTS_SHA256_N32_W4; and 289 LMOTS_SHA256_N32_W8. 291 The [HASHSIG] specification establishes an IANA registry to permit 292 the registration of additional hash functions and additional 293 parameter sets in the future. 295 Signing involves the generation of C, which is an n-byte random 296 value. 298 The LM-OTS signature value can be summarized as: 300 u32str(otstype) || C || y[0] || ... || y[p-1] 302 3. Hash-based Signature Algorithm Identifiers 304 The CBOR Object Signing and Encryption (COSE) [RFC8152] supports two 305 signature algorithm schemes. This specification makes use of the 306 signature with appendix scheme for hash-based signatures. 308 The signature value is a large byte string. The byte string is 309 designed for easy parsing, and it includes a counter and type codes 310 that indirectly provide all of the information that is needed to 311 parse the byte string during signature validation. 313 When using a COSE key for this algorithm, the following checks are 314 made: 316 o The 'kty' field MUST be present, and it MUST be 'HSS-LMS'. 318 o If the 'alg' field is present, and it MUST be 'HSS-LMS'. 320 o If the 'key_ops' field is present, it MUST include 'sign' when 321 creating a hash-based signature. 323 o If the 'key_ops' field is present, it MUST include 'verify' 324 when verifying a hash-based signature. 326 o If the 'kid' field is present, it MAY be used to identify the 327 top of the HSS tree. In [HASHSIG], this identifier is called 328 'I', and it is the 16-byte identifier of the LMS public key 329 for the tree. 331 4. Security Considerations 333 4.1. Implementation Security Considerations 335 Implementations must protect the private keys. Use of a hardware 336 security module (HSM) is one way to protect the private keys. 337 Compromise of the private keys may result in the ability to forge 338 signatures. Along with the private key, the implementation must keep 339 track of which leaf nodes in the tree have been used. Loss of 340 integrity of this tracking data can cause a one-time key to be used 341 more than once. As a result, when a private key and the tracking 342 data are stored on non-volatile media or stored in a virtual machine 343 environment, care must be taken to preserve confidentiality and 344 integrity. 346 When a LMS key pair is generating a LMS key pair, an implementation 347 must must generate the key pair and the corresponding identifier 348 independently of all other key pairs in the HSS tree. 350 An implementation must ensure that a LM-OTS private key is used to 351 generate a signature only one time, and ensure that it cannot be used 352 for any other purpose. 354 The generation of private keys relies on random numbers. The use of 355 inadequate pseudo-random number generators (PRNGs) to generate these 356 values can result in little or no security. An attacker may find it 357 much easier to reproduce the PRNG environment that produced the keys, 358 searching the resulting small set of possibilities, rather than brute 359 force searching the whole key space. The generation of quality 360 random numbers is difficult. [RFC4086] offers important guidance in 361 this area. 363 The generation of hash-based signatures also depends on random 364 numbers. While the consequences of an inadequate pseudo-random 365 number generator (PRNGs) to generate these values is much less severe 366 than the generation of private keys, the guidance in [RFC4086] 367 remains important. 369 5. Operational Considerations 371 The public key for the hash-based signature is the key at the root of 372 Hierarchical Signature System (HSS). In the absence of a public key 373 infrastructure [RFC5280], this public key is a trust anchor, and the 374 number of signatures that can be generated is bounded by the size of 375 the overall HSS set of trees. When all of the LM-OTS signatures have 376 been used to produce a signature, then the establishment of a new 377 trust anchor is required. 379 To ensure that none of tree nodes are used to generate more than one 380 signature, the signer maintains state across different invocations of 381 the signing algorithm. Section 12.2 of [HASHSIG] offers some 382 practical implementation approaches around this statefulness. In 383 some of these approaches, nodes are sacrificed to ensure that none 384 are used more than once. As a result, the total number of signatures 385 that can be generated might be less than the overall HSS set of 386 trees. 