Return-Path: X-Original-To: cfrg@ietfa.amsl.com Delivered-To: cfrg@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6A82C3A0F89 for ; Wed, 1 Apr 2020 01:07:12 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.897 X-Spam-Level: X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 17t3XKmmr9Ff for ; Wed, 1 Apr 2020 01:07:11 -0700 (PDT) Received: from mail3-relais-sop.national.inria.fr (mail3-relais-sop.national.inria.fr [192.134.164.104]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 808F13A0F86 for ; Wed, 1 Apr 2020 01:07:10 -0700 (PDT) X-IronPort-AV: E=Sophos;i="5.72,330,1580770800"; d="scan'208";a="344547135" X-MGA-submission: =?us-ascii?q?MDGICTNm4dX0FRSozH5ba3dRGePyDwgC8qW8F7?= =?us-ascii?q?9IKZaMl3DsVN+sSVm+ZliiicmluoNXysxtTY7/zBVAC5heX6FGeIIpMI?= =?us-ascii?q?Jhoccpsh0duRBRKDNplYmAjG2nmoTfXLX6DEsurawJAI303n2XmLGSHA?= =?us-ascii?q?Ui31jiCPCWfu1phkQu0bG1fg=3D=3D?= Received: from zcs-store2.inria.fr ([128.93.142.29]) by mail3-relais-sop.national.inria.fr with ESMTP; 01 Apr 2020 10:07:08 +0200 Date: Wed, 1 Apr 2020 10:07:07 +0200 (CEST) From: Leo Perrin To: Stephen Farrell Cc: Robert Moskowitz , "Blumenthal, Uri - 0553 - MITLL" , Dan Brown , cfrg@ietf.org Message-ID: <1938299699.23565911.1585728427697.JavaMail.zimbra@inria.fr> In-Reply-To: <4d64bcce-7f9e-9ec4-e73b-45e2c57d5de6@cs.tcd.ie> References: <83571efb-a32f-6a59-a496-de56716f07da@htt-consult.com> <9ACD4ECA-CFBF-40DC-8CB8-BB7DAEFBB42D@ll.mit.edu> <4d64bcce-7f9e-9ec4-e73b-45e2c57d5de6@cs.tcd.ie> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable X-Originating-IP: [86.247.178.125] X-Mailer: Zimbra 8.7.11_GA_3800 (ZimbraWebClient - FF74 (Linux)/8.7.11_GA_3800) Thread-Topic: Encrypt in place guidance Thread-Index: BHmz/sfQfsFtZJSQJ59Z4DgolUxqLg== Archived-At: Subject: Re: [Cfrg] Encrypt in place guidance X-BeenThere: cfrg@irtf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Crypto Forum Research Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 01 Apr 2020 08:07:12 -0000 Hi, >> Speck >=20 > Hmm. Were the design criteria for that algorithm > ever published in the end? (I've not followed it, > so they may have been.) The authors of SPECK put something on eprint [1] but it merely lists public= results and claims they already knew about the corresponding attacks. I pe= rsonally don't find this document convincing at all since it came *after* a= public analysis. In my opinion (and it is not a controversial one in the a= cademic symmetric crypto community), if the designers of a cipher did not p= ublish their security analysis along with its specification then you should= not even consider using the corresponding cipher. Of course, there is also= the elephant in the room: SPECK was designed by the same entity as the bac= kdoored DUAL_EC. By the way, there are many (many!) 64-bit block ciphers in the literature--= -see Table 6 of [2]. Full disclosure: I am a co-author of this survey. If y= ou have questions about it, feel free to ask! [1] https://eprint.iacr.org/2017/560 [2] https://eprint.iacr.org/2017/511 Cheers, /L=E9o