idnits 2.17.1 draft-ietf-cose-hash-sig-05.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (October 28, 2019) is 1641 days in the past. Is this intentional? -- Found something which looks like a code comment -- if you have code sections in the document, please surround them with '' and '' lines. Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) -- Looks like a reference, but probably isn't: '0' on line 293 -- Looks like a reference, but probably isn't: '1' on line 245 == Missing Reference: 'Nspk-2' is mentioned on line 181, but not defined == Missing Reference: 'Nspk-1' is mentioned on line 182, but not defined ** Downref: Normative reference to an Informational RFC: RFC 8554 (ref. 'HASHSIG') ** Obsolete normative reference: RFC 8152 (Obsoleted by RFC 9052, RFC 9053) -- Possible downref: Non-RFC (?) normative reference: ref. 'SHS' Summary: 2 errors (**), 0 flaws (~~), 3 warnings (==), 5 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group R. Housley 3 Internet-Draft Vigil Security 4 Intended status: Standards Track October 28, 2019 5 Expires: April 30, 2020 7 Use of the HSS/LMS Hash-based Signature Algorithm with CBOR Object 8 Signing and Encryption (COSE) 9 draft-ietf-cose-hash-sig-05 11 Abstract 13 This document specifies the conventions for using the Hierarchical 14 Signature System (HSS) / Leighton-Micali Signature (LMS) hash-based 15 signature algorithm with the CBOR Object Signing and Encryption 16 (COSE) syntax. The HSS/LMS algorithm is one form of hash-based 17 digital signature; it is described in RFC 8554. 19 Status of This Memo 21 This Internet-Draft is submitted in full conformance with the 22 provisions of BCP 78 and BCP 79. 24 Internet-Drafts are working documents of the Internet Engineering 25 Task Force (IETF). Note that other groups may also distribute 26 working documents as Internet-Drafts. The list of current Internet- 27 Drafts is at https://datatracker.ietf.org/drafts/current/. 29 Internet-Drafts are draft documents valid for a maximum of six months 30 and may be updated, replaced, or obsoleted by other documents at any 31 time. It is inappropriate to use Internet-Drafts as reference 32 material or to cite them other than as "work in progress." 34 This Internet-Draft will expire on April 30, 2020. 36 Copyright Notice 38 Copyright (c) 2019 IETF Trust and the persons identified as the 39 document authors. All rights reserved. 41 This document is subject to BCP 78 and the IETF Trust's Legal 42 Provisions Relating to IETF Documents 43 (https://trustee.ietf.org/license-info) in effect on the date of 44 publication of this document. Please review these documents 45 carefully, as they describe your rights and restrictions with respect 46 to this document. Code Components extracted from this document must 47 include Simplified BSD License text as described in Section 4.e of 48 the Trust Legal Provisions and are provided without warranty as 49 described in the Simplified BSD License. 51 Table of Contents 53 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 54 1.1. Motivation . . . . . . . . . . . . . . . . . . . . . . . 3 55 1.2. Terminology . . . . . . . . . . . . . . . . . . . . . . . 3 56 2. LMS Digital Signature Algorithm Overview . . . . . . . . . . 3 57 2.1. Hierarchical Signature System (HSS) . . . . . . . . . . . 4 58 2.2. Leighton-Micali Signature (LMS) . . . . . . . . . . . . . 5 59 2.3. Leighton-Micali One-time Signature Algorithm (LM-OTS) . . 6 60 3. Hash-based Signature Algorithm Identifiers . . . . . . . . . 7 61 4. Security Considerations . . . . . . . . . . . . . . . . . . . 7 62 4.1. Implementation Security Considerations . . . . . . . . . 7 63 5. Operational Considerations . . . . . . . . . . . . . . . . . 8 64 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 9 65 6.1. COSE Algorithms Registry Entry . . . . . . . . . . . . . 9 66 6.2. COSE Key Types Registry Entry . . . . . . . . . . . . . . 9 67 7. References . . . . . . . . . . . . . . . . . . . . . . . . . 9 68 7.1. Normative References . . . . . . . . . . . . . . . . . . 9 69 7.2. Informative References . . . . . . . . . . . . . . . . . 10 70 Appendix A. Examples . . . . . . . . . . . . . . . . . . . . . . 11 71 A.1. Example COSE Full Message Signature . . . . . . . . . . . 11 72 A.2. Example COSE_Sign0 Message . . . . . . . . . . . . . . . 16 73 Appendix B. Acknowledgements . . . . . . . . . . . . . . . . . . 21 74 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 21 76 1. Introduction 78 This document specifies the conventions for using the Hierarchical 79 Signature System (HSS) / Leighton-Micali Signature (LMS) hash-based 80 signature algorithm with with the CBOR Object Signing and Encryption 81 (COSE) [RFC8152] syntax. The LMS system provides a one-time digital 82 signature that is a variant of Merkle Tree Signatures (MTS). The HSS 83 is built on top of the LMS system to efficiently scale for a larger 84 numbers of signatures. The HSS/LMS algorithm is one form of hash- 85 based digital signature, and it is described in [HASHSIG]. The HSS/ 86 LMS signature algorithm can only be used for a fixed number of 87 signing operations. The number of signing operations depends upon 88 the size of the tree. The HSS/LMS signature algorithm uses small 89 public keys, and it has low computational cost; however, the 90 signatures are quite large. The HSS/LMS private key can be very 91 small when the signer is willing to perform additional computation at 92 signing time; alternatively, the private key can consume additional 93 memory and provide a faster signing time. The HSS/LMS signatures 94 [HASHSIG] are currently defined to use exclusively SHA-256 [SHS]. 