Re: [Cfrg] draft-housley-ccm-mode-00.txt

Greg Rose <ggr@qualcomm.com> Thu, 15 August 2002 17:52 UTC

Received: from optimus.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id NAA07083 for <cfrg-archive@odin.ietf.org>; Thu, 15 Aug 2002 13:52:28 -0400 (EDT)
Received: (from daemon@localhost) by optimus.ietf.org (8.9.1a/8.9.1) id NAA20959 for cfrg-archive@odin.ietf.org; Thu, 15 Aug 2002 13:53:49 -0400 (EDT)
Received: from optimus.ietf.org (localhost [127.0.0.1]) by optimus.ietf.org (8.9.1a/8.9.1) with ESMTP id NAA20844; Thu, 15 Aug 2002 13:52:59 -0400 (EDT)
Received: from ietf.org (odin [132.151.1.176]) by optimus.ietf.org (8.9.1a/8.9.1) with ESMTP id NAA20821 for <cfrg@optimus.ietf.org>; Thu, 15 Aug 2002 13:52:58 -0400 (EDT)
Received: from numenor.qualcomm.com (numenor.qualcomm.com [129.46.51.58]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id NAA07039 for <cfrg@ietf.org>; Thu, 15 Aug 2002 13:51:37 -0400 (EDT)
Received: from servo.qualcomm.com (servo.qualcomm.com [129.46.76.82]) by numenor.qualcomm.com (8.12.3/8.12.3/1.0) with ESMTP id g7FHqtN6011380 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NO); Thu, 15 Aug 2002 10:52:55 -0700 (PDT)
Received: from GROSE.qualcomm.com (grose.qualcomm.com [129.46.77.236]) by servo.qualcomm.com (8.12.1/8.12.3/1.0) with ESMTP id g7FHqrsR002468; Thu, 15 Aug 2002 10:52:53 -0700 (PDT)
Message-Id: <5.1.0.14.2.20020816035038.04656310@203.30.171.11>
X-Sender: ggr2@203.30.171.11
X-Mailer: QUALCOMM Windows Eudora Version 5.1
Date: Fri, 16 Aug 2002 03:52:53 +1000
To: "Housley, Russ" <rhousley@rsasecurity.com>
From: Greg Rose <ggr@qualcomm.com>
Subject: Re: [Cfrg] draft-housley-ccm-mode-00.txt
Cc: cfrg@ietf.org
In-Reply-To: <5.1.0.14.2.20020815104520.03521ac8@exna07.securitydynamics .com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format=flowed
Sender: cfrg-admin@ietf.org
Errors-To: cfrg-admin@ietf.org
X-Mailman-Version: 1.0
Precedence: bulk
List-Id: Crypto Forum Research Group <cfrg.ietf.org>
X-BeenThere: cfrg@ietf.org

Doing the authentication and the encryption with the same key is bad 
practice. You should take the input key, and derive from it two subordinate 
keys, which are independent of each other as far as an outside attacker can 
tell, then use one of them for the counter mode encryption, the other for 
the CBC-MAC.

regards,
Greg.

At 10:55 AM 8/15/2002 -0400, Housley, Russ wrote:
>Dear CFRG:
>
>I would like to draw your attention to this document.  It contains a 
>specification for an authenticated encryption mode.  It was designed fro 
>use with AES, but, of course, it will work with any 128-bit block cipher.
>
>The authors have submitted it to NIST for consideration as a FIPS 
>mode.  You can learn more about CCM and the other proposed modes at the 
>NIST web site ( see http://csrc.nist.gov/encryption/modes/proposedmodes/ ).
>
>IEEE 802.11 has chosen to make CCM the mandatory to implement AES mode for 
>wireless LAN encryption. IEEE 802.15 has also chosen CCM for use with 
>personal area networks.  In my opinion, this success is due to the lack of 
>a patent (or pending patent from the authors) on CCM.  I suspect that most 
>of the members of this list are aware that other candidate authenticated 
>encryption modes are encumbered.
>
>It is my intention to publish draft-housley-ccm-mode-00.txt as an 
>Informational RFC.  This looks like the appropriate group to review the 
>document.
>
>Russ
>
>_______________________________________________
>Cfrg mailing list
>Cfrg@ietf.org
>https://www1.ietf.org/mailman/listinfo/cfrg
>


Greg Rose                                       INTERNET: ggr@qualcomm.com
Qualcomm Australia          VOICE:  +61-2-9817 4188   FAX: +61-2-9817 5199
Level 3, 230 Victoria Road,                http://people.qualcomm.com/ggr/
Gladesville NSW 2111    232B EC8F 44C6 C853 D68F  E107 E6BF CD2F 1081 A37C


_______________________________________________
Cfrg mailing list
Cfrg@ietf.org
https://www1.ietf.org/mailman/listinfo/cfrg