| Internet-Draft | COSE: KangarooTwelve, TurboSHAKE, KMAC | October 2025 |
| Dang, et al. | Expires 29 April 2026 | [Page] |
This document specifies or updates registrations for a number of Keccak-based algorithms in the COSE Algorithms Registry.¶
RFC 9861 defined and registered four eXtendable-Output Functions (XOFs), hash functions with output of arbitrary length, named TurboSHAKE128, TurboSHAKE256, KT128, and KT256; the present document is intended as the IETF consensus document that is now needed to give these algorithms Recommended status in the COSE registry.¶
RFC 9861 only hints at MACs that could make use of the TurboSHAKE and KT algorithms. This document completes the specification of HopMAC128 and HopMAC256 from RFC 9861 and also specifies simpler MACs directly based on KT128 and KT256. Finally, this document registers COSE Algorithm identifiers for the KMAC set of algorithms (NIST.SP.800-185).¶
This note is to be removed before publishing as an RFC.¶
The latest revision of this draft can be found at https://cabo.github.io/turbo-kanga/draft-bormann-cose-turbo-kanga-latest.html. Status information for this document may be found at https://datatracker.ietf.org/doc/draft-bormann-cose-turbo-kanga-kmac/.¶
Discussion of this document takes place on the CBOR Object Signing and Encryption (COSE) Working Group mailing list (mailto:cose@ietf.org), which is archived at https://mailarchive.ietf.org/arch/browse/cose/. Subscribe at https://www.ietf.org/mailman/listinfo/cose/.¶
Source for this draft and an issue tracker can be found at https://github.com/cabo/turbo-kanga.¶
This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.¶
Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at https://datatracker.ietf.org/drafts/current/.¶
Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."¶
This Internet-Draft will expire on 29 April 2026.¶
Copyright (c) 2025 IETF Trust and the persons identified as the document authors. All rights reserved.¶
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Revised BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Revised BSD License.¶
(Please see abstract.)¶
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here.¶
(Add text with rationale.)¶
Section 5.1 describes the updates needed in the COSE Algorithms registry.¶
(Add specifications for the HopMACs and for a simple KT based MAC.)¶
What algorithms do we want to register? Maybe directly include cSHAKE?¶
RFC Ed.: throughout this section, please replace RFC-XXXX with the RFC number of this specification and remove this note.¶
IANA is requested to update [has updated] the registrations in the COSE Algorithms registry in [IANA.cose] shown in Table 1 by setting the Recommended status column to Yes, and by adding the present document to the Reference column.¶
In Table 1, the following columns all have the same content and have been elided:¶
| Name | Value | Description |
|---|---|---|
| KT256 | -264 | KT256 XOF |
| KT128 | -263 | KT128 XOF |
| TurboSHAKE256 | -262 | TurboSHAKE256 XOF |
| TurboSHAKE128 | -261 | TurboSHAKE128 XOF |
IANA is requested to update [has updated] the registrations in the COSE Algorithms registry in [IANA.cose] shown in Table 1 by setting the Recommended status column to Yes.¶
In Table 2, the following columns all have the same content and have been elided:¶
| Name | Value | Description | Reference | Recommended |
|---|---|---|---|---|
| HopMAC256 | -nnn | HopMAC based on KT256 XOF | [RFC9861], RFC-XXXX | Yes |
| HopMAC128 | -nnn | HopMAC based on KT128 XOF | [RFC9861], RFC-XXXX | Yes |
| xxxTurboSHAKE256 | -nnn | TurboSHAKE256 XOF | [RFC9861], RFC-XXXX | Yes |
| xxxTurboSHAKE128 | -nnn | TurboSHAKE128 XOF | [RFC9861], RFC-XXXX | Yes |
| cSHAKE128 | -nnn | cSHAKE128 | [NIST.SP.800-185], RFC-XXXX | Yes |
| cSHAKE256 | -nnn | cSHAKE256 | [NIST.SP.800-185], RFC-XXXX | Yes |
| KMAC128 | -nnn | KMAC128 | [NIST.SP.800-185], RFC-XXXX | Yes |
| KMAC256 | -nnn | KMAC256 | [NIST.SP.800-185], RFC-XXXX | Yes |
| KMACXOF128 | -nnn | KMACXOF128 | [NIST.SP.800-185], RFC-XXXX | Yes |
| KMACXOF256 | -nnn | KMACXOF256 | [NIST.SP.800-185], RFC-XXXX | Yes |
TBD¶
TBD¶