96 1.1. Motivation 98 Recent advances in cryptanalysis [BH2013] and progress in the 99 development of quantum computers [NAS2019] pose a threat to widely 100 deployed digital signature algorithms. As a result, there is a need 101 to prepare for a day that cryptosystems such as RSA and DSA that 102 depend on discrete logarithm and factoring cannot be depended upon. 104 If large-scale quantum computers are ever built, these computers will 105 be able to break many of the public-key cryptosystems currently in 106 use. A post-quantum cryptosystem [PQC] is a system that is secure 107 against quantum computers that have more than a trivial number of 108 quantum bits (qubits). It is open to conjecture when it will be 109 feasible to build such computers; however, RSA, DSA, ECDSA, and EdDSA 110 are all vulnerable if large-scale quantum computers come to pass. 112 Since the HSS/LMS signature algorithm does not depend on the 113 difficulty of discrete logarithm or factoring, the HSS/LMS signature 114 algorithm is considered to be post-quantum secure. The use of HSS/ 115 LMS hash-based signatures to protect software update distribution, 116 perhaps using the format that is being specified by the IETF SUIT 117 Working Group, will allow the deployment of software that implements 118 new cryptosystems. 120 1.2. Terminology 122 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 123 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 124 "OPTIONAL" in this document are to be interpreted as described in 125 BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all 126 capitals, as shown here. 128 2. LMS Digital Signature Algorithm Overview 130 This specification makes use of the hash-based signature algorithm 131 specified in [HASHSIG], which is the Leighton and Micali adaptation 132 [LM] of the original Lamport-Diffie-Winternitz-Merkle one-time 133 signature system [M1979][M1987][M1989a][M1989b]. 135 The hash-based signature algorithm has three major components: 137 o Hierarchical Signature System (HSS) -- see Section 2.1; 139 o Leighton-Micali Signature (LMS) -- see Section 2.2; and 141 o Leighton-Micali One-time Signature Algorithm (LM-OTS) -- see 142 Section 2.3. 144 As implied by the name, the hash-based signature algorithm depends on 145 a collision-resistant hash function. The the hash-based signature 146 algorithm specified in [HASHSIG] currently makes use of the SHA-256 147 one-way hash function [SHS], but it also establishes an IANA registry 148 to permit the registration of additional one-way hash functions in 149 the future. 151 2.1. Hierarchical Signature System (HSS) 153 The hash-based signature algorithm specified in [HASHSIG] uses a 154 hierarchy of trees. The Hierarchical N-time Signature System (HSS) 155 allows subordinate trees to be generated when needed by the signer. 156 Otherwise, generation of the entire tree might take weeks or longer. 158 An HSS signature as specified in [HASHSIG] carries the number of 159 signed public keys (Nspk), followed by that number of signed public 160 keys, followed by the LMS signature as described in Section 2.2. The 161 public key for the top-most LMS tree is the public key of the HSS 162 system. The LMS private key in the parent tree signs the LMS public 163 key in the child tree, and the LMS private key in the bottom-most 164 tree signs the actual message. The signature over the public key and 165 the signature over the actual message are LMS signatures as described 166 in Section 2.2. 168 The elements of the HSS signature value for a stand-alone tree (a top 169 tree with no children) can be summarized as: 171 u32str(0) || 172 lms_signature /* signature of message */ 174 The elements of the HSS signature value for a tree with Nspk signed 175 public keys can be summarized as: 177 u32str(Nspk) || 178 signed_public_key[0] || 179 signed_public_key[1] || 180 ... 181 signed_public_key[Nspk-2] || 182 signed_public_key[Nspk-1] || 183 lms_signature /* signature of message */ 185 where, as defined in Section 3.3 of [HASHSIG], a signed_public_key is 186 the lms_signature over the public key followed by the public key 187 itself. Note that Nspk is the number of levels in the hierarchy of 188 trees minus 1. 190 2.2. Leighton-Micali Signature (LMS) 192 Each tree in the hash-based signature algorithm specified in 193 [HASHSIG] uses the Leighton-Micali Signature (LMS) system. LMS 194 systems have two parameters. The first parameter is the height of 195 the tree, h, which is the number of levels in the tree minus one. 196 The [HASHSIG] includes support for five values of this parameter: 197 h=5; h=10; h=15; h=20; and h=25. Note that there are 2^h leaves in 198 the tree. The second parameter is the number of bytes output by the 199 hash function, m, which is the amount of data associated with each 200 node in the tree. This specification supports only SHA-256, with 201 m=32. An IANA registry is defined so that other hash functions could 202 be used in the future. 204 The [HASHSIG] specification supports five tree sizes: 206 LMS_SHA256_M32_H5; 207 LMS_SHA256_M32_H10; 208 LMS_SHA256_M32_H15; 209 LMS_SHA256_M32_H20; and 210 LMS_SHA256_M32_H25. 212 The [HASHSIG] specification establishes an IANA registry to permit 213 the registration of additional hash functions and additional tree 214 sizes in the future. 216 The [HASHSIG] specification defines the value I as the private key 217 identifier, and the same I value is used for all computations with 218 the same LMS tree. In addition, the [HASHSIG] specification defines 219 the value T[i] as the m-byte string associated with the ith node in 220 the LMS tree, where and the nodes are indexed from 1 to 2^(h+1)-1. 