3. Algorithm and key type encoding

These are encodings for a PAKE interface for PSA Certified Crypto API [PSA-CRYPT].

Note

These encodings will be integrated into a future version of [PSA-CRYPT].

3.1. Algorithm encoding

A new algorithm category is added for PAKE algorithms. The algorithm category table in [PSA-CRYPT] Appendix B is extended with the information in Table 4.

Table 4 New algorithm identifier categories

Algorithm category

CAT

Category details

PAKE

0x0A

See PAKE algorithm encoding

3.1.1. PAKE algorithm encoding

The algorithm identifier for PAKE algorithms defined in this specification are encoded as shown in Figure 5.

../_images/pake_encoding.svg

Figure 5 PAKE algorithm encoding

The defined values for PAKE-TYPE are shown in Table 5.

The permitted values of HASH-TYPE depend on the specific PAKE algorithm.

Table 5 PAKE algorithm sub-type values

PAKE algorithm

PAKE-TYPE

Algorithm identifier

Algorithm value

J-PAKE

0x01

PSA_ALG_JPAKE(hash)

0x0A0001hh a

SPAKE2+ with HMAC

0x04

PSA_ALG_SPAKE2P_HMAC(hash)

0x0A0004hh a

SPAKE2+ with CMAC

0x05

PSA_ALG_SPAKE2P_CMAC(hash)

0x0A0005hh a

SPAKE2+ for Matter

0x06

PSA_ALG_SPAKE2P_MATTER

0x0A000609

  1. hh is the HASH-TYPE for the hash algorithm, hash, used to construct the key derivation algorithm.

3.2. Key encoding

A new type of asymmetric key is added for the SPAKE2+ algorithms. The Asymmetric key sub-type values table in [PSA-CRYPT] Appendix B is extended with the information in Table 6.

Table 6 New SPAKE2+ asymmetric key sub-type

Asymmetric key type

ASYM-TYPE

Details

SPAKE2+

4

See SPAKE2+ key encoding

Rationale

The ASYM-TYPE value 4 is selected as this has the same parity as the ECC sub-type, which have the value 1. The enables the same ECC-FAMILY and P values to be used when encoding a SPAKE2+ key type, as is used in the Elliptic Curve key types.

3.2.1. SPAKE2+ key encoding

The key type for SPAKE2+ keys defined in this specification are encoded as shown in Figure 6.

../_images/spake2p_key.svg

Figure 6 SPAKE2+ key encoding

PAIR is either 0 for a public key, or 3 for a key pair.

The defined values for ECC-FAMILY and P are shown in Table 7.

Table 7 SPAKE2+ key family values

SPAKE2+ group

ECC-FAMILY

P

ECC family a

Public key value

Key pair value

SECP R1

0x09

0

PSA_ECC_FAMILY_SECP_R1

0x4412

0x7412

Twisted Edwards

0x21

0

PSA_ECC_FAMILY_TWISTED_EDWARDS

0x4442

0x7442

  1. The key type value is constructed from the Elliptic Curve family using either PSA_KEY_TYPE_SPAKE2P_PUBLIC_KEY(family) or PSA_KEY_TYPE_SPAKE2P_KEY_PAIR(family) as required.