IETF Logo Mail Archive

Re: [AVTCORE] [Technical Errata Reported] RFC7714 (4938)

Roni Even <roni.even@huawei.com> Sun, 19 February 2017 07:39 UTC

Return-Path: <roni.even@huawei.com>
X-Original-To: avt@ietfa.amsl.com
Delivered-To: avt@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id ABA63128824 for <avt@ietfa.amsl.com>; Sat, 18 Feb 2017 23:39:11 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.221
X-Spam-Level:
X-Spam-Status: No, score=-4.221 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9imjnT54SXh4 for <avt@ietfa.amsl.com>; Sat, 18 Feb 2017 23:39:09 -0800 (PST)
Received: from lhrrgout.huawei.com (lhrrgout.huawei.com [194.213.3.17]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D7E59126D74 for <avt@ietf.org>; Sat, 18 Feb 2017 23:39:08 -0800 (PST)
Received: from 172.18.7.190 (EHLO lhreml703-cah.china.huawei.com) ([172.18.7.190]) by lhrrg01-dlp.huawei.com (MOS 4.3.7-GA FastPath queued) with ESMTP id DGU52127; Sun, 19 Feb 2017 07:38:29 +0000 (GMT)
Received: from LHREML709-CAH.china.huawei.com (10.201.108.32) by lhreml703-cah.china.huawei.com (10.201.108.44) with Microsoft SMTP Server (TLS) id 14.3.301.0; Sun, 19 Feb 2017 07:38:28 +0000
Received: from DGGEMM404-HUB.china.huawei.com (10.3.20.212) by lhreml709-cah.china.huawei.com (10.201.108.32) with Microsoft SMTP Server (TLS) id 14.3.301.0; Sun, 19 Feb 2017 07:38:27 +0000
Received: from DGGEMM506-MBX.china.huawei.com ([169.254.3.117]) by DGGEMM404-HUB.china.huawei.com ([10.3.20.212]) with mapi id 14.03.0301.000; Sun, 19 Feb 2017 15:38:21 +0800
From: Roni Even <roni.even@huawei.com>
To: "Paul E. Jones" <paulej@packetizer.com>, RFC Errata System <rfc-editor@rfc-editor.org>, "mcgrew@cisco.com" <mcgrew@cisco.com>, "mythicalkevin@yahoo.com" <mythicalkevin@yahoo.com>, "ben@nostrum.com" <ben@nostrum.com>, "alissa@cooperw.in" <alissa@cooperw.in>, "aamelnikov@fastmail.fm" <aamelnikov@fastmail.fm>, "magnus.westerlund@ericsson.com" <magnus.westerlund@ericsson.com>
Thread-Topic: [Technical Errata Reported] RFC7714 (4938)
Thread-Index: AQHSiJKQXzMQWGJmPEujV7rwsR/poKFrpKAAgARP0bA=
Date: Sun, 19 Feb 2017 07:38:21 +0000
Message-ID: <6E58094ECC8D8344914996DAD28F1CCD7751D9@DGGEMM506-MBX.china.huawei.com>
References: <20170216202330.94C25B8020D@rfc-editor.org> <emcee78341-8202-42e7-86bb-2f67f51ac896@sydney>
In-Reply-To: <emcee78341-8202-42e7-86bb-2f67f51ac896@sydney>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.200.201.150]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-CFilter-Loop: Reflected
X-Mirapoint-Virus-RAPID-Raw: score=unknown(0), refid=str=0001.0A020204.58A94B75.01F1, ss=1, re=0.000, recu=0.000, reip=0.000, cl=1, cld=1, fgs=0, ip=169.254.3.117, so=2013-06-18 04:22:30, dmn=2013-03-21 17:37:32
X-Mirapoint-Loop-Id: 16cfadb55cdfe9a5ecf38e3bf52abe3c
Archived-At: <https://mailarchive.ietf.org/arch/msg/avt/Tu6A2J6dzZ3YNWzqO3MyZMFuCSg>
X-Mailman-Approved-At: Sun, 19 Feb 2017 09:04:18 -0800
Cc: "text/plain@rfc-editor.org" <text/plain@rfc-editor.org>, "avt@ietf.org" <avt@ietf.org>
Subject: Re: [AVTCORE] [Technical Errata Reported] RFC7714 (4938)
X-BeenThere: avt@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Audio/Video Transport Core Maintenance <avt.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/avt>, <mailto:avt-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/avt/>
List-Post: <mailto:avt@ietf.org>
List-Help: <mailto:avt-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/avt>, <mailto:avt-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 19 Feb 2017 07:39:11 -0000

Paul,
I saw the email with what looks like this direction but maybe the new text should mention as a note that since this was not specified before there may be few implementations that added padding on the other side.
Roni Even
As individual