221 Thus, T[1] is the m-byte string associated with the root of the LMS 222 tree. 224 The LMS public key can be summarized as: 226 u32str(lms_algorithm_type) || u32str(otstype) || I || T[1] 228 As specified in [HASHSIG], the LMS signature consists of four 229 elements: the number of the leaf associated with the LM-OTS 230 signature, an LM-OTS signature as described in Section 2.3, a 231 typecode indicating the particular LMS algorithm, and an array of 232 values that is associated with the path through the tree from the 233 leaf associated with the LM-OTS signature to the root. The array of 234 values contains the siblings of the nodes on the path from the leaf 235 to the root but does not contain the nodes on the path itself. The 236 array for a tree with height h will have h values. The first value 237 is the sibling of the leaf, the next value is the sibling of the 238 parent of the leaf, and so on up the path to the root. 240 The four elements of the LMS signature value can be summarized as: 242 u32str(q) || 243 ots_signature || 244 u32str(type) || 245 path[0] || path[1] || ... || path[h-1] 247 2.3. Leighton-Micali One-time Signature Algorithm (LM-OTS) 249 The hash-based signature algorithm depends on a one-time signature 250 method. This specification makes use of the Leighton-Micali One-time 251 Signature Algorithm (LM-OTS) [HASHSIG]. An LM-OTS has five 252 parameters: 254 n - The number of bytes output by the hash function. This 255 specification supports only SHA-256 [SHS], with n=32. 257 H - A preimage-resistant hash function that accepts byte strings 258 of any length, and returns an n-byte string. This 259 specification supports only SHA-256 [SHS]. 261 w - The width in bits of the Winternitz coefficients. [HASHSIG] 262 supports four values for this parameter: w=1; w=2; w=4; and 263 w=8. 265 p - The number of n-byte string elements that make up the LM-OTS 266 signature. 268 ls - The number of left-shift bits used in the checksum function, 269 which is defined in Section 4.5 of [HASHSIG]. 271 The values of p and ls are dependent on the choices of the parameters 272 n and w, as described in Appendix B of [HASHSIG]. 274 The [HASHSIG] specification supports four LM-OTS variants: 276 LMOTS_SHA256_N32_W1; 277 LMOTS_SHA256_N32_W2; 278 LMOTS_SHA256_N32_W4; and 279 LMOTS_SHA256_N32_W8. 281 The [HASHSIG] specification establishes an IANA registry to permit 282 the registration of additional hash functions and additional 283 parameter sets in the future. 285 Signing involves the generation of C, which is an n-byte random 286 value. 288 The LM-OTS signature value can be summarized as the identifier of the 289 LM-OTS variant, the random value, and a sequence of hash values (y[0] 290 through y[p-1]) that correspond to the elements of the public key as 291 described in Section 4.5 of [HASHSIG]: 293 u32str(otstype) || C || y[0] || ... || y[p-1] 295 3. Hash-based Signature Algorithm Identifiers 297 The CBOR Object Signing and Encryption (COSE) [RFC8152] supports two 298 signature algorithm schemes. This specification makes use of the 299 signature with appendix scheme for hash-based signatures. 301 The signature value is a large byte string as described in Section 2. 302 The byte string is designed for easy parsing. The HSS, LMS, and 303 LMOTS components of the signature value format include counters and 304 type codes that indirectly provide all of the information that is 305 needed to parse the byte string during signature validation. 307 When using a COSE key for this algorithm, the following checks are 308 made: 310 o The 'kty' field MUST be present, and it MUST be 'HSS-LMS'. 312 o If the 'alg' field is present, and it MUST be 'HSS-LMS'. 314 o If the 'key_ops' field is present, it MUST include 'sign' when 315 creating a hash-based signature. 317 o If the 'key_ops' field is present, it MUST include 'verify' 318 when verifying a hash-based signature. 320 o If the 'kid' field is present, it MAY be used to identify the 321 top of the HSS tree. In [HASHSIG], this identifier is called 322 'I', and it is the 16-byte identifier of the LMS public key 323 for the tree. 325 4. Security Considerations 327 4.1. Implementation Security Considerations 329 Implementations MUST protect the private keys. Compromise of the 330 private keys may result in the ability to forge signatures. Along 331 with the private key, the implementation MUST keep track of which 332 leaf nodes in the tree have been used. Loss of integrity of this 333 tracking data can cause a one-time key to be used more than once. As 334 a result, when a private key and the tracking data are stored on non- 335 volatile media or stored in a virtual machine environment, failed 336 writes, virtual machine snapshotting or cloning, and other 337 operational concerns must be considered to ensure confidentiality and 338 integrity. 340 When generating an LMS key pair, an implementation MUST generate each 341 key pair independently of all other key pairs in the HSS tree. 343 An implementation MUST ensure that a LM-OTS private key is used to 344 generate a signature only one time, and ensure that it cannot be used 345 for any other purpose. 347 The generation of private keys relies on random numbers. The use of 348 inadequate pseudo-random number generators (PRNGs) to generate these 349 values can result in little or no security. An attacker may find it 350 much easier to reproduce the PRNG environment that produced the keys, 351 searching the resulting small set of possibilities, rather than brute 352 force searching the whole key space. The generation of quality 353 random numbers is difficult, and [RFC4086] offers important guidance 354 in this area. 356 The generation of hash-based signatures also depends on random 357 numbers. While the consequences of an inadequate pseudo-random 358 number generator (PRNG) to generate these values is much less severe 359 than in the generation of private keys, the guidance in [RFC4086] 360 remains important. 362 5. Operational Considerations 364 The public key for the hash-based signature is the key at the root of 365 Hierarchical Signature System (HSS). In the absence of a public key 366 infrastructure [RFC5280], this public key is a trust anchor, and the 367 number of signatures that can be generated is bounded by the size of 368 the overall HSS set of trees. When all of the LM-OTS signatures have 369 been used to produce a signature, then the establishment of a new 370 trust anchor is required. 