Re: [Cfrg] draft-housley-ccm-mode-00.txt
"Housley, Russ" <rhousley@rsasecurity.com> Thu, 15 August 2002 20:16 UTC
Received: from optimus.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id QAA14727 for <cfrg-archive@odin.ietf.org>; Thu, 15 Aug 2002 16:16:08 -0400 (EDT)
Received: (from daemon@localhost) by optimus.ietf.org (8.9.1a/8.9.1) id QAA03380 for cfrg-archive@odin.ietf.org; Thu, 15 Aug 2002 16:17:28 -0400 (EDT)
Received: from optimus.ietf.org (localhost [127.0.0.1]) by optimus.ietf.org (8.9.1a/8.9.1) with ESMTP id QAA03194; Thu, 15 Aug 2002 16:13:57 -0400 (EDT)
Received: from ietf.org (odin [132.151.1.176]) by optimus.ietf.org (8.9.1a/8.9.1) with ESMTP id QAA03168 for <cfrg@optimus.ietf.org>; Thu, 15 Aug 2002 16:13:56 -0400 (EDT)
Received: from vulcan.rsasecurity.com (mail.rsasecurity.com [204.167.114.123]) by ietf.org (8.9.1a/8.9.1a) with SMTP id QAA14628 for <cfrg@ietf.org>; Thu, 15 Aug 2002 16:12:35 -0400 (EDT)
Received: from no.name.available by vulcan.rsasecurity.com via smtpd (for odin.ietf.org [132.151.1.176]) with SMTP; 15 Aug 2002 20:13:55 UT
Received: from ebola.securitydynamics.com (ebola.securid.com [192.80.211.4]) by sdtihq24.securid.com (Pro-8.9.3/Pro-8.9.3) with ESMTP id QAA19390 for <cfrg@ietf.org>; Thu, 15 Aug 2002 16:13:24 -0400 (EDT)
Received: from exna00.securitydynamics.com (localhost [127.0.0.1]) by ebola.securitydynamics.com (8.10.2+Sun/8.10.2) with ESMTP id g7FKBCm16559 for <cfrg@ietf.org>; Thu, 15 Aug 2002 16:11:12 -0400 (EDT)
Received: by exna00.securitydynamics.com with Internet Mail Service (5.5.2653.19) id <3TPV2FNY>; Thu, 15 Aug 2002 16:13:22 -0400
Received: from HOUSLEY-LAP.rsasecurity.com (HOUSLEY-LAP [10.3.9.2]) by exna00.securitydynamics.com with SMTP (Microsoft Exchange Internet Mail Service Version 5.5.2653.13) id 3TPV2FN4; Thu, 15 Aug 2002 16:13:18 -0400
From: "Housley, Russ" <rhousley@rsasecurity.com>
To: Greg Rose <ggr@qualcomm.com>
Cc: cfrg@ietf.org
Message-Id: <5.1.0.14.2.20020815155506.032e8e40@exna07.securitydynamics.com>
X-Sender: rhousley@exna07.securitydynamics.com
X-Mailer: QUALCOMM Windows Eudora Version 5.1
Date: Thu, 15 Aug 2002 15:59:34 -0400
Subject: Re: [Cfrg] draft-housley-ccm-mode-00.txt
In-Reply-To: <5.1.0.14.2.20020816035038.04656310@203.30.171.11>
References: <5.1.0.14.2.20020815104520.03521ac8@exna07.securitydynamics .com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Sender: cfrg-admin@ietf.org
Errors-To: cfrg-admin@ietf.org
X-Mailman-Version: 1.0
Precedence: bulk
List-Id: Crypto Forum Research Group <cfrg.ietf.org>
X-BeenThere: cfrg@ietf.org
