Re: [AVTCORE] [Technical Errata Reported] RFC7714 (4938)
"Paul E. Jones" <paulej@packetizer.com> Sun, 19 February 2017 14:18 UTC
Return-Path: <paulej@packetizer.com>
X-Original-To: avt@ietfa.amsl.com
Delivered-To: avt@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2BE3712950C for <avt@ietfa.amsl.com>; Sun, 19 Feb 2017 06:18:37 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.991
X-Spam-Level:
X-Spam-Status: No, score=-0.991 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_ADSP_ALL=0.8, DKIM_SIGNED=0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RP_MATCHES_RCVD=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, T_DKIM_INVALID=0.01, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=fail (1024-bit key) reason="fail (message has been altered)" header.d=packetizer.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id j5vWKm66KDiP for <avt@ietfa.amsl.com>; Sun, 19 Feb 2017 06:18:35 -0800 (PST)
Received: from dublin.packetizer.com (dublin.packetizer.com [75.101.130.125]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1055F129559 for <avt@ietf.org>; Sun, 19 Feb 2017 06:18:34 -0800 (PST)
Received: from dyn-167.arid.us (cpe-098-122-167-029.nc.res.rr.com [98.122.167.29] (may be forged)) (authenticated bits=0) by dublin.packetizer.com (8.15.2/8.15.2) with ESMTPSA id v1JEIDQx028412 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Sun, 19 Feb 2017 09:18:14 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=packetizer.com; s=dublin; t=1487513896; bh=wOZpAEYUmvcSdAI08hijg1k0/f71XZb2HxqKAKue7bM=; h=Date:In-Reply-To:References:Subject:To:CC:From; b=JfMk+ZXrddgheMeNwwWoGCZ9b1bHVYeYCYme17x7yc4+vy5gRKrGoZ0jbC2qFNhmM wcTxgjx/rEgzp1OeEaB5kSHKBUCWZ2VsdizxkpRw9y8BKmQssCUtjvsBe9VKt/NHYZ C3VMQXxbagw68QMqXNVibEzRYXd6vVFvzNlMDfuY=
Date: Sun, 19 Feb 2017 09:18:12 -0500
User-Agent: K-9 Mail for Android
In-Reply-To: <6E58094ECC8D8344914996DAD28F1CCD7751D9@DGGEMM506-MBX.china.huawei.com>
References: <20170216202330.94C25B8020D@rfc-editor.org> <emcee78341-8202-42e7-86bb-2f67f51ac896@sydney> <6E58094ECC8D8344914996DAD28F1CCD7751D9@DGGEMM506-MBX.china.huawei.com>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----QSRUG4JENTCMVSOIDHURID6FWMA9R7"
Content-Transfer-Encoding: 7bit
To: Roni Even <roni.even@huawei.com>, RFC Errata System <rfc-editor@rfc-editor.org>, "mcgrew@cisco.com" <mcgrew@cisco.com>, "mythicalkevin@yahoo.com" <mythicalkevin@yahoo.com>, "ben@nostrum.com" <ben@nostrum.com>, "alissa@cooperw.in" <alissa@cooperw.in>, "aamelnikov@fastmail.fm" <aamelnikov@fastmail.fm>, "magnus.westerlund@ericsson.com" <magnus.westerlund@ericsson.com>
From: "Paul E. Jones" <paulej@packetizer.com>
Message-ID: <DE5A6898-ABEF-40ED-AB09-7C1DA5D18A20@packetizer.com>
X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.6.1 (dublin.packetizer.com [10.165.122.250]); Sun, 19 Feb 2017 09:18:16 -0500 (EST)
Archived-At: <https://mailarchive.ietf.org/arch/msg/avt/A59rebnRoYfT3AZR9aL_ire-938>
X-Mailman-Approved-At: Sun, 19 Feb 2017 09:04:18 -0800
Cc: "text/plain@rfc-editor.org" <text/plain@rfc-editor.org>, "avt@ietf.org" <avt@ietf.org>
Subject: Re: [AVTCORE] [Technical Errata Reported] RFC7714 (4938)
X-BeenThere: avt@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Audio/Video Transport Core Maintenance <avt.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/avt>, <mailto:avt-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/avt/>
List-Post: <mailto:avt@ietf.org>
List-Help: <mailto:avt-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/avt>, <mailto:avt-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 19 Feb 2017 14:18:37 -0000
Roni, Sure, we could do that. However, I do wonder how useful that would be. In the outside chance one encounters such an implementation, what would they do about it? Paul -------- Original Message -------- From: Roni Even <roni.even@huawei.com> Sent: February 19, 2017 2:38:21 AM EST To: "Paul E. Jones" <paulej@packetizer.com>, RFC Errata System <rfc-editor@rfc-editor.org>, "mcgrew@cisco.com" <mcgrew@cisco.com>, "mythicalkevin@yahoo.com" <mythicalkevin@yahoo.com>, "ben@nostrum.com" <ben@nostrum.com>, "alissa@cooperw.in" <alissa@cooperw.in>, "aamelnikov@fastmail.fm" <aamelnikov@fastmail.fm>, "magnus.westerlund@ericsson.com" <magnus.westerlund@ericsson.com> Cc: "avt@ietf.org" <avt@ietf.org>, "text/plain@rfc-editor.org" <text/plain@rfc-editor.org> Subject: RE: [Technical Errata Reported] RFC7714 (4938) Paul, I saw the email with what looks like this direction but maybe the new text should mention as a note that since this was not specified