372 To ensure that none of tree nodes are used to generate more than one 373 signature, the signer maintains state across different invocations of 374 the signing algorithm. Section 12.2 of [HASHSIG] offers some 375 practical implementation approaches around this statefulness. In 376 some of these approaches, nodes are sacrificed to ensure that none 377 are used more than once. As a result, the total number of signatures 378 that can be generated might be less than the overall HSS set of 379 trees. 381 6. IANA Considerations 383 IANA is requested to add entries for hash-based signatures in the 384 "COSE Algorithms" registry and hash-based public keys in the "COSE 385 Key Types" registry. 387 6.1. COSE Algorithms Registry Entry 389 The new entry in the "COSE Algorithms" registry has the following 390 columns: 392 Name: HSS-LMS 394 Value: TBD (Value between -256 and 255 to be assigned by IANA) 396 Description: HSS/LMS hash-based digital signature 398 Reference: This document (Number to be assigned by RFC Editor) 400 Recommended: Yes 402 6.2. COSE Key Types Registry Entry 404 The new entry in the "COSE Key Types" registry has the following 405 columns: 407 Name: HSS-LMS 409 Value: TBD (Value to be assigned by IANA) 411 Description: Public key for HSS/LMS hash-based digital signature 413 Reference: This document (Number to be assigned by RFC Editor) 415 7. References 417 7.1. Normative References 419 [HASHSIG] McGrew, D., Curcio, M., and S. Fluhrer, "Leighton-Micali 420 Hash-Based Signatures", RFC 8554, April 2019, 421 . 423 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 424 Requirement Levels", BCP 14, RFC 2119, 425 DOI 10.17487/RFC2119, March 1997, 426 . 428 [RFC8152] Schaad, J., "CBOR Object Signing and Encryption (COSE)", 429 RFC 8152, DOI 10.17487/RFC8152, July 2017, 430 . 432 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 433 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 434 May 2017, . 436 [SHS] National Institute of Standards and Technology (NIST), 437 "Secure Hash Standard", FIPS Publication 180-3, 2008. 439 7.2. Informative References 441 [BH2013] Ptacek, T., Ritter, T., Samuel, J., and A. Stamos, "The 442 Factoring Dead: Preparing for the Cryptopocalypse", August 443 2013, . 446 [LM] Leighton, F. and S. Micali, "Large provably fast and 447 secure digital signature schemes from secure hash 448 functions", U.S. Patent 5,432,852, July 1995. 450 [M1979] Merkle, R., "Secrecy, Authentication, and Public Key 451 Systems", Stanford University Information Systems 452 Laboratory Technical Report 1979-1, 1979. 454 [M1987] Merkle, R., "A Digital Signature Based on a Conventional 455 Encryption Function", Lecture Notes in Computer 456 Science crypto87, 1988. 458 [M1989a] Merkle, R., "A Certified Digital Signature", Lecture Notes 459 in Computer Science crypto89, 1990. 461 [M1989b] Merkle, R., "One Way Hash Functions and DES", Lecture 462 Notes in Computer Science crypto89, 1990. 464 [NAS2019] National Academies of Sciences, Engineering, and Medicine, 465 "Quantum Computing: Progress and Prospects", 2019, 466 . 468 [PQC] Bernstein, D., "Introduction to post-quantum 469 cryptography", 2009, 470 . 473 [RFC4086] Eastlake 3rd, D., Schiller, J., and S. Crocker, 474 "Randomness Requirements for Security", BCP 106, RFC 4086, 475 DOI 10.17487/RFC4086, June 2005, 476 . 478 [RFC5280] Cooper, D., Santesson, S., Farrell, S., Boeyen, S., 479 Housley, R., and W. Polk, "Internet X.509 Public Key 480 Infrastructure Certificate and Certificate Revocation List 481 (CRL) Profile", RFC 5280, DOI 10.17487/RFC5280, May 2008, 482 . 484 Appendix A. Examples 486 This appendix provides a non-normative example of a COSE full message 487 signature and an example of a COSE_Sign0 message. The display format 488 includes "\" to indicate that the same field continues on the next 489 line, and it includes "|" to separate items within a field. 491 The programs that were used to generate the examples can be found at 492 https://github.com/cose-wg/Examples. 494 A.1. Example COSE Full Message Signature 496 This section provides an example of a COSE full message signature. 498 { 499 "title":"HSS LMS Hash based signature - hsssig-01", 500 "input":{ 501 "plaintext":"This is the content.", 502 "sign":{ 503 "protected":{ 504 "ctyp":0 505 }, 506 "signers":[ 507 { 508 "key":{ 509 "kty":"HSS-LMS", 510 "kid":"ItsBig", 511 "comment":"1 level key - LM_SHA256_MD32_H10 + \ 512 LMOTS_SHA256_N32_W4 ", 513 "public":"000000010000000600000003d08fabd4a20 \ 514 91ff0a8cb4ed834e7453432a58885cd9ba0431235 \ 515 466bff9651c6c92124404d45fa53cf161c28f1ad5a8e", 516 "private":"1|6|3|558B8966C48AE9CB898B423C8344 \ 517 3AAE014A72F1B1AB5CC85CF1D892903B5439|1|d0 \ 518 8fabd4a2091ff0a8cb4ed834e74534" 519 }, 520 "unprotected":{ 521 "kid":"ItsBig" 522 }, 523 "protected":{ 524 "alg":"HSS-LMS" 525 } 526 } 527 ] 528 }, 529 "rng_description":"Random value for signature", 530 "rng_stream":[ 531 "ACFC5C7377D45C969DF7D7289882A48C1A10E5C48B6E29DF5018D \ 532 3E683E36BC5" 533 ] 534 }, 535 "intermediates":{ 536 "signers":[ 537 { 538 "ToBeSign_hex":"85695369676E617475726543A103004AA10 \ 539 1674853532D4C4D53405454686973206973207468652063 \ 540 6F6E74656E742E" 541 } 542 ] 543 }, 544 "output":{ 545 "cbor_diag":"98([h'A10300', {}, h'54686973206973207468652 \ 546 0636F6E74656E742E', [[h'A101674853532D4C4D53', \ 547 {4: h'497473426967'}, h'00000000000000010000000391291 \ 548 DE76CE6E24D1E2A9B60266519BC8CE889F814DEB0FC00EDD3129D \ 549 E3AB9BFC0F5DA46923923AA3209BF9E1480AB78906D79D4C9280A \ 550 DC6300C182CB33429CE0035FE3E2E4428770D22F85687A18AEE76 \ 551 CDC2F8E8F40043B314A68E72F9F679F7E3A5A34594E7673EEB70E \ 552 840FBFFDA398EC59BF0236FDD34ACE319DC1EAD1BD22B0213A094 \ 553 6160F30168A6E193C57C32BB017C22529EC3760FF93358633D5A6 \ 554 9F7F0850BD720E72FF758B19D4E27D114B1E6321BFDF1859102E7 \ 555 23A3B1F1AE5BC53EC8732FF1B2C4D384137E8EEEC94804CB47C82 \ 556 3C0B01441E28B178E1F5A904CF7592AAACF820C97E7714B69FCA4 \ 557 BABE97854B0C00A705CAE7BA9112D182C21BCE3F10EA70C324F46 \ 558 6749279610A3477B03E3622169438C27CD46FCAD769D010D0B13A \ 559 06F5CD00D93A2EEB2BB0E25BFFD2A08C8DDF0653518B7BFEDB3B4 \ 560 6EB56BDA75B0421DF87F7FD1F08808B58DD3647472D90F8F9459C \ 561 775BFF5930956EBD7BF4D5F6B26BC53196FF9B660949B23154B9C \ 562 E7A0DF55E9083B42A90D82F8D1DE2F62770EBDCE42A4A50448854 \ 563 15C7BA81EFED2BCF8C1B6932215646E9EF160DDD79CA4DD6F4774 \ 564 85BB5B01AAD4DF4D6D45942B935C74D35BD340D9D83CBC8F8A719 \ 565 D6BB5CE098091C8787E193C84CE386355C55807A17CE1BFF830D4 \ 566 B87D63646EF8FC1E9E9071BB67A123FDEC3F37638CDAF0F4BF308 \ 567 4074069171C10C4670163B9626635ADE3BD6D7917D0B029C7D4B8 \ 568 8B005473B6FF3862FB491CD1E1F6069B306C4EF8AE4C7F83EB320 \ 569 A20406AA7FFF84BFDD22AD876B4661ED5D38F35591625F1D53DC1 \ 570 BD472D1B4D93E93DA31A8CD5CEA70B6DD7BCFA510E5BD31C1AA60 \ 571 BD252071D689C9D9CC1EDFE8AA0235C654F758FC8936515AE3441 \ 572 C3B9F2AFFA164AF2999C6994C54F0AC923F0E6ED8C48C6148234E \ 573 ADB87ABEA3C935B3D9682E6D121506131E6928474327E1E47CE7C \ 574 9D9BD4C36E7A274664B21B1E6304CCD6111E53159775196AAC4D5 \ 575 9ED5FF553F4EC9597DF17873BB5E47827D83AA48BD22849D5A97C \ 576 93A106672BDEB52ED7B6D2C56CE32700513C0FC04F26549A6FC5C \ 577 DBB5634C0BFBB6EF1FAADA66923D21BAB3BF62C6DD6D7DAAB67AB \ 578 A8923C4CF1CC8ABB47F33DF12617C38A7B1DB13E6B2D6E23DFA59 \ 579 F8E760966B7B17A5B492C6AE25920E8F697F7666D02222CD48852 \ 580 7DB55DAABD2F82D927BBB7EC06B833D4BBE08680A54B1E062D938 \ 581 8530B1F96696F712457AF44705400D8F443FAFB01D76FD6075D20 \ 582 845044ACCEA54DC4872A97C2DBCF0A9968001CB7C22F9D9387A76 \ 583 630FE4A825AA4054A3E5BA1486F5AD7B2A87FD4B248DCEE4E6EC1 \ 584 A2B8A2D2BFB19A74CA3027338633B18865EB5A16997D2DD3BC441 \ 585 35E47220182BC1FB7445037C3524641CF69370D0627C04C43A14E \ 586 778BADCFD7961551A9FCB95A8D4162A94110BC703F5F49CB85322 \ 587 CA9007322F2DBE55DC237FAED2FBF9C953EF9F5EBBDC0058BFD69 \ 588 475A87D32E4A9E5C266012B0CCE1E507AD10FC01D7E00FBF5556E \ 589 A9DC716B812357F0BE844FD14C33C582E80EB1603D78C00A6E9F6 \ 590 7EB8981A04581122F3F0DDCF997F6F7CB637857C07DEC7353DA14 \ 591 03BAAFAC8DB374922198081D77F52DB3F8B6281471D53BB11C6DA \ 592 56DD733632021F584E207FD61222C4FFEFAA74214C7634B6171C9 \ 593 5905CA05D9A3A686A7BA541BFA59A76F9CB85F4A5272BC6209A41 \ 594 CF83A22EF22074B2760118952B8282ACEF179B26C879D2C8B4238 \ 595 979E4BD512D8A5D20578810E134F254B4C1D22685B58537632259 \ 596 BB6B4CC14FB6E6C94C1087441A81F11B9A83535B24DDC725A81A9 \ 597 D1FF62DA2804C8D84C6E3837D97DEF03AA275D348E7C0AA4A46A3 \ 598 9EDDDD55C45513AB692BD7DEC0F0B142F3E7075CBEA436F3791AF \ 599 2C6E014F73C8A29464393BBB56ACE6A7048F1E444934125C9B5F7 \ 600 8A5AA130F238A441DBEC5EA73F61D00D059CB2A137D6F9EC27306 \ 601 8B2545549E525055CDE70F7C7C28FB4CADC251AE6FE3186DF1987 \ 602 0661831E95C76450146654A3D36184CFFAA1EFC684ACD21D2498E \ 603 298FD18E99D5C6AFAF5588CCDDC2475B9E8294677924FA8283094 \ 604 810F7DD9FEF57DFF359805725ED044AC13D1794D7949FE0EAFC42 \ 605 5933A7D788035C6C825A580EC3E26F7B3BE31FB98A7F67BCC6FF5 \ 606 1ABEA2A7D9FF6D898018B5FBEE74D892C8694101236E20991499D \ 607 0385A18B290BCF2938806D602E27800C21B2E38C65B987B10D360 \ 608 B2C674EED6A6205F251A0E68B7D57060DE5E3F599BA197997EE49 \ 609 DA7D6AB97119F03AF737CE914B004462AA07C61B15311BBA10FC5 \ 610 BB68A2621E47BE3374222DFFDE29C7910418F6D9E4DD1B7B7A9B3 \ 611 600689019F188EA696B7951A10C15E9BD01A5160E1A571942E223 \ 612 C6F29A70528E5CF7A52F1F60806A9FF729E76D69BFD315383F031 \ 613 C3863650757F1EF75D474935147FBAA9A6DA0ABF7C5BCF4E05026 \ 614 FD134AC20815A3A81A026213EA50FF1454F2399518DD359D49D9E \ 615 475DA432FFD4B953875FDB7A7EA7D04AC13D4102851D90BAB6527 \ 616 72527E85C485E863D9A1AC76BC0474D53FA5E6A77E64210788FBD \ 617 EB5696C6DEEEDF18AAC2BC74FC861AB770175A032273E4D5D7366 \ 618 C8FFE6F446995B564FC3D59C70FECDB60A25E28650417157F43F3 \ 619 E72C3AFC2372EC9D0787CB37BFAC383648E7A168EAACCA7C55505 \ 620 F93E9A09310320CB5184512F583F2FEA5853C36E6E43A6E6BE182 \ 621 185F04FE4B05170865618A51CF25542EADF473D5794295BDC86FC \ 622 6909D301E952346E32D69320D333BCA39B4FF8AF7E199BD55D919 \ 623 0F1FED4D3225274F03A1806E201ED2D040509FD7FA67C9CE6068E \ 624 C54B56D53BF47E67B5B8B6382A0CB69A61D7FBC2DDEDA171D4F70 \ 625 14262FC77F454A3E68E6EFB7C31C4080024C8027FD8D6CE648B78 \ 626 2B56B762BEE5ADA237D018689B58902CBAC4E44C931416B47CD5E \ 627 20026D5B81B407A0E29CAAEC81F1C3528463132F00589A9F8021A \ 628 74109F8DBF81FE282C1F58BF3F2A52C560E38BFD68B2D28679CBC \ 629 089F2C9C3FC245FF5FA3ADA7F7973D9BD4BEC69B1F0C71416A6C4 \ 630 F00000006ED1CE8C6E437918D43FBA7BD9385694C41182703F6B7 \ 631 F704DEEDD9384BA6F8BC362C948646B3C9848803E6D9BA1F7D396 \ 632 7F709CDDD35DC77D60356F0C36808900B491CB4ECBBABEC128E7C \ 633 81A46E62A67B57640A0A78BE1CBF7DD9D419A10CD8686D16621A8 \ 634 0816BFDB5BDC56211D72CA70B81F1117D129529A7570CF79CF52A \ 635 7028A48538ECDD3B38D3D5D62D26246595C4FB73A525A5ED2C305 \ 636 24EBB1D8CC82E0C19BC4977C6898FF95FD3D310B0BAE71696CEF9 \ 637 3C6A552456BF96E9D075E383BB7543C675842BAFBFC7CDB88483B \ 638 3276C29D4F0A341C2D406E40D4653B7E4D045851ACF6A0A0EA9C7 \ 639 10B805CCED4635EE8C107362F0FC8D80C14D0AC49C516703D26D1 \ 640 4752F34C1C0D2C4247581C18C2CF4DE48E9CE949BE7C888E9CAEB \ 641 E4A415E291FD107D21DC1F084B1158208249F28F4F7C7E931BA7B \ 642 3BD0D824A4570']]])", 643 "cbor":"D8628443A10300A054546869732069732074686520636F6E7 \ 644 4656E742E81834AA101674853532D4C4D53A10446497473426967 \ 645 5909D000000000000000010000000391291DE76CE6E24D1E2A9B6 \ 646 0266519BC8CE889F814DEB0FC00EDD3129DE3AB9BFC0F5DA46923 \ 647 923AA3209BF9E1480AB78906D79D4C9280ADC6300C182CB33429C \ 648 E0035FE3E2E4428770D22F85687A18AEE76CDC2F8E8F40043B314 \ 649 A68E72F9F679F7E3A5A34594E7673EEB70E840FBFFDA398EC59BF \ 650 0236FDD34ACE319DC1EAD1BD22B0213A0946160F30168A6E193C5 \ 651 7C32BB017C22529EC3760FF93358633D5A69F7F0850BD720E72FF \ 652 758B19D4E27D114B1E6321BFDF1859102E723A3B1F1AE5BC53EC8 \ 653 732FF1B2C4D384137E8EEEC94804CB47C823C0B01441E28B178E1 \ 654 F5A904CF7592AAACF820C97E7714B69FCA4BABE97854B0C00A705 \ 655 CAE7BA9112D182C21BCE3F10EA70C324F466749279610A3477B03 \ 656 E3622169438C27CD46FCAD769D010D0B13A06F5CD00D93A2EEB2B \ 657 B0E25BFFD2A08C8DDF0653518B7BFEDB3B46EB56BDA75B0421DF8 \ 658 7F7FD1F08808B58DD3647472D90F8F9459C775BFF5930956EBD7B \ 659 F4D5F6B26BC53196FF9B660949B23154B9CE7A0DF55E9083B42A9 \ 