388 6. IANA Considerations 390 IANA is requested to add entries for hash-based signatures in the 391 "COSE Algorithms" registry and hash-based public keys in the "COSE 392 Key Types" registry. 394 6.1. COSE Algorithms Registry Entry 396 The new entry in the "COSE Algorithms" registry has the following 397 columns: 399 Name: HSS-LMS 401 Value: TBD (Value to be assigned by IANA) 403 Description: HSS/LMS hash-based digital signature 405 Reference: This document (Number to be assigned by RFC Editor) 407 Recommended: Yes 409 6.2. COSE Key Types Registry Entry 411 The new entry in the "COSE Key Types" registry has the following 412 columns: 414 Name: HSS-LMS 416 Value: TBD (Value to be assigned by IANA) 418 Description: Public key for HSS/LMS hash-based digital signature 420 Reference: This document (Number to be assigned by RFC Editor) 422 7. References 424 7.1. Normative References 426 [HASHSIG] McGrew, D., Curcio, M., and S. Fluhrer, "Leighton-Micali 427 Hash-Based Signatures", RFC 8554, April 2019, 428 . 430 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 431 Requirement Levels", BCP 14, RFC 2119, 432 DOI 10.17487/RFC2119, March 1997, 433 . 435 [RFC8152] Schaad, J., "CBOR Object Signing and Encryption (COSE)", 436 RFC 8152, DOI 10.17487/RFC8152, July 2017, 437 . 439 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 440 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 441 May 2017, . 443 [SHS] National Institute of Standards and Technology (NIST), 444 "Secure Hash Standard", FIPS Publication 180-3, 2008. 446 7.2. Informative References 448 [BH2013] Ptacek, T., Ritter, T., Samuel, J., and A. Stamos, "The 449 Factoring Dead: Preparing for the Cryptopocalypse", August 450 2013, . 453 [LM] Leighton, F. and S. Micali, "Large provably fast and 454 secure digital signature schemes from secure hash 455 functions", U.S. Patent 5,432,852, July 1995. 457 [M1979] Merkle, R., "Secrecy, Authentication, and Public Key 458 Systems", Stanford University Information Systems 459 Laboratory Technical Report 1979-1, 1979. 461 [M1987] Merkle, R., "A Digital Signature Based on a Conventional 462 Encryption Function", Lecture Notes in Computer 463 Science crypto87, 1988. 465 [M1989a] Merkle, R., "A Certified Digital Signature", Lecture Notes 466 in Computer Science crypto89, 1990. 468 [M1989b] Merkle, R., "One Way Hash Functions and DES", Lecture 469 Notes in Computer Science crypto89, 1990. 471 [PQC] Bernstein, D., "Introduction to post-quantum 472 cryptography", 2009, 473 . 476 [RFC4086] Eastlake 3rd, D., Schiller, J., and S. Crocker, 477 "Randomness Requirements for Security", BCP 106, RFC 4086, 478 DOI 10.17487/RFC4086, June 2005, 479 . 481 [RFC5280] Cooper, D., Santesson, S., Farrell, S., Boeyen, S., 482 Housley, R., and W. Polk, "Internet X.509 Public Key 483 Infrastructure Certificate and Certificate Revocation List 484 (CRL) Profile", RFC 5280, DOI 10.17487/RFC5280, May 2008, 485 . 487 [S1997] Shor, P., "Polynomial-time algorithms for prime 488 factorization and discrete logarithms on a quantum 489 computer", SIAM Journal on Computing 26(5), 1484-26, 1997, 490 . 492 Appendix A. Examples 494 This appendix provides an example of a COSE full message signature 495 and an example of a COSE_Sign0 message. 497 The programs that were used to generate the examples can be found at 498 https://github.com/cose-wg/Examples. 500 A.1. Example COSE Full Message Signature 502 This section provides an example of a COSE full message signature. 