Re: [Cfrg] Authenticated Encryption with AES-CBC and HMAC-SHA, version 01
Mike Jones <Michael.Jones@microsoft.com> Tue, 20 November 2012 01:48 UTC
Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 16BD921F87E6 for <cfrg@ietfa.amsl.com>; Mon, 19 Nov 2012 17:48:58 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.598
X-Spam-Level:
X-Spam-Status: No, score=-2.598 tagged_above=-999 required=5 tests=[AWL=-0.000, BAYES_00=-2.599, HTML_MESSAGE=0.001]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zGlAFYL5sdyy for <cfrg@ietfa.amsl.com>; Mon, 19 Nov 2012 17:48:56 -0800 (PST)
Received: from NA01-BY2-obe.outbound.protection.outlook.com (na01-by2-obe.ptr.protection.outlook.com [207.46.100.23]) by ietfa.amsl.com (Postfix) with ESMTP id 1738D21F87E1 for <cfrg@irtf.org>; Mon, 19 Nov 2012 17:48:55 -0800 (PST)
Received: from BL2FFO11FD011.protection.gbl (10.173.161.203) by BL2FFO11HUB007.protection.gbl (10.173.160.227) with Microsoft SMTP Server (TLS) id 15.0.556.9; Tue, 20 Nov 2012 01:48:49 +0000
Received: from TK5EX14MLTC101.redmond.corp.microsoft.com (131.107.125.37) by BL2FFO11FD011.mail.protection.outlook.com (10.173.161.17) with Microsoft SMTP Server (TLS) id 15.0.556.9 via Frontend Transport; Tue, 20 Nov 2012 01:48:48 +0000
Received: from TK5EX14MBXC283.redmond.corp.microsoft.com ([169.254.2.146]) by TK5EX14MLTC101.redmond.corp.microsoft.com ([157.54.79.178]) with mapi id 14.02.0318.003; Tue, 20 Nov 2012 01:48:43 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: Russ Housley <housley@vigilsec.com>
Thread-Topic: [Cfrg] Authenticated Encryption with AES-CBC and HMAC-SHA, version 01
Thread-Index: AQHNxYqe+EdNf2OoW02Ggo3Wp5fiaZfx9t3g
Date: Tue, 20 Nov 2012 01:48:43 +0000
Message-ID: <4E1F6AAD24975D4BA5B1680429673943668D8EE3@TK5EX14MBXC283.redmond.corp.microsoft.com>
References: <747787E65E3FBD4E93F0EB2F14DB556B0F50A96C@xmb-rcd-x04.cisco.com> <4E1F6AAD24975D4BA5B1680429673943668B026C@TK5EX14MBXC283.redmond.corp.microsoft.com> <FE2BC73F-41FA-4B5B-900C-117749CEEBAC@vigilsec.com>
In-Reply-To: <FE2BC73F-41FA-4B5B-900C-117749CEEBAC@vigilsec.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [157.54.51.73]
Content-Type: multipart/alternative; boundary="_000_4E1F6AAD24975D4BA5B1680429673943668D8EE3TK5EX14MBXC283r_"
MIME-Version: 1.0
X-Forefront-Antispam-Report: CIP:131.107.125.37; CTRY:US; IPV:CAL; IPV:NLI; EFV:NLI; SFV:NSPM; SFS:(24454001)(51914002)(377454001)(164054002)(47446002)(54316002)(4396001)(76482001)(49866001)(5343655001)(47736001)(50986001)(16406001)(550184003)(74662001)(47976001)(44976002)(31966008)(5343635001)(56776001)(54356001)(512954001)(15202345001)(53806001)(46102001)(51856001)(56816002)(74502001)(33656001)(55846005); DIR:OUT; SFP:; LANG:en;
X-OriginatorOrg: microsoft.onmicrosoft.com
X-Forefront-PRVS: 0671F32598
Cc: IRTF CFRG <cfrg@irtf.org>, "jose@ietf.org" <jose@ietf.org>
Subject: Re: [Cfrg] Authenticated Encryption with AES-CBC and HMAC-SHA, version 01
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Tue, 20 Nov 2012 01:48:58 -0000
Thanks for the pointer, Russ. This is a useful point of reference in several regards.
