Re: [CFRG] [Sframe] [Moq] FW: New Version Notification for draft-mattsson-cfrg-aes-gcm-sst-00.txt
Jonathan Lennox <jonathan.lennox@8x8.com> Mon, 08 May 2023 16:59 UTC
Return-Path: <jonathan.lennox@8x8.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 903E2C135DEC for <cfrg@ietfa.amsl.com>; Mon, 8 May 2023 09:59:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.096
X-Spam-Level:
X-Spam-Status: No, score=-2.096 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=8x8.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Cw4ovmyAp17N for <cfrg@ietfa.amsl.com>; Mon, 8 May 2023 09:59:03 -0700 (PDT)
Received: from mail-qt1-x833.google.com (mail-qt1-x833.google.com [IPv6:2607:f8b0:4864:20::833]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0904AC169501 for <cfrg@irtf.org>; Mon, 8 May 2023 09:59:02 -0700 (PDT)
Received: by mail-qt1-x833.google.com with SMTP id d75a77b69052e-3f389c21fe8so9047381cf.3 for <cfrg@irtf.org>; Mon, 08 May 2023 09:59:02 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=8x8.com; s=googlemail; t=1683565140; x=1686157140; h=to:references:message-id:content-transfer-encoding:cc:date :in-reply-to:from:subject:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=TSD01l74iWgCoMfqMTMukKJU7sIi5z7yAPEhYE266B8=; b=eOho7IrON3lPtBs3nJtZYBJvcS3M7DBqjI67F8SbdrlUNoKkXt/mYhZ8+sCMmyqFFk +dHt5oQf9xT8duTaRpMyZ51ktBQDQBhju2Kh8Xiovx/aem39t5y0tR951xO5P4aDJGS4 vIzErcSCXzZ/o3PEVYHjycc3rexpnPRZMUv5U=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1683565140; x=1686157140; h=to:references:message-id:content-transfer-encoding:cc:date :in-reply-to:from:subject:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=TSD01l74iWgCoMfqMTMukKJU7sIi5z7yAPEhYE266B8=; b=JENXFx62S+WSGMZ5fxAm2/EAu5p5htWhXN2RJAav7cJWwL4os6Jb7sVltzE6pdvSIa TBiRwyGQZyF/Xt4vAu739SQATkPMEkkncTzpngLyMd1WxDsRVXA+9UfSaL/3Sb6JOjg4 NUjwBlArF1kuDsT0r3iQU0Jn28/M6EDNcHiX3CX+0C5jY9EsFqj5GwCZVv6jhEJS2UqI WK/SEbbs8TTyXe/OtIhKPNa6giJ1AYUoQ1Uh6VwEkrqzyl8Xi+kpcOO0nXHgwyJr0UDA 0Q+Qlmn2We+BfkDJR5lve/mQWyID6Xp2sDoAXvGi824KRklCyaigjmzQotL+jWLPGaXa QZbQ==
X-Gm-Message-State: AC+VfDxt+ah8mwTLe8gR4qCBxCk1QgzA1KnnYRoFet2jg78EQViIZDpZ 3jSovQbapczdeDIi5YUb+ef9vA==
X-Google-Smtp-Source: ACHHUZ4HRwi7YF9CX4iFbQMCvWmj5mWsSQjZ/v1gqy3D3F7TpsnhuL9Oj2xRfCI5FGqwUGGA43IXag==
X-Received: by 2002:ac8:7c48:0:b0:3e8:c03c:4915 with SMTP id o8-20020ac87c48000000b003e8c03c4915mr18210532qtv.31.1683565139883; Mon, 08 May 2023 09:58:59 -0700 (PDT)
Received: from smtpclient.apple (collider.cs.columbia.edu. [128.59.13.23]) by smtp.gmail.com with ESMTPSA id d3-20020ac800c3000000b003e3918f350dsm3096600qtg.25.2023.05.08.09.58.59 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Mon, 08 May 2023 09:58:59 -0700 (PDT)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3696.120.41.1.2\))
From: Jonathan Lennox <jonathan.lennox@8x8.com>
In-Reply-To: <343a4bf1-7a57-0084-5280-1556c9da4c36@huitema.net>
Date: Mon, 08 May 2023 12:58:58 -0400
Cc: John Mattsson <john.mattsson=40ericsson.com@dmarc.ietf.org>, IRTF CFRG <cfrg@irtf.org>, "sframe@ietf.org" <sframe@ietf.org>, "moq@ietf.org" <moq@ietf.org>, IETF AVTCore WG <avt@ietf.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <46702AF0-9C38-4F8E-AD83-61F8B4F0F4DC@8x8.com>
References: <168329718302.50127.18120629996969657@ietfa.amsl.com> <GVXPR07MB96781F20D284D7C999F7BBA789729@GVXPR07MB9678.eurprd07.prod.outlook.com> <343a4bf1-7a57-0084-5280-1556c9da4c36@huitema.net>
To: Christian Huitema <huitema@huitema.net>
X-Mailer: Apple Mail (2.3696.120.41.1.2)
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/DRr55nmsYAGoTrsK1M83Iv4RGlY>
Subject: Re: [CFRG] [Sframe] [Moq] FW: New Version Notification for draft-mattsson-cfrg-aes-gcm-sst-00.txt
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Mon, 08 May 2023 16:59:06 -0000