504 { 505 "title":"HSS LMS Hash based signature - hsssig-01", 506 "input":{ 507 "plaintext":"This is the content.", 508 "sign":{ 509 "protected":{ 510 "ctyp":0 511 }, 512 "signers":[ 513 { 514 "key":{ 515 "kty":"HSS-LMS", 516 "kid":"ItsBig", 517 "comment":"1 level key - LM_SHA256_MD32_H10 + \ 518 LMOTS_SHA256_N32_W4 ", 519 "public":"000000010000000600000003d08fabd4a20 \ 520 91ff0a8cb4ed834e7453432a58885cd9ba0431235 \ 521 466bff9651c6c92124404d45fa53cf161c28f1ad5a8e", 522 "private":"1|6|3|558B8966C48AE9CB898B423C8344 \ 523 3AAE014A72F1B1AB5CC85CF1D892903B5439|1|d0 \ 524 8fabd4a2091ff0a8cb4ed834e74534" 525 }, 526 "unprotected":{ 527 "kid":"ItsBig" 528 }, 529 "protected":{ 530 "alg":"HSS-LMS" 531 } 532 } 533 ] 534 }, 535 "rng_description":"Random value for signature", 536 "rng_stream":[ 537 "ACFC5C7377D45C969DF7D7289882A48C1A10E5C48B6E29DF5018D \ 538 3E683E36BC5" 539 ] 540 }, 541 "intermediates":{ 542 "signers":[ 543 { 544 "ToBeSign_hex":"85695369676E617475726543A103004AA10 \ 545 1674853532D4C4D53405454686973206973207468652063 \ 546 6F6E74656E742E" 547 } 548 ] 549 }, 550 "output":{ 551 "cbor_diag":"98([h'A10300', {}, h'54686973206973207468652 \ 552 0636F6E74656E742E', [[h'A101674853532D4C4D53', \ 553 {4: h'497473426967'}, h'00000000000000010000000391291 \ 554 DE76CE6E24D1E2A9B60266519BC8CE889F814DEB0FC00EDD3129D \ 555 E3AB9BFC0F5DA46923923AA3209BF9E1480AB78906D79D4C9280A \ 556 DC6300C182CB33429CE0035FE3E2E4428770D22F85687A18AEE76 \ 557 CDC2F8E8F40043B314A68E72F9F679F7E3A5A34594E7673EEB70E \ 558 840FBFFDA398EC59BF0236FDD34ACE319DC1EAD1BD22B0213A094 \ 559 6160F30168A6E193C57C32BB017C22529EC3760FF93358633D5A6 \ 560 9F7F0850BD720E72FF758B19D4E27D114B1E6321BFDF1859102E7 \ 561 23A3B1F1AE5BC53EC8732FF1B2C4D384137E8EEEC94804CB47C82 \ 562 3C0B01441E28B178E1F5A904CF7592AAACF820C97E7714B69FCA4 \ 563 BABE97854B0C00A705CAE7BA9112D182C21BCE3F10EA70C324F46 \ 564 6749279610A3477B03E3622169438C27CD46FCAD769D010D0B13A \ 565 06F5CD00D93A2EEB2BB0E25BFFD2A08C8DDF0653518B7BFEDB3B4 \ 566 6EB56BDA75B0421DF87F7FD1F08808B58DD3647472D90F8F9459C \ 567 775BFF5930956EBD7BF4D5F6B26BC53196FF9B660949B23154B9C \ 568 E7A0DF55E9083B42A90D82F8D1DE2F62770EBDCE42A4A50448854 \ 569 15C7BA81EFED2BCF8C1B6932215646E9EF160DDD79CA4DD6F4774 \ 570 85BB5B01AAD4DF4D6D45942B935C74D35BD340D9D83CBC8F8A719 \ 571 D6BB5CE098091C8787E193C84CE386355C55807A17CE1BFF830D4 \ 572 B87D63646EF8FC1E9E9071BB67A123FDEC3F37638CDAF0F4BF308 \ 573 4074069171C10C4670163B9626635ADE3BD6D7917D0B029C7D4B8 \ 574 8B005473B6FF3862FB491CD1E1F6069B306C4EF8AE4C7F83EB320 \ 575 A20406AA7FFF84BFDD22AD876B4661ED5D38F35591625F1D53DC1 \ 576 BD472D1B4D93E93DA31A8CD5CEA70B6DD7BCFA510E5BD31C1AA60 \ 577 BD252071D689C9D9CC1EDFE8AA0235C654F758FC8936515AE3441 \ 578 C3B9F2AFFA164AF2999C6994C54F0AC923F0E6ED8C48C6148234E \ 579 ADB87ABEA3C935B3D9682E6D121506131E6928474327E1E47CE7C \ 580 9D9BD4C36E7A274664B21B1E6304CCD6111E53159775196AAC4D5 \ 581 9ED5FF553F4EC9597DF17873BB5E47827D83AA48BD22849D5A97C \ 582 93A106672BDEB52ED7B6D2C56CE32700513C0FC04F26549A6FC5C \ 583 DBB5634C0BFBB6EF1FAADA66923D21BAB3BF62C6DD6D7DAAB67AB \ 584 A8923C4CF1CC8ABB47F33DF12617C38A7B1DB13E6B2D6E23DFA59 \ 585 F8E760966B7B17A5B492C6AE25920E8F697F7666D02222CD48852 \ 586 7DB55DAABD2F82D927BBB7EC06B833D4BBE08680A54B1E062D938 \ 587 8530B1F96696F712457AF44705400D8F443FAFB01D76FD6075D20 \ 588 845044ACCEA54DC4872A97C2DBCF0A9968001CB7C22F9D9387A76 \ 589 630FE4A825AA4054A3E5BA1486F5AD7B2A87FD4B248DCEE4E6EC1 \ 590 A2B8A2D2BFB19A74CA3027338633B18865EB5A16997D2DD3BC441 \ 591 35E47220182BC1FB7445037C3524641CF69370D0627C04C43A14E \ 592 778BADCFD7961551A9FCB95A8D4162A94110BC703F5F49CB85322 \ 593 CA9007322F2DBE55DC237FAED2FBF9C953EF9F5EBBDC0058BFD69 \ 594 475A87D32E4A9E5C266012B0CCE1E507AD10FC01D7E00FBF5556E \ 595 A9DC716B812357F0BE844FD14C33C582E80EB1603D78C00A6E9F6 \ 596 7EB8981A04581122F3F0DDCF997F6F7CB637857C07DEC7353DA14 \ 597 03BAAFAC8DB374922198081D77F52DB3F8B6281471D53BB11C6DA \ 598 56DD733632021F584E207FD61222C4FFEFAA74214C7634B6171C9 \ 599 5905CA05D9A3A686A7BA541BFA59A76F9CB85F4A5272BC6209A41 \ 600 CF83A22EF22074B2760118952B8282ACEF179B26C879D2C8B4238 \ 601 979E4BD512D8A5D20578810E134F254B4C1D22685B58537632259 \ 602 BB6B4CC14FB6E6C94C1087441A81F11B9A83535B24DDC725A81A9 \ 603 D1FF62DA2804C8D84C6E3837D97DEF03AA275D348E7C0AA4A46A3 \ 604 9EDDDD55C45513AB692BD7DEC0F0B142F3E7075CBEA436F3791AF \ 605 2C6E014F73C8A29464393BBB56ACE6A7048F1E444934125C9B5F7 \ 606 8A5AA130F238A441DBEC5EA73F61D00D059CB2A137D6F9EC27306 \ 607 8B2545549E525055CDE70F7C7C28FB4CADC251AE6FE3186DF1987 \ 608 0661831E95C76450146654A3D36184CFFAA1EFC684ACD21D2498E \ 609 298FD18E99D5C6AFAF5588CCDDC2475B9E8294677924FA8283094 \ 610 810F7DD9FEF57DFF359805725ED044AC13D1794D7949FE0EAFC42 \ 611 5933A7D788035C6C825A580EC3E26F7B3BE31FB98A7F67BCC6FF5 \ 612 1ABEA2A7D9FF6D898018B5FBEE74D892C8694101236E20991499D \ 613 0385A18B290BCF2938806D602E27800C21B2E38C65B987B10D360 \ 614 B2C674EED6A6205F251A0E68B7D57060DE5E3F599BA197997EE49 \ 615 DA7D6AB97119F03AF737CE914B004462AA07C61B15311BBA10FC5 \ 616 BB68A2621E47BE3374222DFFDE29C7910418F6D9E4DD1B7B7A9B3 \ 617 600689019F188EA696B7951A10C15E9BD01A5160E1A571942E223 \ 618 C6F29A70528E5CF7A52F1F60806A9FF729E76D69BFD315383F031 \ 619 C3863650757F1EF75D474935147FBAA9A6DA0ABF7C5BCF4E05026 \ 620 FD134AC20815A3A81A026213EA50FF1454F2399518DD359D49D9E \ 621 475DA432FFD4B953875FDB7A7EA7D04AC13D4102851D90BAB6527 \ 622 72527E85C485E863D9A1AC76BC0474D53FA5E6A77E64210788FBD \ 623 EB5696C6DEEEDF18AAC2BC74FC861AB770175A032273E4D5D7366 \ 624 C8FFE6F446995B564FC3D59C70FECDB60A25E28650417157F43F3 \ 625 E72C3AFC2372EC9D0787CB37BFAC383648E7A168EAACCA7C55505 \ 626 F93E9A09310320CB5184512F583F2FEA5853C36E6E43A6E6BE182 \ 627 185F04FE4B05170865618A51CF25542EADF473D5794295BDC86FC \ 628 6909D301E952346E32D69320D333BCA39B4FF8AF7E199BD55D919 \ 629 0F1FED4D3225274F03A1806E201ED2D040509FD7FA67C9CE6068E \ 630 C54B56D53BF47E67B5B8B6382A0CB69A61D7FBC2DDEDA171D4F70 \ 631 14262FC77F454A3E68E6EFB7C31C4080024C8027FD8D6CE648B78 \ 632 2B56B762BEE5ADA237D018689B58902CBAC4E44C931416B47CD5E \ 633 20026D5B81B407A0E29CAAEC81F1C3528463132F00589A9F8021A \ 634 74109F8DBF81FE282C1F58BF3F2A52C560E38BFD68B2D28679CBC \ 635 089F2C9C3FC245FF5FA3ADA7F7973D9BD4BEC69B1F0C71416A6C4 \ 636 F00000006ED1CE8C6E437918D43FBA7BD9385694C41182703F6B7 \ 637 F704DEEDD9384BA6F8BC362C948646B3C9848803E6D9BA1F7D396 \ 638 7F709CDDD35DC77D60356F0C36808900B491CB4ECBBABEC128E7C \ 639 81A46E62A67B57640A0A78BE1CBF7DD9D419A10CD8686D16621A8 \ 640 0816BFDB5BDC56211D72CA70B81F1117D129529A7570CF79CF52A \ 641 7028A48538ECDD3B38D3D5D62D26246595C4FB73A525A5ED2C305 \ 642 24EBB1D8CC82E0C19BC4977C6898FF95FD3D310B0BAE71696CEF9 \ 643 3C6A552456BF96E9D075E383BB7543C675842BAFBFC7CDB88483B \ 644 3276C29D4F0A341C2D406E40D4653B7E4D045851ACF6A0A0EA9C7 \ 645 10B805CCED4635EE8C107362F0FC8D80C14D0AC49C516703D26D1 \ 646 4752F34C1C0D2C4247581C18C2CF4DE48E9CE949BE7C888E9CAEB \ 647 E4A415E291FD107D21DC1F084B1158208249F28F4F7C7E931BA7B \ 648 3BD0D824A4570']]])", 650 "cbor":"D8628443A10300A054546869732069732074686520636F6E7 \ 651 4656E742E81834AA101674853532D4C4D53A10446497473426967 \ 652 5909D000000000000000010000000391291DE76CE6E24D1E2A9B6 \ 653 0266519BC8CE889F814DEB0FC00EDD3129DE3AB9BFC0F5DA46923 \ 654 923AA3209BF9E1480AB78906D79D4C9280ADC6300C182CB33429C \ 655 E0035FE3E2E4428770D22F85687A18AEE76CDC2F8E8F40043B314 \ 656 A68E72F9F679F7E3A5A34594E7673EEB70E840FBFFDA398EC59BF \ 657 0236FDD34ACE319DC1EAD1BD22B0213A0946160F30168A6E193C5 \ 658 7C32BB017C22529EC3760FF93358633D5A69F7F0850BD720E72FF \ 659 758B19D4E27D114B1E6321BFDF1859102E723A3B1F1AE5BC53EC8 \ 660 732FF1B2C4D384137E8EEEC94804CB47C823C0B01441E28B178E1 \ 661 F5A904CF7592AAACF820C97E7714B69FCA4BABE97854B0C00A705 \ 662 CAE7BA9112D182C21BCE3F10EA70C324F466749279610A3477B03 \ 663 E3622169438C27CD46FCAD769D010D0B13A06F5CD00D93A2EEB2B \ 664 B0E25BFFD2A08C8DDF0653518B7BFEDB3B46EB56BDA75B0421DF8 \ 665 7F7FD1F08808B58DD3647472D90F8F9459C775BFF5930956EBD7B \ 666 F4D5F6B26BC53196FF9B660949B23154B9CE7A0DF55E9083B42A9 \ 667 0D82F8D1DE2F62770EBDCE42A4A5044885415C7BA81EFED2BCF8C \ 668 1B6932215646E9EF160DDD79CA4DD6F477485BB5B01AAD4DF4D6D \ 669 45942B935C74D35BD340D9D83CBC8F8A719D6BB5CE098091C8787 \ 670 E193C84CE386355C55807A17CE1BFF830D4B87D63646EF8FC1E9E \ 671 9071BB67A123FDEC3F37638CDAF0F4BF3084074069171C10C4670 \ 672 163B9626635ADE3BD6D7917D0B029C7D4B88B005473B6FF3862FB \ 673 491CD1E1F6069B306C4EF8AE4C7F83EB320A20406AA7FFF84BFDD \ 674 22AD876B4661ED5D38F35591625F1D53DC1BD472D1B4D93E93DA3 \ 675 1A8CD5CEA70B6DD7BCFA510E5BD31C1AA60BD252071D689C9D9CC \ 676 1EDFE8AA0235C654F758FC8936515AE3441C3B9F2AFFA164AF299 \ 677 9C6994C54F0AC923F0E6ED8C48C6148234EADB87ABEA3C935B3D9 \ 678 682E6D121506131E6928474327E1E47CE7C9D9BD4C36E7A274664 \ 679 B21B1E6304CCD6111E53159775196AAC4D59ED5FF553F4EC9597D \ 680 F17873BB5E47827D83AA48BD22849D5A97C93A106672BDEB52ED7 \ 681 B6D2C56CE32700513C0FC04F26549A6FC5CDBB5634C0BFBB6EF1F \ 682 AADA66923D21BAB3BF62C6DD6D7DAAB67ABA8923C4CF1CC8ABB47 \ 683 F33DF12617C38A7B1DB13E6B2D6E23DFA59F8E760966B7B17A5B4 \ 