Greg: I understand the conventional wisdom that you are offering. However, authenticated encryption (using a single key) has been an area of recent research. IAPM, OCB, and CCM are approaches. Jakob Jonsson from RSA Labs has done a security proof of CCM. While the proceedings are not out yet, his paper was accepted at SAC. The peer reviewer did not find any problems, and I look forward to the broader review once the paper is readily available. Russ At 03:52 AM 8/16/2002 +1000, Greg Rose wrote: >Doing the authentication and the encryption with the same key is bad >practice. You should take the input key, and derive from it two >subordinate keys, which are independent of each other as far as an outside >attacker can tell, then use one of them for the counter mode encryption, >the other for the CBC-MAC. > >regards, >Greg. > >At 10:55 AM 8/15/2002 -0400, Housley, Russ wrote: >>Dear CFRG: >> >>I would like to draw your attention to this document. It contains a >>specification for an authenticated encryption mode. It was designed fro >>use with AES, but, of course, it will work with any 128-bit block cipher. >> >>The authors have submitted it to NIST for consideration as a FIPS >>mode. You can learn more about CCM and the other proposed modes at the >>NIST web site ( see http://csrc.nist.gov/encryption/modes/proposedmodes/ ). >> >>IEEE 802.11 has chosen to make CCM the mandatory to implement AES mode >>for wireless LAN encryption. IEEE 802.15 has also chosen CCM for use with >>personal area networks. In my opinion, this success is due to the lack >>of a patent (or pending patent from the authors) on CCM. I suspect that >>most of the members of this list are aware that other candidate >>authenticated encryption modes are encumbered. >> >>It is my intention to publish draft-housley-ccm-mode-00.txt as an >>Informational RFC. This looks like the appropriate group to review the >>document. >> >>Russ >> >>_______________________________________________ >>Cfrg mailing list >>Cfrg@ietf.org >>https://www1.ietf.org/mailman/listinfo/cfrg > > >Greg Rose INTERNET: ggr@qualcomm.com >Qualcomm Australia VOICE: +61-2-9817 4188 FAX: +61-2-9817 5199 >Level 3, 230 Victoria Road, http://people.qualcomm.com/ggr/ >Gladesville NSW 2111 232B EC8F 44C6 C853 D68F E107 E6BF CD2F 1081 A37C _______________________________________________ Cfrg mailing list Cfrg@ietf.org https://www1.ietf.org/mailman/listinfo/cfrg
- [Cfrg] draft-housley-ccm-mode-00.txt Housley, Russ
- Re: [Cfrg] draft-housley-ccm-mode-00.txt Greg Rose
- Re: [Cfrg] draft-housley-ccm-mode-00.txt David Wagner
- Re: [Cfrg] draft-housley-ccm-mode-00.txt Housley, Russ
- Re: [Cfrg] draft-housley-ccm-mode-00.txt Greg Rose
- Re: [Cfrg] draft-housley-ccm-mode-00.txt Peter Gutmann
- Re: [Cfrg] draft-housley-ccm-mode-00.txt Peter Gutmann
- Re: [Cfrg] draft-housley-ccm-mode-00.txt David Wagner
- Re: [Cfrg] draft-housley-ccm-mode-00.txt Housley, Russ
- RE: [Cfrg] draft-housley-ccm-mode-00.txt David A. Mcgrew
- Re: [Cfrg] draft-housley-ccm-mode-00.txt Gé Weijers
- Re: [Cfrg] draft-housley-ccm-mode-00.txt David Wagner
- Re: [Cfrg] draft-housley-ccm-mode-00.txt Gé Weijers
- Re: [Cfrg] draft-housley-ccm-mode-00.txt Uri Blumenthal
- Re: [Cfrg] draft-housley-ccm-mode-00.txt Housley, Russ
- Re: [Cfrg] draft-housley-ccm-mode-00.txt Peter Gutmann
- Re: [Cfrg] draft-housley-ccm-mode-00.txt Carl Ellison
- [Cfrg] Re: draft-housley-ccm-mode-00.txt Housley, Russ