660 0D82F8D1DE2F62770EBDCE42A4A5044885415C7BA81EFED2BCF8C \ 661 1B6932215646E9EF160DDD79CA4DD6F477485BB5B01AAD4DF4D6D \ 662 45942B935C74D35BD340D9D83CBC8F8A719D6BB5CE098091C8787 \ 663 E193C84CE386355C55807A17CE1BFF830D4B87D63646EF8FC1E9E \ 664 9071BB67A123FDEC3F37638CDAF0F4BF3084074069171C10C4670 \ 665 163B9626635ADE3BD6D7917D0B029C7D4B88B005473B6FF3862FB \ 666 491CD1E1F6069B306C4EF8AE4C7F83EB320A20406AA7FFF84BFDD \ 667 22AD876B4661ED5D38F35591625F1D53DC1BD472D1B4D93E93DA3 \ 668 1A8CD5CEA70B6DD7BCFA510E5BD31C1AA60BD252071D689C9D9CC \ 669 1EDFE8AA0235C654F758FC8936515AE3441C3B9F2AFFA164AF299 \ 670 9C6994C54F0AC923F0E6ED8C48C6148234EADB87ABEA3C935B3D9 \ 671 682E6D121506131E6928474327E1E47CE7C9D9BD4C36E7A274664 \ 672 B21B1E6304CCD6111E53159775196AAC4D59ED5FF553F4EC9597D \ 673 F17873BB5E47827D83AA48BD22849D5A97C93A106672BDEB52ED7 \ 674 B6D2C56CE32700513C0FC04F26549A6FC5CDBB5634C0BFBB6EF1F \ 675 AADA66923D21BAB3BF62C6DD6D7DAAB67ABA8923C4CF1CC8ABB47 \ 676 F33DF12617C38A7B1DB13E6B2D6E23DFA59F8E760966B7B17A5B4 \ 677 92C6AE25920E8F697F7666D02222CD488527DB55DAABD2F82D927 \ 678 BBB7EC06B833D4BBE08680A54B1E062D9388530B1F96696F71245 \ 679 7AF44705400D8F443FAFB01D76FD6075D20845044ACCEA54DC487 \ 680 2A97C2DBCF0A9968001CB7C22F9D9387A76630FE4A825AA4054A3 \ 681 E5BA1486F5AD7B2A87FD4B248DCEE4E6EC1A2B8A2D2BFB19A74CA \ 682 3027338633B18865EB5A16997D2DD3BC44135E47220182BC1FB74 \ 683 45037C3524641CF69370D0627C04C43A14E778BADCFD7961551A9 \ 684 FCB95A8D4162A94110BC703F5F49CB85322CA9007322F2DBE55DC \ 685 237FAED2FBF9C953EF9F5EBBDC0058BFD69475A87D32E4A9E5C26 \ 686 6012B0CCE1E507AD10FC01D7E00FBF5556EA9DC716B812357F0BE \ 687 844FD14C33C582E80EB1603D78C00A6E9F67EB8981A04581122F3 \ 688 F0DDCF997F6F7CB637857C07DEC7353DA1403BAAFAC8DB3749221 \ 689 98081D77F52DB3F8B6281471D53BB11C6DA56DD733632021F584E \ 690 207FD61222C4FFEFAA74214C7634B6171C95905CA05D9A3A686A7 \ 691 BA541BFA59A76F9CB85F4A5272BC6209A41CF83A22EF22074B276 \ 692 0118952B8282ACEF179B26C879D2C8B4238979E4BD512D8A5D205 \ 693 78810E134F254B4C1D22685B58537632259BB6B4CC14FB6E6C94C \ 694 1087441A81F11B9A83535B24DDC725A81A9D1FF62DA2804C8D84C \ 695 6E3837D97DEF03AA275D348E7C0AA4A46A39EDDDD55C45513AB69 \ 696 2BD7DEC0F0B142F3E7075CBEA436F3791AF2C6E014F73C8A29464 \ 697 393BBB56ACE6A7048F1E444934125C9B5F78A5AA130F238A441DB \ 698 EC5EA73F61D00D059CB2A137D6F9EC273068B2545549E525055CD \ 699 E70F7C7C28FB4CADC251AE6FE3186DF19870661831E95C7645014 \ 700 6654A3D36184CFFAA1EFC684ACD21D2498E298FD18E99D5C6AFAF \ 701 5588CCDDC2475B9E8294677924FA8283094810F7DD9FEF57DFF35 \ 702 9805725ED044AC13D1794D7949FE0EAFC425933A7D788035C6C82 \ 703 5A580EC3E26F7B3BE31FB98A7F67BCC6FF51ABEA2A7D9FF6D8980 \ 704 18B5FBEE74D892C8694101236E20991499D0385A18B290BCF2938 \ 705 806D602E27800C21B2E38C65B987B10D360B2C674EED6A6205F25 \ 706 1A0E68B7D57060DE5E3F599BA197997EE49DA7D6AB97119F03AF7 \ 707 37CE914B004462AA07C61B15311BBA10FC5BB68A2621E47BE3374 \ 708 222DFFDE29C7910418F6D9E4DD1B7B7A9B3600689019F188EA696 \ 709 B7951A10C15E9BD01A5160E1A571942E223C6F29A70528E5CF7A5 \ 710 2F1F60806A9FF729E76D69BFD315383F031C3863650757F1EF75D \ 711 474935147FBAA9A6DA0ABF7C5BCF4E05026FD134AC20815A3A81A \ 712 026213EA50FF1454F2399518DD359D49D9E475DA432FFD4B95387 \ 713 5FDB7A7EA7D04AC13D4102851D90BAB652772527E85C485E863D9 \ 714 A1AC76BC0474D53FA5E6A77E64210788FBDEB5696C6DEEEDF18AA \ 715 C2BC74FC861AB770175A032273E4D5D7366C8FFE6F446995B564F \ 716 C3D59C70FECDB60A25E28650417157F43F3E72C3AFC2372EC9D07 \ 717 87CB37BFAC383648E7A168EAACCA7C55505F93E9A09310320CB51 \ 718 84512F583F2FEA5853C36E6E43A6E6BE182185F04FE4B05170865 \ 719 618A51CF25542EADF473D5794295BDC86FC6909D301E952346E32 \ 720 D69320D333BCA39B4FF8AF7E199BD55D9190F1FED4D3225274F03 \ 721 A1806E201ED2D040509FD7FA67C9CE6068EC54B56D53BF47E67B5 \ 722 B8B6382A0CB69A61D7FBC2DDEDA171D4F7014262FC77F454A3E68 \ 723 E6EFB7C31C4080024C8027FD8D6CE648B782B56B762BEE5ADA237 \ 724 D018689B58902CBAC4E44C931416B47CD5E20026D5B81B407A0E2 \ 725 9CAAEC81F1C3528463132F00589A9F8021A74109F8DBF81FE282C \ 726 1F58BF3F2A52C560E38BFD68B2D28679CBC089F2C9C3FC245FF5F \ 727 A3ADA7F7973D9BD4BEC69B1F0C71416A6C4F00000006ED1CE8C6E \ 728 437918D43FBA7BD9385694C41182703F6B7F704DEEDD9384BA6F8 \ 729 BC362C948646B3C9848803E6D9BA1F7D3967F709CDDD35DC77D60 \ 730 356F0C36808900B491CB4ECBBABEC128E7C81A46E62A67B57640A \ 731 0A78BE1CBF7DD9D419A10CD8686D16621A80816BFDB5BDC56211D \ 732 72CA70B81F1117D129529A7570CF79CF52A7028A48538ECDD3B38 \ 733 D3D5D62D26246595C4FB73A525A5ED2C30524EBB1D8CC82E0C19B \ 734 C4977C6898FF95FD3D310B0BAE71696CEF93C6A552456BF96E9D0 \ 735 75E383BB7543C675842BAFBFC7CDB88483B3276C29D4F0A341C2D \ 736 406E40D4653B7E4D045851ACF6A0A0EA9C710B805CCED4635EE8C \ 737 107362F0FC8D80C14D0AC49C516703D26D14752F34C1C0D2C4247 \ 738 581C18C2CF4DE48E9CE949BE7C888E9CAEBE4A415E291FD107D21 \ 739 DC1F084B1158208249F28F4F7C7E931BA7B3BD0D824A4570" 740 } 741 } 743 A.2. Example COSE_Sign0 Message 745 This section provides an example of a COSE_Sign0 message. 747 { 748 "title":"HSS LMS Hash based signature - hsssig-sig-01", 749 "input":{ 750 "plaintext":"This is the content.", 751 "sign0":{ 752 "key":{ 753 "kty":"HSS-LMS", 754 "kid":"ItsBig", 755 "comment":"1 level key - LM_SHA256_MD32_H10 + \ 756 LMOTS_SHA256_N32_W4 ", 757 "public":"000000010000000600000003d08fabd4a2091ff0a \ 758 8cb4ed834e7453432a58885cd9ba0431235466bff9651c6 \ 759 c92124404d45fa53cf161c28f1ad5a8e", 760 "private":"1|6|3|558B8966C48AE9CB898B423C83443AAE01 \ 761 4A72F1B1AB5CC85CF1D892903B5439|0|d08fabd4a2091f \ 762 f0a8cb4ed834e74534" 763 }, 764 "unprotected":{ 765 "kid":"ItsBig" 766 }, 767 "protected":{ 768 "alg":"HSS-LMS" 769 }, 770 "alg":"HSS-LMS" 771 }, 772 "rng_description":"Random value for signature", 773 "rng_stream":[ 774 "1D5112D38A1146402875B73BC8D4B59C845C6AE61D03A70ABAD09 \ 775 8AC05AD8297" 776 ] 777 }, 778 "intermediates":{ 779 "ToBeSign_hex":"846A5369676E6174757265314AA101674853532D4 \ 780 C4D534054546869732069732074686520636F6E74656E742E" 781 }, 782 "output":{ 783 "cbor_diag":"18([h'A101674853532D4C4D53', \ 784 {4: h'497473426967'}, \ 785 