684 92C6AE25920E8F697F7666D02222CD488527DB55DAABD2F82D927 \ 685 BBB7EC06B833D4BBE08680A54B1E062D9388530B1F96696F71245 \ 686 7AF44705400D8F443FAFB01D76FD6075D20845044ACCEA54DC487 \ 687 2A97C2DBCF0A9968001CB7C22F9D9387A76630FE4A825AA4054A3 \ 688 E5BA1486F5AD7B2A87FD4B248DCEE4E6EC1A2B8A2D2BFB19A74CA \ 689 3027338633B18865EB5A16997D2DD3BC44135E47220182BC1FB74 \ 690 45037C3524641CF69370D0627C04C43A14E778BADCFD7961551A9 \ 691 FCB95A8D4162A94110BC703F5F49CB85322CA9007322F2DBE55DC \ 692 237FAED2FBF9C953EF9F5EBBDC0058BFD69475A87D32E4A9E5C26 \ 693 6012B0CCE1E507AD10FC01D7E00FBF5556EA9DC716B812357F0BE \ 694 844FD14C33C582E80EB1603D78C00A6E9F67EB8981A04581122F3 \ 695 F0DDCF997F6F7CB637857C07DEC7353DA1403BAAFAC8DB3749221 \ 696 98081D77F52DB3F8B6281471D53BB11C6DA56DD733632021F584E \ 697 207FD61222C4FFEFAA74214C7634B6171C95905CA05D9A3A686A7 \ 698 BA541BFA59A76F9CB85F4A5272BC6209A41CF83A22EF22074B276 \ 699 0118952B8282ACEF179B26C879D2C8B4238979E4BD512D8A5D205 \ 700 78810E134F254B4C1D22685B58537632259BB6B4CC14FB6E6C94C \ 701 1087441A81F11B9A83535B24DDC725A81A9D1FF62DA2804C8D84C \ 702 6E3837D97DEF03AA275D348E7C0AA4A46A39EDDDD55C45513AB69 \ 703 2BD7DEC0F0B142F3E7075CBEA436F3791AF2C6E014F73C8A29464 \ 704 393BBB56ACE6A7048F1E444934125C9B5F78A5AA130F238A441DB \ 705 EC5EA73F61D00D059CB2A137D6F9EC273068B2545549E525055CD \ 706 E70F7C7C28FB4CADC251AE6FE3186DF19870661831E95C7645014 \ 707 6654A3D36184CFFAA1EFC684ACD21D2498E298FD18E99D5C6AFAF \ 708 5588CCDDC2475B9E8294677924FA8283094810F7DD9FEF57DFF35 \ 709 9805725ED044AC13D1794D7949FE0EAFC425933A7D788035C6C82 \ 710 5A580EC3E26F7B3BE31FB98A7F67BCC6FF51ABEA2A7D9FF6D8980 \ 711 18B5FBEE74D892C8694101236E20991499D0385A18B290BCF2938 \ 712 806D602E27800C21B2E38C65B987B10D360B2C674EED6A6205F25 \ 713 1A0E68B7D57060DE5E3F599BA197997EE49DA7D6AB97119F03AF7 \ 714 37CE914B004462AA07C61B15311BBA10FC5BB68A2621E47BE3374 \ 715 222DFFDE29C7910418F6D9E4DD1B7B7A9B3600689019F188EA696 \ 716 B7951A10C15E9BD01A5160E1A571942E223C6F29A70528E5CF7A5 \ 717 2F1F60806A9FF729E76D69BFD315383F031C3863650757F1EF75D \ 718 474935147FBAA9A6DA0ABF7C5BCF4E05026FD134AC20815A3A81A \ 719 026213EA50FF1454F2399518DD359D49D9E475DA432FFD4B95387 \ 720 5FDB7A7EA7D04AC13D4102851D90BAB652772527E85C485E863D9 \ 721 A1AC76BC0474D53FA5E6A77E64210788FBDEB5696C6DEEEDF18AA \ 722 C2BC74FC861AB770175A032273E4D5D7366C8FFE6F446995B564F \ 723 C3D59C70FECDB60A25E28650417157F43F3E72C3AFC2372EC9D07 \ 724 87CB37BFAC383648E7A168EAACCA7C55505F93E9A09310320CB51 \ 725 84512F583F2FEA5853C36E6E43A6E6BE182185F04FE4B05170865 \ 726 618A51CF25542EADF473D5794295BDC86FC6909D301E952346E32 \ 727 D69320D333BCA39B4FF8AF7E199BD55D9190F1FED4D3225274F03 \ 728 A1806E201ED2D040509FD7FA67C9CE6068EC54B56D53BF47E67B5 \ 729 B8B6382A0CB69A61D7FBC2DDEDA171D4F7014262FC77F454A3E68 \ 730 E6EFB7C31C4080024C8027FD8D6CE648B782B56B762BEE5ADA237 \ 731 D018689B58902CBAC4E44C931416B47CD5E20026D5B81B407A0E2 \ 732 9CAAEC81F1C3528463132F00589A9F8021A74109F8DBF81FE282C \ 733 1F58BF3F2A52C560E38BFD68B2D28679CBC089F2C9C3FC245FF5F \ 734 A3ADA7F7973D9BD4BEC69B1F0C71416A6C4F00000006ED1CE8C6E \ 735 437918D43FBA7BD9385694C41182703F6B7F704DEEDD9384BA6F8 \ 736 BC362C948646B3C9848803E6D9BA1F7D3967F709CDDD35DC77D60 \ 737 356F0C36808900B491CB4ECBBABEC128E7C81A46E62A67B57640A \ 738 0A78BE1CBF7DD9D419A10CD8686D16621A80816BFDB5BDC56211D \ 739 72CA70B81F1117D129529A7570CF79CF52A7028A48538ECDD3B38 \ 740 D3D5D62D26246595C4FB73A525A5ED2C30524EBB1D8CC82E0C19B \ 741 C4977C6898FF95FD3D310B0BAE71696CEF93C6A552456BF96E9D0 \ 742 75E383BB7543C675842BAFBFC7CDB88483B3276C29D4F0A341C2D \ 743 406E40D4653B7E4D045851ACF6A0A0EA9C710B805CCED4635EE8C \ 744 107362F0FC8D80C14D0AC49C516703D26D14752F34C1C0D2C4247 \ 745 581C18C2CF4DE48E9CE949BE7C888E9CAEBE4A415E291FD107D21 \ 746 DC1F084B1158208249F28F4F7C7E931BA7B3BD0D824A4570" 747 } 748 } 750 A.2. Example COSE_Sign0 Message 752 This section provides an example of a COSE_Sign0 message. 