[Cfrg] Authenticated Encryption with AES-CBC and HMAC-SHA, version 01

"David McGrew (mcgrew)" <mcgrew@cisco.com> Mon, 12 November 2012 18:20 UTC

Return-Path: <mcgrew@cisco.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id A78B521F8609 for <cfrg@ietfa.amsl.com>; Mon, 12 Nov 2012 10:20:59 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -110.598
X-Spam-Status: No, score=-110.598 tagged_above=-999 required=5 tests=[AWL=-0.000, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-8, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id zYehuN4G3MDU for <cfrg@ietfa.amsl.com>; Mon, 12 Nov 2012 10:20:59 -0800 (PST)
Received: from rcdn-iport-1.cisco.com (rcdn-iport-1.cisco.com []) by ietfa.amsl.com (Postfix) with ESMTP id 1C9FD21F859E for <cfrg@irtf.org>; Mon, 12 Nov 2012 10:20:59 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=4396; q=dns/txt; s=iport; t=1352744459; x=1353954059; h=from:to:cc:subject:date:message-id:mime-version; bh=4X7UHtJe3TJVIAY1M3sG63OuFd+Me+j/hqUClsItXCM=; b=jtQc9vsVWMyjJZAGdY+QD3FH2oeIGSdBXRj6N/5wmcRD6CwV1/bLdkSa GQbRWW58hgSZWV4/vjIBjVZiq4yGcISpvZz4Ec5dqdCo6FVGvG6NvCtx7 kdQG1xg3LTNaBYRmnNgBAOcWfK+lZqrPvkJVKLkqFc4LzK8k+0PDJueAJ s=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: ArAFAJs9oVCtJV2Z/2dsb2JhbABEgkmvHIkFAYhvgQiCIAEEEgFmEgEMHlYnBAENDQEZh2gLmWWffJF+YQOXGI08gWuCb4IZ
X-IronPort-AV: E=McAfee;i="5400,1158,6894"; a="141162395"
Received: from rcdn-core-2.cisco.com ([]) by rcdn-iport-1.cisco.com with ESMTP; 12 Nov 2012 18:20:58 +0000
Received: from xhc-rcd-x12.cisco.com (xhc-rcd-x12.cisco.com []) by rcdn-core-2.cisco.com (8.14.5/8.14.5) with ESMTP id qACIKwqX022002 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Mon, 12 Nov 2012 18:20:58 GMT
Received: from xmb-rcd-x04.cisco.com ([]) by xhc-rcd-x12.cisco.com ([]) with mapi id 14.02.0318.001; Mon, 12 Nov 2012 12:20:57 -0600
From: "David McGrew (mcgrew)" <mcgrew@cisco.com>
To: "cfrg@irtf.org" <cfrg@irtf.org>, "jose@ietf.org" <jose@ietf.org>
Thread-Topic: Authenticated Encryption with AES-CBC and HMAC-SHA, version 01
Thread-Index: AQHNwQJ1KPZ1PBWsRUecOePTOEDiwQ==
Date: Mon, 12 Nov 2012 18:20:57 +0000
Message-ID: <747787E65E3FBD4E93F0EB2F14DB556B0F50A96C@xmb-rcd-x04.cisco.com>
Accept-Language: en-US
Content-Language: en-US
user-agent: Microsoft-MacOutlook/
x-originating-ip: []
x-tm-as-product-ver: SMEX-
x-tm-as-result: No--30.318000-8.000000-31
x-tm-as-user-approved-sender: No
x-tm-as-user-blocked-sender: No
Content-Type: multipart/alternative; boundary="_000_747787E65E3FBD4E93F0EB2F14DB556B0F50A96Cxmbrcdx04ciscoc_"
MIME-Version: 1.0
Subject: [Cfrg] Authenticated Encryption with AES-CBC and HMAC-SHA, version 01
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Mon, 12 Nov 2012 18:20:59 -0000


There is a new version of "Authenticated Encryption with AES-CBC and HMAC-SHA", and I would appreciate your review.   It is online at <https://datatracker.ietf.org/doc/draft-mcgrew-aead-aes-cbc-hmac-sha2/?include_text=1>   The diff between the current and the previous version is available at <http://www.ietf.org/rfcdiff?url2=draft-mcgrew-aead-aes-cbc-hmac-sha2-01>

This draft has been proposed for use in the JOSE WG <http://datatracker.ietf.org/wg/jose/> , where its adoption would allow the working group to omit "raw" unauthenticated encryption, e.g. AES-CBC, and only include authenticated encryption.   Thus I am asking for your help in making

John Foley generated test cases that correspond to the current version of the draft, but I didn't include these in the draft because I did not yet get confirmation from a second independent implementation.   With hope, there will not be any need for any normative changes, and I will include these after I get confirmation.