[CFRG] NIST Workshop on the Requirements for an Accordion Cipher

John Mattsson <john.mattsson@ericsson.com> Wed, 05 June 2024 05:30 UTC

Return-Path: <john.mattsson@ericsson.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 79B89C1519A7 for <cfrg@ietfa.amsl.com>; Tue, 4 Jun 2024 22:30:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ObATEsxfR1c4 for <cfrg@ietfa.amsl.com>; Tue, 4 Jun 2024 22:30:21 -0700 (PDT)
Received: from EUR04-VI1-obe.outbound.protection.outlook.com (mail-vi1eur04on2070.outbound.protection.outlook.com [40.107.8.70]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EA574C151079 for <cfrg@ietf.org>; Tue, 4 Jun 2024 22:30:20 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=T96NwoboNquJBY15ujXeEZyOG3FR6unhBfwKkyD4/f7UD8/UloZs5Tiwy66vLYOoM/20gyfKVhwZ3q/5q8IDqivx3rEoPCAy8HjFLN2bwB0oTuPA+Q8CT6q/ViJ6DPjOkzVJPcnsF+gydVr/7ZypPBa5o/1lnxAamHsv6bmkalAG3D3QEFXw/JNum6kvB0Vl7DffS59mCQdD6N3TAcWi9Wr4BLFcmjNg9ml7DUA9Zz5rmZUka9tBOdnFd1Cd3BDoGanIJPFxa1irdiF79RuawAgAdy9hXkX6MIxh+9IXfEcfnx3Rdr4nJx4aVcW9pE12mEIF+3vSkjpj2sQY4TEcZg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=Fj6b8+hQ7aSyszlviHIvJGJFt2uKhmK8XSajvHWuAtQ=; b=bkI1YwYiS8mwcOBWWbmKjoSMDyDCqo70Ld6STjhpJRjw+g9nZcnOumBvOW6bLXQm+xd5wbsLEMEHu3+FjrewzsyS0P2bvxsy4YbE/0gJQs8A1TuezT8F2+k4tqI8EjP+Jwvo+HmHd7+lBy/ZQFtyjQBn/zUnI5NznH9QbeXgtb/BWMDVPEetO6SyGy8/Drn5TBl0trLOnZbEeYVJL7+5teeJeoyJEuzexEkvfFWrJzytKOg2Hb4/6p0cQxALlbzqFMeiQQnz+YWDJYwjvp1OSPa6rWjjzdPeTMFKnbsEyQZj4GBsn4fH9CsNflPx3ERY6BO+hhZHl3D6tpLcN9z5OA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ericsson.com; dmarc=pass action=none header.from=ericsson.com; dkim=pass header.d=ericsson.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Fj6b8+hQ7aSyszlviHIvJGJFt2uKhmK8XSajvHWuAtQ=; b=DRxRtEE3vh9YGYw5dzi0iLpBq500Xjf+VdJkG3xWJMT1xkZ5IVzwbqs/OYnWAYrUOUomNMMTXMbvX+dfPF3hfhJIi0nzLn4OKRS8ro0C/gWz9DGmIYR81oH6GoTxhqnvblRHpyuhPf3WUfPyqlDUjvhQPPKAS6KMMJ2eomUQysrACoNZa3RDebSDzq3eVwMLhS70nH1PRNiSflkewlQTfXlBtsJjJ6Z4duDKKrnvisBh2hPTaL4r0q9fJeG2beIo17bLCjzjrCrRJ3AL2y7z+KfexLGh3Mr/6NiGufqropJho6qXQnObqlFt/2eiij4/mWYDPU7uPniUvA19cLgEzw==
Received: from GVXPR07MB9678.eurprd07.prod.outlook.com (2603:10a6:150:114::10) by AS2PR07MB9027.eurprd07.prod.outlook.com (2603:10a6:20b:557::9) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7633.31; Wed, 5 Jun 2024 05:30:17 +0000
Received: from GVXPR07MB9678.eurprd07.prod.outlook.com ([fe80::bcf3:3f45:888e:a4b8]) by GVXPR07MB9678.eurprd07.prod.outlook.com ([fe80::bcf3:3f45:888e:a4b8%3]) with mapi id 15.20.7633.021; Wed, 5 Jun 2024 05:30:17 +0000
From: John Mattsson <john.mattsson@ericsson.com>
To: "cfrg@ietf.org" <cfrg@ietf.org>
Thread-Topic: NIST Workshop on the Requirements for an Accordion Cipher
Thread-Index: AQHatwCRD/HLV3/vz0+tX/65D1X+Yg==
Date: Wed, 05 Jun 2024 05:30:17 +0000