754 { 755 "title":"HSS LMS Hash based signature - hsssig-sig-01", 756 "input":{ 757 "plaintext":"This is the content.", 758 "sign0":{ 759 "key":{ 760 "kty":"HSS-LMS", 761 "kid":"ItsBig", 762 "comment":"1 level key - LM_SHA256_MD32_H10 + \ 763 LMOTS_SHA256_N32_W4 ", 764 "public":"000000010000000600000003d08fabd4a2091ff0a \ 765 8cb4ed834e7453432a58885cd9ba0431235466bff9651c6 \ 766 c92124404d45fa53cf161c28f1ad5a8e", 767 "private":"1|6|3|558B8966C48AE9CB898B423C83443AAE01 \ 768 4A72F1B1AB5CC85CF1D892903B5439|0|d08fabd4a2091f \ 769 f0a8cb4ed834e74534" 770 }, 771 "unprotected":{ 772 "kid":"ItsBig" 773 }, 774 "protected":{ 775 "alg":"HSS-LMS" 776 }, 777 "alg":"HSS-LMS" 778 }, 779 "rng_description":"Random value for signature", 780 "rng_stream":[ 781 "1D5112D38A1146402875B73BC8D4B59C845C6AE61D03A70ABAD09 \ 782 8AC05AD8297" 783 ] 784 }, 785 "intermediates":{ 786 "ToBeSign_hex":"846A5369676E6174757265314AA101674853532D4 \ 787 C4D534054546869732069732074686520636F6E74656E742E" 788 }, 789 "output":{ 790 "cbor_diag":"18([h'A101674853532D4C4D53', \ 791 {4: h'497473426967'}, \ 792 h'546869732069732074686520636F6E74656E742E', \ 793 h'00000000000000000000000391291DE76CE6E24D1E2A9B60266 \ 794 519BC8CE889F814DEB0FC00EDD3129DE3AB9BA6814A4BEE84E5E8 \ 795 38C7725F78FE0610837A548F92802DA610AFB0ADFB133123061C0 \ 796 23E87A7802C17B00740F25737A775B95E923905B6F0CA02A87095 \ 797 5420A68003133A1EA12083E134238DFE5F1633E159CFD207BC79B \ 798 50DD39BA39FCAAA75C12F7F1B493AB8736162E42C2C2F9159DF33 \ 799 32C399A50BB8404F2CB6D98DAA4C3DF82A197CFE014BEC27CC820 \ 800 A5B26BAC5DFE05947E3A7D92070A4653C67BA095AB0499AF655B8 \ 801 1B719912E296765FA46CB0AD2ED56BBCF00CA6FB9C16D8C05C1C1 \ 802 65FED054A099A3DA89F9CB951C6ED366DF38E299C7E7DC9AC9C43 \ 803 66F328407E7C4A6CD8A5314D6B02B377406D5A5E589E91FEAA9F2 \ 804 E4EC1682BA1F633C7784B3038FAC2E77947916C8F4160CF6D9D0B \ 805 0BC6600CDBC4AE947DD5D317DCBA3D200A739F96CDDBA94DAF86C \ 806 E80C76158D4F5CF3CD2BA9F1393DF47E556887F919E0718625D31 \ 807 240E7FE9599012F757314C20893827194AD6555F1452E3A749CE2 \ 808 13DFBA283013DCFF196F9BD18D715B6E7451DE35B18181DF8A626 \ 809 DE1480F2DDECB126B477E019FFE75E4472EF4FA1B913C80821155 \ 810 AAE0D7F3B1175B64CA076926166C80E8219D241791C1DE3C8F936 \ 811 55085C0B00F840970367DAF2A41D462C696C74AF0C3591A6C6B4D \ 812 701963819FFBDC945785D64CE687BA4D086A31FE6A5E1C74A6C0E \ 813 25CF67CEA24DCDE0E47B5210670CC2D66003DF2232F4BA337D325 \ 814 166381681FD4738997BB3EC1499E594B5CCE9FBC11C3136C20F15 \ 815 6012A4DA062675627758DBF1BE635C876F81713D322EA127F6FFC \ 816 8880F42BA51879CC0EB27B8A0C21E434DA7C490BFE30BE1FAC3CA \ 817 A5CF97451FADF412ECA7BAD72E2553541224EB934A9C8A0034E1C \ 818 59EA2D9EAFD66A72F1C43A07B70CBBC0AD844506E31C4CC84F395 \ 819 F28915239C8CB733787EE79704B8BA0CC667282984DFBD01BDC34 \ 820 ADF0E90A309986BE6AD95486E67754543999AEE160A7C6458992F \ 821 ABC338136D95FBC688E0F4F03D8F942875DF39E8D9EAA6B35FFA6 \ 822 C9C1097E5BEA8EADA90DAAC52FBE16A830EA49D550ABFFB64C824 \ 823 4095992BAE73D970AE908CE9413A6EC52F98F593E138F3E6B7BAE \ 824 A6657E03DF715516DD69342374D222F9A4D4B6579994DD01F4E7E \ 825 C1C254C2A5EA109519C788FA1504B0273975C3E647820CFE5CDF4 \ 826 D0D5A6C717C1795EB2BE37030EDEB3196D5866255B1FC10BD03B0 \ 827 5FBDF59DBD87451877761BDEDD25D468D9409A054B1767BF70C41 \ 828 61D416B01F472E4D0924FB9EF84A7EF027A4C3F6FDDD0018A827A \ 829 B66017062F0F0709B271C1CB03557558F882C4FD89569E55E86D9 \ 830 834105F5E7468BA389305729F7FEB6BF2BE3F92BCA40917CC947A \ 831 438B43D6A109535EEBFC06BAEE3A01C9E49D95E84ACDA572F47C4 \ 832 FECC648903154182BBF5222CD4F40622DBB6886A062FE52A59260 \ 833 EC8B61843622DA827B77BAFB0E0F7AA55E3E869BD7943C780F317 \ 834 82241FE1D8B55C313A421875EFE40BD3B649087AE3A1A5942A51A \ 835 7C182EDF686A9842A2F82E51ABE70826D5CA045F984472DB63784 \ 836 194DC2C523889A95CA8C625B017BCA6CAC5175E87552EACBD8D3F \ 837 5C281E4D4108F90E395088D50C528809C37788609A5734FFCE402 \ 838 87270A3A6B04A069DE8277F7F5109C16938347A643713C9AC36FF \ 839 FC8BF141E899F48BC25C7B636D43BEBCFA7742D4E1462263E5673 \ 840 2AD2021EEF8CE84023C4959CFD250348B23AE6DB317087F1F593F \ 841 768825A970E85C15306447892E72C8CF4461E3DF57E696AF1780A \ 842 DA04F847F8FD3C42A802FC9BA38C696ED74FF8A300D171BBAE888 \ 843 8B226498CF63EBA035814557E3A552E0B5DA56DD90C1372D82386 \ 844 0D00CA4F242E8BF1FCA88BA71173DE185E6F1D1EF2BAE53D701D0 \ 845 3D4BF3B44F0842BED8126494A7FD2C7B1321A5527B78681B1D130 \ 846 62CE4DAE86C68DAB481551D857934250E6DBF99D37DA15735831C \ 847 2FA31DD2AB81FBF1F2DE8D890DF29A8CCD730431135E3A0D9C075 \ 848 860F9843B14BE9408714E96218D3642E5B0126BD8FF941757A512 \ 849 CDCB4F6336D6FDC357C28E59484EDC9101AE78BBC6CB380E6E051 \ 850 6ECC48391FE9DA4519DF813CB680497BA65132954F11F857BDFF3 \ 851 644B7F54F59542BAE97EBC7270DECDD407989CAD427894922EDC1 \ 852 BD22E5E1991E1B894A92F893268F66327084B09A945732EF82F27 \ 853 007D5DD0A08403E8E553EA7E20C1E23A567B850F8FE4D00417099 \ 854 5CE1FCC2284EACB197F001C9B0FF2FB67BC24C5774A935F96761F \ 855 D52394AEDE47896E5204BD011F2697F9791953C0F265909019A90 \ 856 804A3A59A4D5A481020861ADC270845EBEE08D8C5C442A0ECBB5C \ 857 78D65E11A5CD71D520281A73C8EE741B4B1E2807E30BD9A2AD1DF \ 858 E50FE3875F201926D87F732461E279FB774E97A93363527C13948 \ 859 DBE1776B7FB8604762C576402481704E4E056D67F00EC4399CED2 \ 860 B8802C89A78827B12FDC5D8B8A3A1914A80B573D3C4F3C87E91AE \ 861 3DBB05B685CEC2194604FA3965B0AF4E0D6E929D672E6C2EDC600 \ 862 1FC2A9AB1CA244FD07847B86A544AAB532DD2E49C2ACB9C42330B \ 863 44F95AEF50A1E44761E5E25670DA2C7291254C17C298F685B1FB0 \ 864 22932B07DE031B1E9988131C73BD0B4E748FF2C2FFD45B7DF99EF \ 865 1FA579F02930D3C3AA3D46F50AF699CF3E5E11E035B693542EBB5 \ 866 B7D756B001BA792C8B6F4521A4F49DB647A37095A28482548E3C0 \ 867 E9DFB0C2D504BE2E9B60983660B05E45FF8847BD7392ED1010AA8 \ 868 5589B36455B864A682B58A87CE0BE617C838BEA0295186178B1EC \ 869 2CD64044B8FF4A30FFEFAE2A007E7531250E0EBBB76621CBECF25 \ 870 5E08727BBE61178A3CF25395468F207249A97EF9A631D9CD651FD \ 871 36ADC2CB00B81663E6C89869E7C2BCB6C149E9CA97B4AC8F656F9 \ 872 B54A800C81045C77A6DD75040AFB72273F1C1A2B8A0E60E60F5FA \ 873 9C63AA4DBBCE603BBAF99DE4EB95FED967E444FABD025D40A2D74 \ 874 AFE0AD427C5E0D5DDFE3267DD04256752FB643D362E8DA17B5E44 \ 875 81A45176376804FF489DF09FDA863BD4000000067B95DE445ABF8 \ 876 9161DFF4B91A4A9E3BF156A39A4660F98F06BF3F017686D9DFC36 \ 877 2C948646B3C9848803E6D9BA1F7D3967F709CDDD35DC77D60356F \ 878 0C36808900B491CB4ECBBABEC128E7C81A46E62A67B57640A0A78 \ 879 BE1CBF7DD9D419A10CD8686D16621A80816BFDB5BDC56211D72CA \ 880 70B81F1117D129529A7570CF79CF52A7028A48538ECDD3B38D3D5 \ 881 D62D26246595C4FB73A525A5ED2C30524EBB1D8CC82E0C19BC497 \ 882 7C6898FF95FD3D310B0BAE71696CEF93C6A552456BF96E9D075E3 \ 883 83BB7543C675842BAFBFC7CDB88483B3276C29D4F0A341C2D406E \ 884 40D4653B7E4D045851ACF6A0A0EA9C710B805CCED4635EE8C1073 \ 885 62F0FC8D80C14D0AC49C516703D26D14752F34C1C0D2C4247581C \ 886 18C2CF4DE48E9CE949BE7C888E9CAEBE4A415E291FD107D21DC1F \ 887 084B1158208249F28F4F7C7E931BA7B3BD0D824A4570'])", 888 "cbor":"D2844AA101674853532D4C4D53A1044649747342696754546 \ 889 869732069732074686520636F6E74656E742E5909D00000000000 \ 890 0000000000000391291DE76CE6E24D1E2A9B60266519BC8CE889F \ 891 814DEB0FC00EDD3129DE3AB9BA6814A4BEE84E5E838C7725F78FE \ 892 0610837A548F92802DA610AFB0ADFB133123061C023E87A7802C1 \ 893 7B00740F25737A775B95E923905B6F0CA02A870955420A6800313 \ 894 3A1EA12083E134238DFE5F1633E159CFD207BC79B50DD39BA39FC \ 895 AAA75C12F7F1B493AB8736162E42C2C2F9159DF3332C399A50BB8 \ 896 404F2CB6D98DAA4C3DF82A197CFE014BEC27CC820A5B26BAC5DFE \ 897 05947E3A7D92070A4653C67BA095AB0499AF655B81B719912E296 \ 898 765FA46CB0AD2ED56BBCF00CA6FB9C16D8C05C1C165FED054A099 \ 899 A3DA89F9CB951C6ED366DF38E299C7E7DC9AC9C4366F328407E7C \ 900 4A6CD8A5314D6B02B377406D5A5E589E91FEAA9F2E4EC1682BA1F \ 901 633C7784B3038FAC2E77947916C8F4160CF6D9D0B0BC6600CDBC4 \ 902 AE947DD5D317DCBA3D200A739F96CDDBA94DAF86CE80C76158D4F \ 903 5CF3CD2BA9F1393DF47E556887F919E0718625D31240E7FE95990 \ 904 12F757314C20893827194AD6555F1452E3A749CE213DFBA283013 \ 905 DCFF196F9BD18D715B6E7451DE35B18181DF8A626DE1480F2DDEC \ 906 B126B477E019FFE75E4472EF4FA1B913C80821155AAE0D7F3B117 \ 907 5B64CA076926166C80E8219D241791C1DE3C8F93655085C0B00F8 \ 908 40970367DAF2A41D462C696C74AF0C3591A6C6B4D701963819FFB \ 909 DC945785D64CE687BA4D086A31FE6A5E1C74A6C0E25CF67CEA24D \ 910 CDE0E47B5210670CC2D66003DF2232F4BA337D325166381681FD4 \ 911 738997BB3EC1499E594B5CCE9FBC11C3136C20F156012A4DA0626 \ 912 75627758DBF1BE635C876F81713D322EA127F6FFC8880F42BA518 \ 913 79CC0EB27B8A0C21E434DA7C490BFE30BE1FAC3CAA5CF97451FAD \ 914 F412ECA7BAD72E2553541224EB934A9C8A0034E1C59EA2D9EAFD6 \ 915 6A72F1C43A07B70CBBC0AD844506E31C4CC84F395F28915239C8C \ 916 B733787EE79704B8BA0CC667282984DFBD01BDC34ADF0E90A3099 \ 917 86BE6AD95486E67754543999AEE160A7C6458992FABC338136D95 \ 918 FBC688E0F4F03D8F942875DF39E8D9EAA6B35FFA6C9C1097E5BEA \ 919 8EADA90DAAC52FBE16A830EA49D550ABFFB64C8244095992BAE73 \ 920 D970AE908CE9413A6EC52F98F593E138F3E6B7BAEA6657E03DF71 \ 921 