{"draft":"draft-ietf-lamps-cms-cek-hkdf-sha256-05","doc_id":"RFC9709","title":"Encryption Key Derivation in the Cryptographic Message Syntax (CMS) Using HKDF with SHA-256","authors":["R. Housley"],"format":["HTML","TEXT","PDF","XML"],"page_count":"13","pub_status":"PROPOSED STANDARD","status":"PROPOSED STANDARD","source":"Limited Additional Mechanisms for PKIX and SMIME","abstract":"This document specifies the derivation of the content-encryption key\r\nor the content-authenticated-encryption key in the Cryptographic\r\nMessage Syntax (CMS) using the HMAC-based Extract-and-Expand Key\r\nDerivation Function (HKDF) with SHA-256. The use of this mechanism\r\nprovides protection against an attacker that manipulates the\r\ncontent-encryption algorithm identifier or the\r\ncontent-authenticated-encryption algorithm identifier.","pub_date":"January 2025","keywords":["content-encryption key","content-authenticated-encryption key"],"obsoletes":[],"obsoleted_by":[],"updates":[],"updated_by":[],"see_also":[],"doi":"10.17487\/RFC9709","errata_url":null}