Message-ID: <GVXPR07MB9678338D77B06BEA1C4A0DB489F92@GVXPR07MB9678.eurprd07.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=ericsson.com;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: GVXPR07MB9678:EE_|AS2PR07MB9027:EE_
x-ms-office365-filtering-correlation-id: 8944b0e1-e722-4514-ab5f-08dc85209580
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;ARA:13230031|366007|1800799015|376005|38070700009;
x-microsoft-antispam-message-info: cmHkga4j+SVo1p8vT9wFAWeFx038dcNYX4NcYhejJNYMBIQ3JYEsJ+sISmivqNWz42vYCnqqGTyFq1xOc7HOLEyoyfmuGqWoFXOxYccSSJkLyIL0RWGhgoRwdJoL3F4DjWov+/G4gXg62vvXngY3EFbf/omqh0qwmrWDp9WOcfW1Cq9JH9pDhItO9PqIVp9/T27S5FBc82ulh7L8ps4xQpTeOwqT6WzJmp2UdfoNRhKgKvJn5R3fHRXJJd7eIGRuPD8PApEADhdzoPs8pNrv4VXIEM2hyk2ibRK7rkFNYsnypHr6EaZ2H7vDpz5CyW1moYVX9wss6T2P80dJmCvGuHYATPvLX8rAFWk+RI5nUsIBlQ4/oYlB1cbtt17Nazx3etjS85YI8n0WSrynWIn6yuAG2pGYBiGL2+y20eSNQLkDuWWmjKQbnq0dPzn5a4aul5RjgW+oWkrM39Jh60JlebPOQMfWE9LUM+fL/IAytiJC1CZwGqnBmo3JOV4rRE7k4x0hCWeFEVnOpzuIfv3wpDHt+p6+7iMJFlbyVTHihQPAFkoXzCGPRXvh9724hqGIR9QfG+YjkUZoMVrgtuJbm9LnE3XKf6RirMibaK3lauuwWV8gIzqInNLT0/EdUToaU2slRaQ73sFc9PfLsCAGaN8EX5cWJCY7vTL6nUZ+/8WfnIB4SJ5X9FaD9n1M95MHhpGRWC1wLvyYeUy1DAw35xctst5ZHHukNkcgFypPjyprkzuC7HULMSplW8IpqRmyLBnO7xfbnyONjl04QnY4WB4ACQSTYoYOTu3HPUkTQMzRHy7ww+T1sfzYDDio9R4q5fuz0Y30oueKjce4vScHzhCKGxBVZdpdwdb/ZoT7mlodAWdOEFpmsa8yrXqfJPnMqvqVv9vrGDRK3+MAPOp3IUyF3ZO/odwABcXo7jm5Frp/S0LKCDbwjykJMvkhQZJ4c01qmt3pwSw55ITdPczg0zbr/eYOZjfbjFkaHg0+Y/kPsDIq5HPoLe0t7vvgChlqFw3arwZ5EmZW++3JHF3Q45eUnO/leYt9YvXNV0QESa36XCqF2PkeKIsSb5qfvhTgB83O/hq4fOW5tZeq1ayR3qvgPaS6pizY6YyM0r7wdP8DAaSyDFZZbSbmVz6fjJULc1mgsk6Jg5r41QDRg9LW+BvI8zat9YVr3UtLREszPA7w7d51tZp3eJcl1yUGJ1aog48XJL7avHjiZ3St5lv2922OtfqyRq3oMSJWVP+Iyn563ghfWOGc5EE9yBONNgVUmiLDsXD9tH1gKdvLoJK1++2o8pKmxFsDXIXInHmUBUxRCUSy6R4/eBYi6HUpRyVz
x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:GVXPR07MB9678.eurprd07.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230031)(366007)(1800799015)(376005)(38070700009);DIR:OUT;SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: RRXiDA7hfSaNBQs5nI0vSNtiLrR27ExcHBv/n/eYPNCtjXceiKna+S6UNdlhPvH3v3H0tKjKOc/rmV38Bzqw7TLCoQv5BgRaMcjwe/iCft6YksRvJ2gmM+gKXaKLuI5Vb9HL81aaYEdUk5VBoh4hbMuEEXQLjnd+FVFrYz6/6mSyImPKWNp/MBc/L5CgSVtg/TO8dsMwIpOUMwxSnjXZEksasOi1ZVqjw/c3kpz6oeiV6PVxnUnM+jzrrf1wfPBWUbz09zZDlj53aGhOu8bbyjvhyanMQE1NlHTRaGxHVhWdL26crNTtalhn0pohA3b7IYOu67vtDZ8b3ulYv+NH86Ja/WHWH9dDJbolVvWiFH6hGkEoZDNoS2b66g580cP/GMmR1kgB7kPeQROqtdatvOsW8Y23whuLgkm+QekdtJTfj0x4Pt0nfPrC99tiWAbJwYcbkTnTXlXfcpCtyWvDrIgbjXeWBTKgMTZUAgr+07tSmVBvONvCJ65NVGqt2aZdIMwiLqW+IL6SHqz3JwQx9iqgV76R/ntkWMyH5yV8peyh3o/Aii1HING4RLlFjxa2C8R0ytirjhYttFwThwfxn6XU0jU0Me19ZDL+hNUDr5GRxfmtcDjYb+/mUf4/e1OWzvQ3cc24zq0I9tR9kwT52MxAYp7qaqd33aSp+pjxERjxYjK/agYuT1iSDrj+YDOVeFtsU+YxUpKM2NrZ6/IYMkuoEgz64muanzmWIVmPfxpoUvWrClqcMZtgQxkmH4Uk4joTRSdYkqGfDrXO9Ai149zk8Vaw6Q1Z2OQtCVzbpp5CcKBbptcAA+hOBcIIPGvehdL2bXHs4WNlV/7/jY5Gl/7gzzsLvgi6PN0rQtwQP1rwt6BJW+O/bzV6WwMQMvsJ/gkH0hi1eTghTMqRxq/ha6/Qicc0ErSfdrtZToeYclTcNPt6aWrLEPSSCxEKQvlbJ4c