[CFRG] Re: We would like to have your feedback!
Bas Westerbaan <bas@cloudflare.com> Fri, 27 September 2024 19:29 UTC
Return-Path: <bas@cloudflare.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C02FAC1D5C77 for <cfrg@ietfa.amsl.com>; Fri, 27 Sep 2024 12:29:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.105
X-Spam-Level:
X-Spam-Status: No, score=-7.105 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=cloudflare.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ug9vIfB06fxl for <cfrg@ietfa.amsl.com>; Fri, 27 Sep 2024 12:29:31 -0700 (PDT)
Received: from mail-yb1-xb36.google.com (mail-yb1-xb36.google.com [IPv6:2607:f8b0:4864:20::b36]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 730FDC1D4A8F for <cfrg@irtf.org>; Fri, 27 Sep 2024 12:29:31 -0700 (PDT)
Received: by mail-yb1-xb36.google.com with SMTP id 3f1490d57ef6-e260b747fdcso618574276.3 for <cfrg@irtf.org>; Fri, 27 Sep 2024 12:29:31 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cloudflare.com; s=google09082023; t=1727465370; x=1728070170; darn=irtf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=T/Lwbxd1xRhsjDfxw67uSHaSoqj2GPduTafw0jMyQ+c=; b=a+MzXP/yh1LVdkZmI4X4iU8fartHyVDj06IxOPx17p8FCv32AJDXLeb0eB4sJWhl08 /emXFGNAQEsIjvuj487KCAG0Y0MNXQX2uVhuwi7MSWnxeOXHuKhPPC0TXVEuL/q2MwmD 9BMSAdKFWtCGYhwOdzowBV8GLXOi53z19+crJ0uSdNH7xpM6o7E1B2Bobt7QtG/tcj2G HD+YHUN2uNO/KBsMhc+3dSouMIf7fwI7JVpRrRmwKyVZ1PUbDIqW7Vs3qtJncVLJIciU XVZcmxALs+xyDbc4N3vCkq5CQUEn3j52sNmO1EdmtwPNUtJ8gK163/+osgh8daCHDgOT ePyA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1727465370; x=1728070170; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=T/Lwbxd1xRhsjDfxw67uSHaSoqj2GPduTafw0jMyQ+c=; b=JmIFoUk76f5FPasw6ybhYaITdA6dkO4zaXk5Fvv45TzKfUY+CQnJfksutMvr6YgYqZ xq+FTCxeYP/Xk0v5VDEwAX7Xo5E7+2cXlLb7LCEm8Wc1Xj19vEfGHOSj1NrN3gaCOIub a7z6suKRU++wiwJR0B1o7cX5jEEgls7czbNkVNSeFpPn1XXd3w4q0PKW+djXxbFz3QHa C8WjUa8LYJ2zvuZzMBw2XvrZIa83yeFucluOEjU43FHXWv+rHndx8xzYSiQ4WQnLYVL2 XCNU91/2b6ROYYKG/NfaImf5nak3w8RqPlFQMtzrbuWGSPi4g9iIhSxvJ9f7ZIQ1J/bU ToYg==
X-Forwarded-Encrypted: i=1; AJvYcCX0HdSwUZ7xroJt9RO1Ib7mE/z8kaUCa4klXqBAIdOg1KLqqFg2OMWYVs7yywSZ0EMLF4S2@irtf.org
X-Gm-Message-State: AOJu0YxijpBDTPCHXI4lH3IXOk/g2cbv89ZX8rnS2L9I1nZM2QuwODAY WJvoBp0cmJdW4k/BdRLGj2esWd9+ouZxFK+C1s60eeKuUre/aNICbJ9qRn5zUGF3ZAnAI+5TmTD AO9EtjT1UIB0POTndb/0MbEuXde0KCTUH8maa8g==
X-Google-Smtp-Source: AGHT+IFiIUso+W4Mxg9EmzfV+VALR1hKhTzUouxS+2HOpD62Ph8JhVWJvLyP04YV3TOKV/ZiGBjWM6GwXxtUr8QzyJ8=
X-Received: by 2002:a05:6902:2186:b0:e20:29b1:b786 with SMTP id 3f1490d57ef6-e2604b6db08mr3309368276.15.1727465370508; Fri, 27 Sep 2024 12:29:30 -0700 (PDT)
MIME-Version: 1.0
References: <MW4PR09MB100597E3E1B42E76E553779D0F39F2@MW4PR09MB10059.namprd09.prod.outlook.com>
In-Reply-To: <MW4PR09MB100597E3E1B42E76E553779D0F39F2@MW4PR09MB10059.namprd09.prod.outlook.com>
From: Bas Westerbaan <bas@cloudflare.com>
Date: Fri, 27 Sep 2024 21:29:19 +0200
Message-ID: <CAMjbhoVSTPvuitvx_ubGPWE_o3xC5Z9y6mNmHpZZJojeP88zMg@mail.gmail.com>