h'546869732069732074686520636F6E74656E742E', \ 786 h'00000000000000000000000391291DE76CE6E24D1E2A9B60266 \ 787 519BC8CE889F814DEB0FC00EDD3129DE3AB9BA6814A4BEE84E5E8 \ 788 38C7725F78FE0610837A548F92802DA610AFB0ADFB133123061C0 \ 789 23E87A7802C17B00740F25737A775B95E923905B6F0CA02A87095 \ 790 5420A68003133A1EA12083E134238DFE5F1633E159CFD207BC79B \ 791 50DD39BA39FCAAA75C12F7F1B493AB8736162E42C2C2F9159DF33 \ 792 32C399A50BB8404F2CB6D98DAA4C3DF82A197CFE014BEC27CC820 \ 793 A5B26BAC5DFE05947E3A7D92070A4653C67BA095AB0499AF655B8 \ 794 1B719912E296765FA46CB0AD2ED56BBCF00CA6FB9C16D8C05C1C1 \ 795 65FED054A099A3DA89F9CB951C6ED366DF38E299C7E7DC9AC9C43 \ 796 66F328407E7C4A6CD8A5314D6B02B377406D5A5E589E91FEAA9F2 \ 797 E4EC1682BA1F633C7784B3038FAC2E77947916C8F4160CF6D9D0B \ 798 0BC6600CDBC4AE947DD5D317DCBA3D200A739F96CDDBA94DAF86C \ 799 E80C76158D4F5CF3CD2BA9F1393DF47E556887F919E0718625D31 \ 800 240E7FE9599012F757314C20893827194AD6555F1452E3A749CE2 \ 801 13DFBA283013DCFF196F9BD18D715B6E7451DE35B18181DF8A626 \ 802 DE1480F2DDECB126B477E019FFE75E4472EF4FA1B913C80821155 \ 803 AAE0D7F3B1175B64CA076926166C80E8219D241791C1DE3C8F936 \ 804 55085C0B00F840970367DAF2A41D462C696C74AF0C3591A6C6B4D \ 805 701963819FFBDC945785D64CE687BA4D086A31FE6A5E1C74A6C0E \ 806 25CF67CEA24DCDE0E47B5210670CC2D66003DF2232F4BA337D325 \ 807 166381681FD4738997BB3EC1499E594B5CCE9FBC11C3136C20F15 \ 808 6012A4DA062675627758DBF1BE635C876F81713D322EA127F6FFC \ 809 8880F42BA51879CC0EB27B8A0C21E434DA7C490BFE30BE1FAC3CA \ 810 A5CF97451FADF412ECA7BAD72E2553541224EB934A9C8A0034E1C \ 811 59EA2D9EAFD66A72F1C43A07B70CBBC0AD844506E31C4CC84F395 \ 812 F28915239C8CB733787EE79704B8BA0CC667282984DFBD01BDC34 \ 813 ADF0E90A309986BE6AD95486E67754543999AEE160A7C6458992F \ 814 ABC338136D95FBC688E0F4F03D8F942875DF39E8D9EAA6B35FFA6 \ 815 C9C1097E5BEA8EADA90DAAC52FBE16A830EA49D550ABFFB64C824 \ 816 4095992BAE73D970AE908CE9413A6EC52F98F593E138F3E6B7BAE \ 817 A6657E03DF715516DD69342374D222F9A4D4B6579994DD01F4E7E \ 818 C1C254C2A5EA109519C788FA1504B0273975C3E647820CFE5CDF4 \ 819 D0D5A6C717C1795EB2BE37030EDEB3196D5866255B1FC10BD03B0 \ 820 5FBDF59DBD87451877761BDEDD25D468D9409A054B1767BF70C41 \ 821 61D416B01F472E4D0924FB9EF84A7EF027A4C3F6FDDD0018A827A \ 822 B66017062F0F0709B271C1CB03557558F882C4FD89569E55E86D9 \ 823 834105F5E7468BA389305729F7FEB6BF2BE3F92BCA40917CC947A \ 824 438B43D6A109535EEBFC06BAEE3A01C9E49D95E84ACDA572F47C4 \ 825 FECC648903154182BBF5222CD4F40622DBB6886A062FE52A59260 \ 826 EC8B61843622DA827B77BAFB0E0F7AA55E3E869BD7943C780F317 \ 827 82241FE1D8B55C313A421875EFE40BD3B649087AE3A1A5942A51A \ 828 7C182EDF686A9842A2F82E51ABE70826D5CA045F984472DB63784 \ 829 194DC2C523889A95CA8C625B017BCA6CAC5175E87552EACBD8D3F \ 830 5C281E4D4108F90E395088D50C528809C37788609A5734FFCE402 \ 831 87270A3A6B04A069DE8277F7F5109C16938347A643713C9AC36FF \ 832 FC8BF141E899F48BC25C7B636D43BEBCFA7742D4E1462263E5673 \ 833 2AD2021EEF8CE84023C4959CFD250348B23AE6DB317087F1F593F \ 834 768825A970E85C15306447892E72C8CF4461E3DF57E696AF1780A \ 835 DA04F847F8FD3C42A802FC9BA38C696ED74FF8A300D171BBAE888 \ 836 8B226498CF63EBA035814557E3A552E0B5DA56DD90C1372D82386 \ 837 0D00CA4F242E8BF1FCA88BA71173DE185E6F1D1EF2BAE53D701D0 \ 838 3D4BF3B44F0842BED8126494A7FD2C7B1321A5527B78681B1D130 \ 839 62CE4DAE86C68DAB481551D857934250E6DBF99D37DA15735831C \ 840 2FA31DD2AB81FBF1F2DE8D890DF29A8CCD730431135E3A0D9C075 \ 841 860F9843B14BE9408714E96218D3642E5B0126BD8FF941757A512 \ 842 CDCB4F6336D6FDC357C28E59484EDC9101AE78BBC6CB380E6E051 \ 843 6ECC48391FE9DA4519DF813CB680497BA65132954F11F857BDFF3 \ 844 644B7F54F59542BAE97EBC7270DECDD407989CAD427894922EDC1 \ 845 BD22E5E1991E1B894A92F893268F66327084B09A945732EF82F27 \ 846 007D5DD0A08403E8E553EA7E20C1E23A567B850F8FE4D00417099 \ 847 5CE1FCC2284EACB197F001C9B0FF2FB67BC24C5774A935F96761F \ 848 D52394AEDE47896E5204BD011F2697F9791953C0F265909019A90 \ 849 804A3A59A4D5A481020861ADC270845EBEE08D8C5C442A0ECBB5C \ 850 78D65E11A5CD71D520281A73C8EE741B4B1E2807E30BD9A2AD1DF \ 851 E50FE3875F201926D87F732461E279FB774E97A93363527C13948 \ 852 DBE1776B7FB8604762C576402481704E4E056D67F00EC4399CED2 \ 853 B8802C89A78827B12FDC5D8B8A3A1914A80B573D3C4F3C87E91AE \ 854 3DBB05B685CEC2194604FA3965B0AF4E0D6E929D672E6C2EDC600 \ 855 1FC2A9AB1CA244FD07847B86A544AAB532DD2E49C2ACB9C42330B \ 856 44F95AEF50A1E44761E5E25670DA2C7291254C17C298F685B1FB0 \ 857 22932B07DE031B1E9988131C73BD0B4E748FF2C2FFD45B7DF99EF \ 858 1FA579F02930D3C3AA3D46F50AF699CF3E5E11E035B693542EBB5 \ 859 B7D756B001BA792C8B6F4521A4F49DB647A37095A28482548E3C0 \ 860 E9DFB0C2D504BE2E9B60983660B05E45FF8847BD7392ED1010AA8 \ 861 5589B36455B864A682B58A87CE0BE617C838BEA0295186178B1EC \ 862 2CD64044B8FF4A30FFEFAE2A007E7531250E0EBBB76621CBECF25 \ 863 5E08727BBE61178A3CF25395468F207249A97EF9A631D9CD651FD \ 864 36ADC2CB00B81663E6C89869E7C2BCB6C149E9CA97B4AC8F656F9 \ 865 B54A800C81045C77A6DD75040AFB72273F1C1A2B8A0E60E60F5FA \ 866 9C63AA4DBBCE603BBAF99DE4EB95FED967E444FABD025D40A2D74 \ 867 AFE0AD427C5E0D5DDFE3267DD04256752FB643D362E8DA17B5E44 \ 868 81A45176376804FF489DF09FDA863BD4000000067B95DE445ABF8 \ 869 9161DFF4B91A4A9E3BF156A39A4660F98F06BF3F017686D9DFC36 \ 870 2C948646B3C9848803E6D9BA1F7D3967F709CDDD35DC77D60356F \ 871 0C36808900B491CB4ECBBABEC128E7C81A46E62A67B57640A0A78 \ 872 BE1CBF7DD9D419A10CD8686D16621A80816BFDB5BDC56211D72CA \ 873 70B81F1117D129529A7570CF79CF52A7028A48538ECDD3B38D3D5 \ 874 D62D26246595C4FB73A525A5ED2C30524EBB1D8CC82E0C19BC497 \ 875 7C6898FF95FD3D310B0BAE71696CEF93C6A552456BF96E9D075E3 \ 876 83BB7543C675842BAFBFC7CDB88483B3276C29D4F0A341C2D406E \ 877 40D4653B7E4D045851ACF6A0A0EA9C710B805CCED4635EE8C1073 \ 878 62F0FC8D80C14D0AC49C516703D26D14752F34C1C0D2C4247581C \ 879 18C2CF4DE48E9CE949BE7C888E9CAEBE4A415E291FD107D21DC1F \ 880 084B1158208249F28F4F7C7E931BA7B3BD0D824A4570'])", 881 "cbor":"D2844AA101674853532D4C4D53A1044649747342696754546 \ 882 869732069732074686520636F6E74656E742E5909D00000000000 \ 883 0000000000000391291DE76CE6E24D1E2A9B60266519BC8CE889F \ 884 814DEB0FC00EDD3129DE3AB9BA6814A4BEE84E5E838C7725F78FE \ 885 