5516DD69342374D222F9A4D4B6579994DD01F4E7EC1C254C2A5EA \ 922 109519C788FA1504B0273975C3E647820CFE5CDF4D0D5A6C717C1 \ 923 795EB2BE37030EDEB3196D5866255B1FC10BD03B05FBDF59DBD87 \ 924 451877761BDEDD25D468D9409A054B1767BF70C4161D416B01F47 \ 925 2E4D0924FB9EF84A7EF027A4C3F6FDDD0018A827AB66017062F0F \ 926 0709B271C1CB03557558F882C4FD89569E55E86D9834105F5E746 \ 927 8BA389305729F7FEB6BF2BE3F92BCA40917CC947A438B43D6A109 \ 928 535EEBFC06BAEE3A01C9E49D95E84ACDA572F47C4FECC64890315 \ 929 4182BBF5222CD4F40622DBB6886A062FE52A59260EC8B61843622 \ 930 DA827B77BAFB0E0F7AA55E3E869BD7943C780F31782241FE1D8B5 \ 931 5C313A421875EFE40BD3B649087AE3A1A5942A51A7C182EDF686A \ 932 9842A2F82E51ABE70826D5CA045F984472DB63784194DC2C52388 \ 933 9A95CA8C625B017BCA6CAC5175E87552EACBD8D3F5C281E4D4108 \ 934 F90E395088D50C528809C37788609A5734FFCE40287270A3A6B04 \ 935 A069DE8277F7F5109C16938347A643713C9AC36FFFC8BF141E899 \ 936 F48BC25C7B636D43BEBCFA7742D4E1462263E56732AD2021EEF8C \ 937 E84023C4959CFD250348B23AE6DB317087F1F593F768825A970E8 \ 938 5C15306447892E72C8CF4461E3DF57E696AF1780ADA04F847F8FD \ 939 3C42A802FC9BA38C696ED74FF8A300D171BBAE8888B226498CF63 \ 940 EBA035814557E3A552E0B5DA56DD90C1372D823860D00CA4F242E \ 941 8BF1FCA88BA71173DE185E6F1D1EF2BAE53D701D03D4BF3B44F08 \ 942 42BED8126494A7FD2C7B1321A5527B78681B1D13062CE4DAE86C6 \ 943 8DAB481551D857934250E6DBF99D37DA15735831C2FA31DD2AB81 \ 944 FBF1F2DE8D890DF29A8CCD730431135E3A0D9C075860F9843B14B \ 945 E9408714E96218D3642E5B0126BD8FF941757A512CDCB4F6336D6 \ 946 FDC357C28E59484EDC9101AE78BBC6CB380E6E0516ECC48391FE9 \ 947 DA4519DF813CB680497BA65132954F11F857BDFF3644B7F54F595 \ 948 42BAE97EBC7270DECDD407989CAD427894922EDC1BD22E5E1991E \ 949 1B894A92F893268F66327084B09A945732EF82F27007D5DD0A084 \ 950 03E8E553EA7E20C1E23A567B850F8FE4D004170995CE1FCC2284E \ 951 ACB197F001C9B0FF2FB67BC24C5774A935F96761FD52394AEDE47 \ 952 896E5204BD011F2697F9791953C0F265909019A90804A3A59A4D5 \ 953 A481020861ADC270845EBEE08D8C5C442A0ECBB5C78D65E11A5CD \ 954 71D520281A73C8EE741B4B1E2807E30BD9A2AD1DFE50FE3875F20 \ 955 1926D87F732461E279FB774E97A93363527C13948DBE1776B7FB8 \ 956 604762C576402481704E4E056D67F00EC4399CED2B8802C89A788 \ 957 27B12FDC5D8B8A3A1914A80B573D3C4F3C87E91AE3DBB05B685CE \ 958 C2194604FA3965B0AF4E0D6E929D672E6C2EDC6001FC2A9AB1CA2 \ 959 44FD07847B86A544AAB532DD2E49C2ACB9C42330B44F95AEF50A1 \ 960 E44761E5E25670DA2C7291254C17C298F685B1FB022932B07DE03 \ 961 1B1E9988131C73BD0B4E748FF2C2FFD45B7DF99EF1FA579F02930 \ 962 D3C3AA3D46F50AF699CF3E5E11E035B693542EBB5B7D756B001BA \ 963 792C8B6F4521A4F49DB647A37095A28482548E3C0E9DFB0C2D504 \ 964 BE2E9B60983660B05E45FF8847BD7392ED1010AA85589B36455B8 \ 965 64A682B58A87CE0BE617C838BEA0295186178B1EC2CD64044B8FF \ 966 4A30FFEFAE2A007E7531250E0EBBB76621CBECF255E08727BBE61 \ 967 178A3CF25395468F207249A97EF9A631D9CD651FD36ADC2CB00B8 \ 968 1663E6C89869E7C2BCB6C149E9CA97B4AC8F656F9B54A800C8104 \ 969 5C77A6DD75040AFB72273F1C1A2B8A0E60E60F5FA9C63AA4DBBCE \ 970 603BBAF99DE4EB95FED967E444FABD025D40A2D74AFE0AD427C5E \ 971 0D5DDFE3267DD04256752FB643D362E8DA17B5E4481A451763768 \ 972 04FF489DF09FDA863BD4000000067B95DE445ABF89161DFF4B91A \ 973 4A9E3BF156A39A4660F98F06BF3F017686D9DFC362C948646B3C9 \ 974 848803E6D9BA1F7D3967F709CDDD35DC77D60356F0C36808900B4 \ 975 91CB4ECBBABEC128E7C81A46E62A67B57640A0A78BE1CBF7DD9D4 \ 976 19A10CD8686D16621A80816BFDB5BDC56211D72CA70B81F1117D1 \ 977 29529A7570CF79CF52A7028A48538ECDD3B38D3D5D62D26246595 \ 978 C4FB73A525A5ED2C30524EBB1D8CC82E0C19BC4977C6898FF95FD \ 979 3D310B0BAE71696CEF93C6A552456BF96E9D075E383BB7543C675 \ 980 842BAFBFC7CDB88483B3276C29D4F0A341C2D406E40D4653B7E4D \ 981 045851ACF6A0A0EA9C710B805CCED4635EE8C107362F0FC8D80C1 \ 982 4D0AC49C516703D26D14752F34C1C0D2C4247581C18C2CF4DE48E \ 983 9CE949BE7C888E9CAEBE4A415E291FD107D21DC1F084B11582082 \ 984 49F28F4F7C7E931BA7B3BD0D824A4570" 985 } 987 } 989 Appendix B. Acknowledgements 991 Many thanks to Scott Fluhrer, John Mattsson, Jim Schaad, and Tony 992 Putman for their valuable review and insights. In addition, an extra 993 special thank you to Jim Schaad for generating the examples in 994 Appendix A. 996 Author's Address 998 Russ Housley 999 Vigil Security, LLC 1000 516 Dranesville Road 1001 Herndon, VA 20170 1002 US 1004 Email: housley@vigilsec.com