> -----Original Message-----
> From: Paul E. Jones [mailto:paulej@packetizer.com]
> Sent: יום ה 16 פברואר 2017 23:45
> To: RFC Errata System; mcgrew@cisco.com; mythicalkevin@yahoo.com;
> ben@nostrum.com; alissa@cooperw.in; aamelnikov@fastmail.fm; Roni Even;
> magnus.westerlund@ericsson.com
> Cc: avt@ietf.org; text/plain@rfc-editor.org
> Subject: Re: [Technical Errata Reported] RFC7714 (4938)
> 
> Since this issue needs closure in order to ensure that we have interoperable
> solutions, it would be good to have confirmation / agreement on the
> proposed change.
> 
> Paul
> 
> ------ Original Message ------
> From: "RFC Errata System" <rfc-editor@rfc-editor.org>
> To: mcgrew@cisco.com; mythicalkevin@yahoo.com; ben@nostrum.com;
> alissa@cooperw.in; aamelnikov@fastmail.fm; roni.even@huawei.com;
> magnus.westerlund@ericsson.com
> Cc: paulej@packetizer.com; avt@ietf.org; rfc-editor@rfc-editor.org Content-
> Type; text/plain@rfc-editor.org; ; charset=UTF-8@rfc-editor.org
> Sent: 2/16/2017 3:23:30 PM
> Subject: [Technical Errata Reported] RFC7714 (4938)
> 
> >The following errata report has been submitted for RFC7714, "AES-GCM
> >Authenticated Encryption in the Secure Real-time Transport Protocol
> >(SRTP)".
> >
> >--------------------------------------
> >You may review the report below and at:
> >http://www.rfc-editor.org/errata_search.php?rfc=7714&eid=4938
> >
> >--------------------------------------
> >Type: Technical
> >Reported by: Paul E. Jones <paulej@packetizer.com>
> >
> >Section: 11
> >
> >Original Text
> >-------------
> >A Key Derivation Function (KDF) is used to derive all of the required
> >encryption and authentication keys from a secret value shared by the
> >endpoints.  The AEAD_AES_128_GCM algorithm MUST use the (128-bit)
> >AES_CM PRF KDF described in [RFC3711].  AEAD_AES_256_GCM MUST use
> the
> >AES_256_CM_PRF KDF described in [RFC6188].
> >
> >Corrected Text
> >--------------
> >A Key Derivation Function (KDF) is used to derive all of the required
> >encryption and authentication keys from a secret value shared by the
> >endpoints.  The AEAD_AES_128_GCM algorithm MUST use the (128-bit)
> >AES_CM PRF KDF described in [RFC3711].  AEAD_AES_256_GCM MUST use
> the
> >AES_256_CM_PRF KDF described in [RFC6188].  Since the KDF functions in
> >those RFCs assume as input a 112-bit master salt, the 96-bit master
> >salt specified in this document must be multiplied by 2^16 to form the
> >112-bit salt used as the master salt in those key derivation functions.
> >
> >Notes
> >-----
> >The salt specified in RFC 7714 is 96 bits in length, but intended for
> >use in KDF functions defined in RFC 3711.  This led to different
> >interpretations when implementing this RFC.  A more complete
> >description was presented on the avtcore mailing list
> >(https://mailarchive.ietf.org/arch/msg/avt/IRfLuNKglD3qhqwSz3v3t0CG6fA
> )
> >and, after some dialog, there seemed to be agreement to adopt the
> >approach most widely implemented
> >(https://mailarchive.ietf.org/arch/msg/avt/-
> C1cIWQXpyzS2KfBjGR6B2kK92w).
> >  This suggested text is intended to reflect that agreement.  In
> >effect,
> >16 zero bits are padded to the right of the salt value  defined in RFC
> >7714 (creating a 112 bit salt value) before it is used as described in
> >the KDF functions defined in RFC 3711 that require a 112 bit salt
> >value.
> >
> >Instructions:
> >-------------
> >This erratum is currently posted as "Reported". If necessary, please
> >use "Reply All" to discuss whether it should be verified or rejected.
> >When a decision is reached, the verifying party can log in to change
> >the status and edit the report, if necessary.
> >
> >--------------------------------------
> >RFC7714 (draft-ietf-avtcore-srtp-aes-gcm-17)
> >--------------------------------------
> >Title               : AES-GCM Authenticated Encryption in the Secure
> >Real-time Transport Protocol (SRTP)
> >Publication Date    : December 2015
> >Author(s)           : D. McGrew, K. Igoe
> >Category            : PROPOSED STANDARD
> >Source              : Audio/Video Transport Core Maintenance
> >Area                : Applications and Real-Time
> >Stream              : IETF
> >Verifying Party     : IESG

v2.23.0 | Report a Bug | By Email