Re: [AVTCORE] [Sframe] [Moq] FW: New Version Notification for draft-mattsson-cfrg-aes-gcm-sst-00.txt
Roman Shpount <roman@telurix.com> Mon, 08 May 2023 21:05 UTC
Return-Path: <roman@telurix.com>
X-Original-To: avt@ietfa.amsl.com
Delivered-To: avt@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 33D61C15C528 for <avt@ietfa.amsl.com>; Mon, 8 May 2023 14:05:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.095
X-Spam-Level:
X-Spam-Status: No, score=-2.095 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=telurix.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SK5QoTRtxoir for <avt@ietfa.amsl.com>; Mon, 8 May 2023 14:05:03 -0700 (PDT)
Received: from mail-oo1-xc29.google.com (mail-oo1-xc29.google.com [IPv6:2607:f8b0:4864:20::c29]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AFF7AC151552 for <avt@ietf.org>; Mon, 8 May 2023 14:05:03 -0700 (PDT)
Received: by mail-oo1-xc29.google.com with SMTP id 006d021491bc7-546ee6030e5so2542918eaf.3 for <avt@ietf.org>; Mon, 08 May 2023 14:05:03 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=telurix.com; s=google; t=1683579903; x=1686171903; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=+n1hlefH0C3P2EKx0rL2jnE4tkqbQNyy3aA3h0T3BhY=; b=Da2BK/TRW06RThdgW6KM04Hi/8jwvtJhOR4CROfMNtEUtCbkVhXEowuzRlLrRINBxH f/U6bQYVyDcCrW2IeiWGWqynPr8kaN40XyrNIqsmTchB47F71ysJLMzT+LyDESa6UTzr E3sdmM2D2Zi4sORoQfURpkAxY2cqyKfO53LUs=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1683579903; x=1686171903; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=+n1hlefH0C3P2EKx0rL2jnE4tkqbQNyy3aA3h0T3BhY=; b=T7Ddnht2W1PwGRJ8Gua+HBQcUYX2jLHP2o7hehff6hYbFhlaIEBiOmXUC72eHGBYmw jgZj84BG4V/JBBiZ9jmYAgqIExLgws0Zu3JnqsNCA+NnHqkc0PqEB2WaY9kFjWsgEf1q W1g/UzG2Q3C1PJrZIEI3QYf4lFVNcnGhZb6KyOpoQWk685+iEmlZZIQWdPPaaF0Zh6hL OvYVjNMDtdFLTq7LmD4EiIKY9SRet8j8A1kWtoSZMawXcFxunistUhAe48/6mHbq3epd Ay3DF9kYnkx5kjxF5G62d9XIUfNOIAqM6qAfTNQGEnjH4vRRuUR2/vy9y5eLvz0/f9jp Cfwg==
X-Gm-Message-State: AC+VfDyk741EiSWrMm8dyjHw2uwyuFAP7ZYqqV9FUFNIdDdL9ImIShn9 Grlju8CP1KyXFeB2/huJCLE95g==
X-Google-Smtp-Source: ACHHUZ6NJSMGIIn/2HOaqXhm/3XrTD1qljNUGw/eE1Mow4OKxYnYgYt4D6jwhaZUCqyrg5hhnYwk3w==
X-Received: by 2002:a4a:271a:0:b0:54c:b94b:bc2e with SMTP id l26-20020a4a271a000000b0054cb94bbc2emr211699oof.0.1683579902872; Mon, 08 May 2023 14:05:02 -0700 (PDT)
Received: from mail-oo1-f48.google.com (mail-oo1-f48.google.com. [209.85.161.48]) by smtp.gmail.com with ESMTPSA id di10-20020a0568303a0a00b006a5db4474c8sm4527824otb.33.2023.05.08.14.05.02 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Mon, 08 May 2023 14:05:02 -0700 (PDT)
Received: by mail-oo1-f48.google.com with SMTP id 006d021491bc7-546ee6030e5so2542903eaf.3; Mon, 08 May 2023 14:05:02 -0700 (PDT)
X-Received: by 2002:a4a:2a41:0:b0:54c:ab6f:4b4 with SMTP id x1-20020a4a2a41000000b0054cab6f04b4mr210433oox.1.1683579901790; Mon, 08 May 2023 14:05:01 -0700 (PDT)
MIME-Version: 1.0
References: <168329718302.50127.18120629996969657@ietfa.amsl.com> <GVXPR07MB96781F20D284D7C999F7BBA789729@GVXPR07MB9678.eurprd07.prod.outlook.com> <343a4bf1-7a57-0084-5280-1556c9da4c36@huitema.net> <46702AF0-9C38-4F8E-AD83-61F8B4F0F4DC@8x8.com>
In-Reply-To: <46702AF0-9C38-4F8E-AD83-61F8B4F0F4DC@8x8.com>
From: Roman Shpount <roman@telurix.com>
Date: Mon, 08 May 2023 17:04:51 -0400
X-Gmail-Original-Message-ID: <CAD5OKxuNV1Ho8ayePwMBByWY9ce0f3SWdVe2z+eXOo1RdZnQ+g@mail.gmail.com>
Message-ID: <CAD5OKxuNV1Ho8ayePwMBByWY9ce0f3SWdVe2z+eXOo1RdZnQ+g@mail.gmail.com>
To: Jonathan Lennox <jonathan.lennox@8x8.com>
Cc: Christian Huitema <huitema@huitema.net>, John Mattsson <john.mattsson=40ericsson.com@dmarc.ietf.org>, IRTF CFRG <cfrg@irtf.org>, "sframe@ietf.org" <sframe@ietf.org>, "moq@ietf.org" <moq@ietf.org>, IETF AVTCore WG <avt@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000ff501f05fb34fd0b"
Archived-At: <https://mailarchive.ietf.org/arch/msg/avt/31sAoYJCaGm1g7pKB7ClWsGSmJY>
Subject: Re: [AVTCORE] [Sframe] [Moq] FW: New Version Notification for draft-mattsson-cfrg-aes-gcm-sst-00.txt
X-BeenThere: avt@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Audio/Video Transport Core Maintenance <avt.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/avt>, <mailto:avt-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/avt/>