before there may be few implementations that added padding on the other side. Roni Even As individual > -----Original Message----- > From: Paul E. Jones [mailto:paulej@packetizer.com] > Sent: יום ה 16 פברואר 2017 23:45 > To: RFC Errata System; mcgrew@cisco.com; mythicalkevin@yahoo.com; > ben@nostrum.com; alissa@cooperw.in; aamelnikov@fastmail.fm; Roni Even; > magnus.westerlund@ericsson.com > Cc: avt@ietf.org; text/plain@rfc-editor.org > Subject: Re: [Technical Errata Reported] RFC7714 (4938) > > Since this issue needs closure in order to ensure that we have interoperable > solutions, it would be good to have confirmation / agreement on the > proposed change. > > Paul > > ------ Original Message ------ > From: "RFC Errata System" <rfc-editor@rfc-editor.org> > To: mcgrew@cisco.com; mythicalkevin@yahoo.com; ben@nostrum.com; > alissa@cooperw.in; aamelnikov@fastmail.fm; roni.even@huawei.com; > magnus.westerlund@ericsson.com > Cc: paulej@packetizer.com; avt@ietf.org; rfc-editor@rfc-editor.org Content- > Type; text/plain@rfc-editor.org; ; charset=UTF-8@rfc-editor.org > Sent: 2/16/2017 3:23:30 PM > Subject: [Technical Errata Reported] RFC7714 (4938) > > >The following errata report has been submitted for RFC7714, "AES-GCM > >Authenticated Encryption in the Secure Real-time Transport Protocol > >(SRTP)". > > > >-------------------------------------- > >You may review the report below and at: > >http://www.rfc-editor.org/errata_search.php?rfc=7714&eid=4938 > > > >-------------------------------------- > >Type: Technical > >Reported by: Paul E. Jones <paulej@packetizer.com> > > > >Section: 11 > > > >Original Text > >------------- > >A Key Derivation Function (KDF) is used to derive all of the required > >encryption and authentication keys from a secret value shared by the > >endpoints. The AEAD_AES_128_GCM algorithm MUST use the (128-bit) > >AES_CM PRF KDF described in [RFC3711]. AEAD_AES_256_GCM MUST use > the > >AES_256_CM_PRF KDF described in [RFC6188]. > > > >Corrected Text > >-------------- > >A Key Derivation Function (KDF) is used to derive all of the required > >encryption and authentication keys from a secret value shared by the > >endpoints. The AEAD_AES_128_GCM algorithm MUST use the (128-bit) > >AES_CM PRF KDF described in [RFC3711]. AEAD_AES_256_GCM MUST use > the > >AES_256_CM_PRF KDF described in [RFC6188]. Since the KDF functions in > >those RFCs assume as input a 112-bit master salt, the 96-bit master > >salt specified in this document must be multiplied by 2^16 to form the > >112-bit salt used as the master salt in those key derivation functions. > > > >Notes > >----- > >The salt specified in RFC 7714 is 96 bits in length, but intended for > >use in KDF functions defined in RFC 3711. This led to different > >interpretations when implementing this RFC. A more complete > >description was presented on the avtcore mailing list > >(https://mailarchive.ietf.org/arch/msg/avt/IRfLuNKglD3qhqwSz3v3t0CG6fA > ) > >and, after some dialog, there seemed to be agreement to adopt the > >approach most widely implemented > >(https://mailarchive.ietf.org/arch/msg/avt/- > C1cIWQXpyzS2KfBjGR6B2kK92w). > > This suggested text is intended to reflect that agreement. In > >effect, > >16 zero bits are padded to the right of the salt value defined in RFC > >7714 (creating a 112 bit salt value) before it is used as described in > >the KDF functions defined in RFC 3711 that require a 112 bit salt > >value. > > > >Instructions: > >------------- > >This erratum is currently posted as "Reported". If necessary, please > >use "Reply All" to discuss whether it should be verified or rejected. > >When a decision is reached, the verifying party can log in to change > >the status and edit the report, if necessary. > > > >-------------------------------------- > >RFC7714 (draft-ietf-avtcore-srtp-aes-gcm-17) > >-------------------------------------- > >Title : AES-GCM Authenticated Encryption in the Secure > >Real-time Transport Protocol (SRTP) > >Publication Date : December 2015 > >Author(s) : D. McGrew, K. Igoe > >Category : PROPOSED STANDARD > >Source : Audio/Video Transport Core Maintenance > >Area : Applications and Real-Time > >Stream : IETF > >Verifying Party : IESG
- [AVTCORE] [Technical Errata Reported] RFC7714 (49… RFC Errata System
- Re: [AVTCORE] [Technical Errata Reported] RFC7714… Paul E. Jones
- Re: [AVTCORE] [Technical Errata Reported] RFC7714… Roni Even
- Re: [AVTCORE] [Technical Errata Reported] RFC7714… Paul E. Jones
- Re: [AVTCORE] [Technical Errata Reported] RFC7714… Mo Zanaty (mzanaty)