%% You should probably cite draft-ietf-core-oscore-key-update instead of this I-D. @techreport{hoeglund-core-oscore-key-limits-00, number = {draft-hoeglund-core-oscore-key-limits-00}, type = {Internet-Draft}, institution = {Internet Engineering Task Force}, publisher = {Internet Engineering Task Force}, note = {Work in Progress}, url = {https://datatracker.ietf.org/doc/draft-hoeglund-core-oscore-key-limits/00/}, author = {Rikard Höglund and Marco Tiloca}, title = {{AEAD Key Usage Limits in OSCORE}}, pagetotal = 9, year = 2021, month = feb, day = 19, abstract = {Object Security for Constrained RESTful Environments (OSCORE) uses AEAD algorithms to ensure confidentiality and integrity of exchanged messages. Due to known issues allowing forgery attacks against AEAD algorithms, limits should be followed on the number of times a specific key is used for encryption or decryption. This document defines how two peers using OSCORE must take these limits into account and what steps they must take to preserve the security of their communications. Therefore, this document updates RFC8613.}, }