-- Mike
From: Russ Housley [mailto:housley@vigilsec.com]
Sent: Sunday, November 18, 2012 4:45 AM
To: Mike Jones
Cc: IRTF CFRG; jose@ietf.org
Subject: Re: [Cfrg] Authenticated Encryption with AES-CBC and HMAC-SHA, version 01
Have you looked at the algorithm in RFC 6476? While the discussion is CMS-specific, the algorithm could be used with another syntax.
Russ
On Nov 12, 2012, at 1:55 PM, Mike Jones wrote:
As background, if there was a version of this spec that did not assume that the parameters would be concatenated together in a specific way, but left them as independent inputs and outputs, as AES GCM and AES CTR do, it would be a better match for JOSE's use case.
-- Mike
From: cfrg-bounces@irtf.org<mailto:cfrg-bounces@irtf.org> [mailto:cfrg-bounces@irtf.org] On Behalf Of David McGrew (mcgrew)
Sent: Monday, November 12, 2012 10:21 AM
To: cfrg@irtf.org<mailto:cfrg@irtf.org>; jose@ietf.org<mailto:jose@ietf.org>
Subject: [Cfrg] Authenticated Encryption with AES-CBC and HMAC-SHA, version 01
Hi,
There is a new version of "Authenticated Encryption with AES-CBC and HMAC-SHA", and I would appreciate your review. It is online at <https://datatracker.ietf.org/doc/draft-mcgrew-aead-aes-cbc-hmac-sha2/?include_text=1><https://datatracker.ietf.org/doc/draft-mcgrew-aead-aes-cbc-hmac-sha2/?include_text=1%3e> The diff between the current and the previous version is available at <http://www.ietf.org/rfcdiff?url2=draft-mcgrew-aead-aes-cbc-hmac-sha2-01><http://www.ietf.org/rfcdiff?url2=draft-mcgrew-aead-aes-cbc-hmac-sha2-01%3e>
This draft has been proposed for use in the JOSE WG <http://datatracker.ietf.org/wg/jose/><http://datatracker.ietf.org/wg/jose/%3e> , where its adoption would allow the working group to omit "raw" unauthenticated encryption, e.g. AES-CBC, and only include authenticated encryption. Thus I am asking for your help in making
John Foley generated test cases that correspond to the current version of the draft, but I didn't include these in the draft because I did not yet get confirmation from a second independent implementation. With hope, there will not be any need for any normative changes, and I will include these after I get confirmation.
Thanks,
David
_______________________________________________
Cfrg mailing list
Cfrg@irtf.org<mailto:Cfrg@irtf.org>
http://www.irtf.org/mailman/listinfo/cfrg
- [Cfrg] Authenticated Encryption with AES-CBC and … David McGrew (mcgrew)
- Re: [Cfrg] Authenticated Encryption with AES-CBC … David McGrew (mcgrew)
- Re: [Cfrg] Authenticated Encryption with AES-CBC … Dan Harkins
- Re: [Cfrg] [jose] Authenticated Encryption with A… Michael Jones
- Re: [Cfrg] [jose] Authenticated Encryption with A… David McGrew (mcgrew)
- Re: [Cfrg] Authenticated Encryption with AES-CBC … David McGrew (mcgrew)
- Re: [Cfrg] Authenticated Encryption with AES-CBC … Dan Harkins
- Re: [Cfrg] [jose] Authenticated Encryption with A… Michael Jones
- Re: [Cfrg] Authenticated Encryption with AES-CBC … Dan Harkins
- Re: [Cfrg] [jose] Authenticated Encryption with A… Manger, James H
- Re: [Cfrg] [jose] Authenticated Encryption with A… David McGrew (mcgrew)
- Re: [Cfrg] Authenticated Encryption with AES-CBC … Mike Jones
- Re: [Cfrg] Authenticated Encryption with AES-CBC … Russ Housley
- Re: [Cfrg] Authenticated Encryption with AES-CBC … Tolga Acar
- Re: [Cfrg] Authenticated Encryption with AES-CBC … Mike Jones
- Re: [Cfrg] Authenticated Encryption with AES-CBC … David Jacobson
- Re: [Cfrg] Authenticated Encryption with AES-CBC … Tolga Acar
- Re: [Cfrg] Authenticated Encryption with AES-CBC … Igoe, Kevin M.
- Re: [Cfrg] Authenticated Encryption with AES-CBC … David McGrew (mcgrew)
- Re: [Cfrg] Authenticated Encryption with AES-CBC … Manger, James H
- Re: [Cfrg] [jose] Authenticated Encryption with A… Ben Laurie