List-Post: <mailto:avt@ietf.org>
List-Help: <mailto:avt-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/avt>, <mailto:avt-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 08 May 2023 21:05:08 -0000
This is extremely interesting. I support adopting this. _____________ Roman Shpount On Mon, May 8, 2023 at 12:59 PM Jonathan Lennox <jonathan.lennox@8x8.com> wrote: > This is interesting for SRTP as well, so I suggest adding the AVTCore > mailing list. > > > On May 7, 2023, at 2:06 PM, Christian Huitema <huitema@huitema.net> > wrote: > > > > John, > > > > You should probably send this to the QUIC list as well. Media over QUIC > is just one application of QUIC. If the "short tags" can save per packet > overhead while maintaining security properties, then they are interesting > for many QUIC applications. > > > > -- Christian Huitema > > > > On 5/5/2023 7:45 AM, John Mattsson wrote: > >> Hi, > >> We just submitted draft-mattsson-cfrg-aes-gcm-sst-00. Advanced > Encryption Standard (AES) with Galois Counter Mode with Secure Short Tags > (AES-GCM-SST) is very similar to AES-GCM but have short tags with forgery > probabilities close to ideal. The changes to AES-GCM were suggested by > Nyberg et al. in 2005 as a comment to NIST and are based on proven > theoretical constructions. > >> AES-GCM performance with secure short tags have many applications, one > of them is media encryption. Audio packets are small, numerous, and > ephemeral, so on the one hand, they are very sensitive in percentage terms > to crypto overhead, and on the other hand, forgery of individual packets is > not a big concern. > >> Cheers, > >> John > >> From: internet-drafts@ietf.org <internet-drafts@ietf.org> > >> Date: Friday, 5 May 2023 at 16:33 > >> To: John Mattsson <john.mattsson@ericsson.com>, Alexander Maximov < > alexander.maximov@ericsson.com>, John Mattsson <john.mattsson@ericsson.com>, > Matt Campagna <campagna@amazon.com>, Matthew Campagna <campagna@amazon.com > > > >> Subject: New Version Notification for > draft-mattsson-cfrg-aes-gcm-sst-00.txt > >> A new version of I-D, draft-mattsson-cfrg-aes-gcm-sst-00.txt > >> has been successfully submitted by John Preuß Mattsson and posted to the > >> IETF repository. > >> Name: draft-mattsson-cfrg-aes-gcm-sst > >> Revision: 00 > >> Title: Galois Counter Mode with Secure Short Tags (GCM-SST) > >> Document date: 2023-05-05 > >> Group: Individual Submission > >> Pages: 16 > >> URL: > https://www.ietf.org/archive/id/draft-mattsson-cfrg-aes-gcm-sst-00.txt > >> Status: > https://datatracker.ietf.org/doc/draft-mattsson-cfrg-aes-gcm-sst/ > >> Html: > https://www.ietf.org/archive/id/draft-mattsson-cfrg-aes-gcm-sst-00.html > >> Htmlized: > https://datatracker.ietf.org/doc/html/draft-mattsson-cfrg-aes-gcm-sst > >> Abstract: > >> This document defines the Galois Counter Mode with Secure Short Tags > >> (GCM-SST) Authenticated Encryption with Associated Data (AEAD) > >> algorithm. GCM-SST can be used with any keystream generator, not > >> just a block cipher. The main differences compared to GCM [GCM] is > >> that GCM-SST uses an additional subkey Q, that fresh subkeys H and Q > >> are derived for each nonce, and that the POLYVAL function from AES- > >> GCM-SIV is used instead of GHASH. This enables short tags with > >> forgery probabilities close to ideal. This document also registers > >> several instances of Advanced Encryption Standard (AES) with Galois > >> Counter Mode with Secure Short Tags (AES-GCM-SST). > >> This document is the product of the Crypto Forum Research Group. > >> The IETF Secretariat > > > > -- > > Sframe mailing list > > Sframe@ietf.org > > https://www.ietf.org/mailman/listinfo/sframe > > _______________________________________________ > Audio/Video Transport Core Maintenance > avt@ietf.org > https://www.ietf.org/mailman/listinfo/avt >
- Re: [AVTCORE] [Sframe] [Moq] FW: New Version Noti… Jonathan Lennox
- Re: [AVTCORE] [EXT] Re: [CFRG] [Sframe] [Moq] FW:… Blumenthal, Uri - 0553 - MITLL
- Re: [AVTCORE] [Sframe] [Moq] FW: New Version Noti… Roman Shpount
- Re: [AVTCORE] [Sframe] [Moq] FW: New Version Noti… John Mattsson