0610837A548F92802DA610AFB0ADFB133123061C023E87A7802C1 \ 886 7B00740F25737A775B95E923905B6F0CA02A870955420A6800313 \ 887 3A1EA12083E134238DFE5F1633E159CFD207BC79B50DD39BA39FC \ 888 AAA75C12F7F1B493AB8736162E42C2C2F9159DF3332C399A50BB8 \ 889 404F2CB6D98DAA4C3DF82A197CFE014BEC27CC820A5B26BAC5DFE \ 890 05947E3A7D92070A4653C67BA095AB0499AF655B81B719912E296 \ 891 765FA46CB0AD2ED56BBCF00CA6FB9C16D8C05C1C165FED054A099 \ 892 A3DA89F9CB951C6ED366DF38E299C7E7DC9AC9C4366F328407E7C \ 893 4A6CD8A5314D6B02B377406D5A5E589E91FEAA9F2E4EC1682BA1F \ 894 633C7784B3038FAC2E77947916C8F4160CF6D9D0B0BC6600CDBC4 \ 895 AE947DD5D317DCBA3D200A739F96CDDBA94DAF86CE80C76158D4F \ 896 5CF3CD2BA9F1393DF47E556887F919E0718625D31240E7FE95990 \ 897 12F757314C20893827194AD6555F1452E3A749CE213DFBA283013 \ 898 DCFF196F9BD18D715B6E7451DE35B18181DF8A626DE1480F2DDEC \ 899 B126B477E019FFE75E4472EF4FA1B913C80821155AAE0D7F3B117 \ 900 5B64CA076926166C80E8219D241791C1DE3C8F93655085C0B00F8 \ 901 40970367DAF2A41D462C696C74AF0C3591A6C6B4D701963819FFB \ 902 DC945785D64CE687BA4D086A31FE6A5E1C74A6C0E25CF67CEA24D \ 903 CDE0E47B5210670CC2D66003DF2232F4BA337D325166381681FD4 \ 904 738997BB3EC1499E594B5CCE9FBC11C3136C20F156012A4DA0626 \ 905 75627758DBF1BE635C876F81713D322EA127F6FFC8880F42BA518 \ 906 79CC0EB27B8A0C21E434DA7C490BFE30BE1FAC3CAA5CF97451FAD \ 907 F412ECA7BAD72E2553541224EB934A9C8A0034E1C59EA2D9EAFD6 \ 908 6A72F1C43A07B70CBBC0AD844506E31C4CC84F395F28915239C8C \ 909 B733787EE79704B8BA0CC667282984DFBD01BDC34ADF0E90A3099 \ 910 86BE6AD95486E67754543999AEE160A7C6458992FABC338136D95 \ 911 FBC688E0F4F03D8F942875DF39E8D9EAA6B35FFA6C9C1097E5BEA \ 912 8EADA90DAAC52FBE16A830EA49D550ABFFB64C8244095992BAE73 \ 913 D970AE908CE9413A6EC52F98F593E138F3E6B7BAEA6657E03DF71 \ 914 5516DD69342374D222F9A4D4B6579994DD01F4E7EC1C254C2A5EA \ 915 109519C788FA1504B0273975C3E647820CFE5CDF4D0D5A6C717C1 \ 916 795EB2BE37030EDEB3196D5866255B1FC10BD03B05FBDF59DBD87 \ 917 451877761BDEDD25D468D9409A054B1767BF70C4161D416B01F47 \ 918 2E4D0924FB9EF84A7EF027A4C3F6FDDD0018A827AB66017062F0F \ 919 0709B271C1CB03557558F882C4FD89569E55E86D9834105F5E746 \ 920 8BA389305729F7FEB6BF2BE3F92BCA40917CC947A438B43D6A109 \ 921 535EEBFC06BAEE3A01C9E49D95E84ACDA572F47C4FECC64890315 \ 922 4182BBF5222CD4F40622DBB6886A062FE52A59260EC8B61843622 \ 923 DA827B77BAFB0E0F7AA55E3E869BD7943C780F31782241FE1D8B5 \ 924 5C313A421875EFE40BD3B649087AE3A1A5942A51A7C182EDF686A \ 925 9842A2F82E51ABE70826D5CA045F984472DB63784194DC2C52388 \ 926 9A95CA8C625B017BCA6CAC5175E87552EACBD8D3F5C281E4D4108 \ 927 F90E395088D50C528809C37788609A5734FFCE40287270A3A6B04 \ 928 A069DE8277F7F5109C16938347A643713C9AC36FFFC8BF141E899 \ 929 F48BC25C7B636D43BEBCFA7742D4E1462263E56732AD2021EEF8C \ 930 E84023C4959CFD250348B23AE6DB317087F1F593F768825A970E8 \ 931 5C15306447892E72C8CF4461E3DF57E696AF1780ADA04F847F8FD \ 932 3C42A802FC9BA38C696ED74FF8A300D171BBAE8888B226498CF63 \ 933 EBA035814557E3A552E0B5DA56DD90C1372D823860D00CA4F242E \ 934 8BF1FCA88BA71173DE185E6F1D1EF2BAE53D701D03D4BF3B44F08 \ 935 42BED8126494A7FD2C7B1321A5527B78681B1D13062CE4DAE86C6 \ 936 8DAB481551D857934250E6DBF99D37DA15735831C2FA31DD2AB81 \ 937 FBF1F2DE8D890DF29A8CCD730431135E3A0D9C075860F9843B14B \ 938 E9408714E96218D3642E5B0126BD8FF941757A512CDCB4F6336D6 \ 939 FDC357C28E59484EDC9101AE78BBC6CB380E6E0516ECC48391FE9 \ 940 DA4519DF813CB680497BA65132954F11F857BDFF3644B7F54F595 \ 941 42BAE97EBC7270DECDD407989CAD427894922EDC1BD22E5E1991E \ 942 1B894A92F893268F66327084B09A945732EF82F27007D5DD0A084 \ 943 03E8E553EA7E20C1E23A567B850F8FE4D004170995CE1FCC2284E \ 944 ACB197F001C9B0FF2FB67BC24C5774A935F96761FD52394AEDE47 \ 945 896E5204BD011F2697F9791953C0F265909019A90804A3A59A4D5 \ 946 A481020861ADC270845EBEE08D8C5C442A0ECBB5C78D65E11A5CD \ 947 71D520281A73C8EE741B4B1E2807E30BD9A2AD1DFE50FE3875F20 \ 948 1926D87F732461E279FB774E97A93363527C13948DBE1776B7FB8 \ 949 604762C576402481704E4E056D67F00EC4399CED2B8802C89A788 \ 950 27B12FDC5D8B8A3A1914A80B573D3C4F3C87E91AE3DBB05B685CE \ 951 C2194604FA3965B0AF4E0D6E929D672E6C2EDC6001FC2A9AB1CA2 \ 952 44FD07847B86A544AAB532DD2E49C2ACB9C42330B44F95AEF50A1 \ 953 E44761E5E25670DA2C7291254C17C298F685B1FB022932B07DE03 \ 954 1B1E9988131C73BD0B4E748FF2C2FFD45B7DF99EF1FA579F02930 \ 955 D3C3AA3D46F50AF699CF3E5E11E035B693542EBB5B7D756B001BA \ 956 792C8B6F4521A4F49DB647A37095A28482548E3C0E9DFB0C2D504 \ 957 BE2E9B60983660B05E45FF8847BD7392ED1010AA85589B36455B8 \ 958 64A682B58A87CE0BE617C838BEA0295186178B1EC2CD64044B8FF \ 959 4A30FFEFAE2A007E7531250E0EBBB76621CBECF255E08727BBE61 \ 960 178A3CF25395468F207249A97EF9A631D9CD651FD36ADC2CB00B8 \ 961 1663E6C89869E7C2BCB6C149E9CA97B4AC8F656F9B54A800C8104 \ 962 5C77A6DD75040AFB72273F1C1A2B8A0E60E60F5FA9C63AA4DBBCE \ 963 603BBAF99DE4EB95FED967E444FABD025D40A2D74AFE0AD427C5E \ 964 0D5DDFE3267DD04256752FB643D362E8DA17B5E4481A451763768 \ 965 04FF489DF09FDA863BD4000000067B95DE445ABF89161DFF4B91A \ 966 4A9E3BF156A39A4660F98F06BF3F017686D9DFC362C948646B3C9 \ 967 848803E6D9BA1F7D3967F709CDDD35DC77D60356F0C36808900B4 \ 968 91CB4ECBBABEC128E7C81A46E62A67B57640A0A78BE1CBF7DD9D4 \ 969 19A10CD8686D16621A80816BFDB5BDC56211D72CA70B81F1117D1 \ 970 29529A7570CF79CF52A7028A48538ECDD3B38D3D5D62D26246595 \ 971 C4FB73A525A5ED2C30524EBB1D8CC82E0C19BC4977C6898FF95FD \ 972 3D310B0BAE71696CEF93C6A552456BF96E9D075E383BB7543C675 \ 973 842BAFBFC7CDB88483B3276C29D4F0A341C2D406E40D4653B7E4D \ 974 045851ACF6A0A0EA9C710B805CCED4635EE8C107362F0FC8D80C1 \ 975 4D0AC49C516703D26D14752F34C1C0D2C4247581C18C2CF4DE48E \ 976 9CE949BE7C888E9CAEBE4A415E291FD107D21DC1F084B11582082 \ 977 49F28F4F7C7E931BA7B3BD0D824A4570" 978 } 979 } 981 Appendix B. Acknowledgements 983 Many thanks to Roman Danyliw, Scott Fluhrer, John Mattsson, Jim 984 Schaad, and Tony Putman for their valuable review and insights. In 985 addition, an extra special thank you to Jim Schaad for generating the 986 examples in Appendix A. 988 Author's Address 990 Russ Housley 991 Vigil Security, LLC 992 516 Dranesville Road 993 Herndon, VA 20170 994 US 996 Email: housley@vigilsec.com