8FlRIBzu1/aK5y8e9sYJXMyGXPieErDc4xS9D18GeAaULmJtE+lRMpLe5mvRnOd2ncjL1I0pXKwJW0mAjaKpJ3tBTUDg6L2t6LLcg68LgvWBITThmpUlI5QWKCuiCnN1PX1Dk7i7GzVAY7KzyWtq/DVBBJaE+faK47dotCsMoP4hSX+LguS2/UhWvPlLMG39BIe8dFnzOdVn5t+Vs0rJnTZNcnJfEb3wd2b4yGJEr4SI8EcP7vSUG7V4+vwgkxSJF53bhLO/T9EP7gOsgu+FWQFrb9BkF9lZE2k85LxEF1vbEl1laRv5zJj5yy2/uHupVZLFKWcErNkxhN8CYb+zq2TjkICXnlOFjyxxISVfLWnX8dcogAg81Gitiy+BaBme0fRGSeJOMQfDaIvctmc+vlslzp2Fea2jfMpxdakSaeMg7I0IzAFRA3c6s8hrS5pHTeVeiWl9qBEZKo/KHZtozbiohT5h7l9xVoaWwRim6Zsv11XEkAJz/Xn/FXpm7v5YMTn08/2L1k7OLngh7bvl7q5wWSdqZ5fAxWCWgL+zvyO97QHoK4dvMRdh+wfskgDhx+Zdmour199vbY7Uf4m/W9TvewQrKxuvmgbJ0fN4Y52Mjdmn7eYZJTDxSzdVYt/N9/BhZs/PdhDX3FWmT3Q==
Content-Type: multipart/alternative; boundary="_000_GVXPR07MB9678338D77B06BEA1C4A0DB489F92GVXPR07MB9678eurp_"
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: GVXPR07MB9678.eurprd07.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 8944b0e1-e722-4514-ab5f-08dc85209580
X-MS-Exchange-CrossTenant-originalarrivaltime: 05 Jun 2024 05:30:17.3175 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: nVS9YnpSrO5Rg1zpzAJRgclwtcfIdtjF+NgbqeG2aEKvPiCkmOp3rw5nUDIRx6/3WO20i1lgxBongjNAfB32ytGN+8Zkvwwx0mlEyFUmrXw=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AS2PR07MB9027
Message-ID-Hash: Q2TSVFBKM22G5BDMSQMPT2MZZPNR2MZJ
X-Message-ID-Hash: Q2TSVFBKM22G5BDMSQMPT2MZZPNR2MZJ
X-MailFrom: john.mattsson@ericsson.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-cfrg.irtf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [CFRG] NIST Workshop on the Requirements for an Accordion Cipher
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/-R0w-K0UziDQ0Qq-0RWiHtrc64k>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Owner: <mailto:cfrg-owner@irtf.org>
List-Post: <mailto:cfrg@irtf.org>
List-Subscribe: <mailto:cfrg-join@irtf.org>
List-Unsubscribe: <mailto:cfrg-leave@irtf.org>

Hi,

If anybody has missed it, there is still a week left to register to NIST's Workshop on Requirements for an Accordion Cipher.

https://csrc.nist.gov/Events/2024/accordion-cipher-mode-workshop-2024

And a month left to provide comments on the requirements.

https://csrc.nist.gov/pubs/other/2024/04/10/proposal-of-requirements-for-an-accordion-mode-dis/iprd

I am very excited that NIST has started this work. There is soo much missing in current encryption algorithms from NIST and CFRG.

Looking at properties of the derived funtions, I hope the outcome will be a Robust AE (RAE) with much better bounds than q^2 / 2^129, with commitment security of half the tag length, and with nonce-hiding and replay protection.

https://eprint.iacr.org/2014/793.pdf

I think a restiction to a mode of AES would mean much slower performance than AES-GCM and/or security restricted by the narrow 128-bit block width. But work in this area will likely trigger more research into faster schemes with similar properties.

Cheers,
John Preuß Mattsson