To: "Dang, Quynh H. (Fed)" <quynh.dang=40nist.gov@dmarc.ietf.org>
Content-Type: multipart/alternative; boundary="000000000000c5893f06231edf28"
Message-ID-Hash: BYHKGHDRJGM7CVD5K65KW4HOWJL27NTK
X-Message-ID-Hash: BYHKGHDRJGM7CVD5K65KW4HOWJL27NTK
X-MailFrom: bas@cloudflare.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-cfrg.irtf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: "saag@ietf.org" <saag@ietf.org>, "cfrg@irtf.org" <cfrg@irtf.org>
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [CFRG] Re: We would like to have your feedback!
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/8DVJOsoeEZYg8ua-CivGcLTr3-s>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Owner: <mailto:cfrg-owner@irtf.org>
List-Post: <mailto:cfrg@irtf.org>
List-Subscribe: <mailto:cfrg-join@irtf.org>
List-Unsubscribe: <mailto:cfrg-leave@irtf.org>
Thanks for the heads up, Quynh. We sent the following comments. Cloudflare appreciates the opportunity to comment on NIST’s proposal to update SP 800-185. NIST is considering whether to specify and approve one or more SHA-3 derived functions for AEAD. Currently approved encryption methods such as AES-GCM are challenging and error-prone to deploy, primarily because of strict limits of encryption when using random nonces. An approved AEAD that can be used safely with random nonces would be of great benefit to us. We do not have a preference whether this AEAD should be based on SHA-3 or AES. If it would be based on SHA3, we suggest NIST uses the 12-round permutation, put forward by the Keccak team in 2016 and reconfirmed [1] in 2022. We agree with NIST’s proposal to add a streaming XOF specification. This matches many modern use cases of XOFs. [1] https://groups.google.com/a/list.nist.gov/g/pqc-forum/c/t95kZqnbS4Q/m/E8VGP0juAwAJ On Sat, Sep 7, 2024 at 12:02 PM Dang, Quynh H. (Fed) <quynh.dang= 40nist.gov@dmarc.ietf.org> wrote: > Hi SAAG and CFRG, > > > > NIST is considering whether to specify and approve one or more SHA-3 > derived functions for authenticated encryption with associated data in a > new, separate Special Publication. The announcement is here : > https://csrc.nist.gov/News/2024/proposal-to-update-fips-202-and-revise-sp-800-185 > . > > > > We would like to have your comments/suggestions by October 7, 2024. They > should be sent to cryptopubreviewboard@nist.gov with "Comments on FIPS > 202 Decision Proposal" or “Comments on SP 800-185 Decision Proposal” in the > subject line. > > > > More information is available on the website above. > > > > Regards, > > Quynh. > _______________________________________________ > CFRG mailing list -- cfrg@irtf.org > To unsubscribe send an email to cfrg-leave@irtf.org >
- [CFRG] We would like to have your feedback! Dang, Quynh H. (Fed)
- [CFRG] Re: We would like to have your feedback! John Mattsson
- [CFRG] Re: We would like to have your feedback! Bas Westerbaan
- [CFRG] Re: We would like to have your feedback! Tushar Patel