This is interesting for SRTP as well, so I suggest adding the AVTCore mailing list. > On May 7, 2023, at 2:06 PM, Christian Huitema <huitema@huitema.net> wrote: > > John, > > You should probably send this to the QUIC list as well. Media over QUIC is just one application of QUIC. If the "short tags" can save per packet overhead while maintaining security properties, then they are interesting for many QUIC applications. > > -- Christian Huitema > > On 5/5/2023 7:45 AM, John Mattsson wrote: >> Hi, >> We just submitted draft-mattsson-cfrg-aes-gcm-sst-00. Advanced Encryption Standard (AES) with Galois Counter Mode with Secure Short Tags (AES-GCM-SST) is very similar to AES-GCM but have short tags with forgery probabilities close to ideal. The changes to AES-GCM were suggested by Nyberg et al. in 2005 as a comment to NIST and are based on proven theoretical constructions. >> AES-GCM performance with secure short tags have many applications, one of them is media encryption. Audio packets are small, numerous, and ephemeral, so on the one hand, they are very sensitive in percentage terms to crypto overhead, and on the other hand, forgery of individual packets is not a big concern. >> Cheers, >> John >> From: internet-drafts@ietf.org <internet-drafts@ietf.org> >> Date: Friday, 5 May 2023 at 16:33 >> To: John Mattsson <john.mattsson@ericsson.com>, Alexander Maximov <alexander.maximov@ericsson.com>, John Mattsson <john.mattsson@ericsson.com>, Matt Campagna <campagna@amazon.com>, Matthew Campagna <campagna@amazon.com> >> Subject: New Version Notification for draft-mattsson-cfrg-aes-gcm-sst-00.txt >> A new version of I-D, draft-mattsson-cfrg-aes-gcm-sst-00.txt >> has been successfully submitted by John Preuß Mattsson and posted to the >> IETF repository. >> Name: draft-mattsson-cfrg-aes-gcm-sst >> Revision: 00 >> Title: Galois Counter Mode with Secure Short Tags (GCM-SST) >> Document date: 2023-05-05 >> Group: Individual Submission >> Pages: 16 >> URL: https://www.ietf.org/archive/id/draft-mattsson-cfrg-aes-gcm-sst-00.txt >> Status: https://datatracker.ietf.org/doc/draft-mattsson-cfrg-aes-gcm-sst/ >> Html: https://www.ietf.org/archive/id/draft-mattsson-cfrg-aes-gcm-sst-00.html >> Htmlized: https://datatracker.ietf.org/doc/html/draft-mattsson-cfrg-aes-gcm-sst >> Abstract: >> This document defines the Galois Counter Mode with Secure Short Tags >> (GCM-SST) Authenticated Encryption with Associated Data (AEAD) >> algorithm. GCM-SST can be used with any keystream generator, not >> just a block cipher. The main differences compared to GCM [GCM] is >> that GCM-SST uses an additional subkey Q, that fresh subkeys H and Q >> are derived for each nonce, and that the POLYVAL function from AES- >> GCM-SIV is used instead of GHASH. This enables short tags with >> forgery probabilities close to ideal. This document also registers >> several instances of Advanced Encryption Standard (AES) with Galois >> Counter Mode with Secure Short Tags (AES-GCM-SST). >> This document is the product of the Crypto Forum Research Group. >> The IETF Secretariat > > -- > Sframe mailing list > Sframe@ietf.org > https://www.ietf.org/mailman/listinfo/sframe
- [CFRG] FW: New Version Notification for draft-mat… John Mattsson
- Re: [CFRG] [Sframe] FW: New Version Notification … Richard Barnes
- Re: [CFRG] [Sframe] FW: New Version Notification … John Mattsson
- Re: [CFRG] [Moq] FW: New Version Notification for… Christian Huitema
- Re: [CFRG] [Sframe] [Moq] FW: New Version Notific… Jonathan Lennox
- Re: [CFRG] [EXT] Re: [Sframe] [Moq] FW: New Versi… Blumenthal, Uri - 0553 - MITLL
- Re: [CFRG] [AVTCORE] [Sframe] [Moq] FW: New Versi… Roman Shpount
- Re: [CFRG] [AVTCORE] [Sframe] [Moq] FW: New Versi… John Mattsson