Re: [Cfrg] Encrypt in place guidance

Henry B Hotz <hbhotz@oxy.edu> Tue, 31 March 2020 18:55 UTC

Return-Path: <hbhotz@oxy.edu>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0822E3A26E3 for <cfrg@ietfa.amsl.com>; Tue, 31 Mar 2020 11:55:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.974
X-Spam-Level:
X-Spam-Status: No, score=0.974 tagged_above=-999 required=5 tests=[SPF_HELO_NONE=0.001, SPF_SOFTFAIL=0.972, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8eMc5jkxczpg for <cfrg@ietfa.amsl.com>; Tue, 31 Mar 2020 11:55:43 -0700 (PDT)
Received: from mailout.easymail.ca (mailout.easymail.ca [64.68.200.34]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7B2123A26DF for <cfrg@ietf.org>; Tue, 31 Mar 2020 11:55:43 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mailout.easymail.ca (Postfix) with ESMTP id A81CBBF9C5; Tue, 31 Mar 2020 18:55:42 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at emo04-pco.easydns.vpn
Received: from mailout.easymail.ca ([127.0.0.1]) by localhost (emo04-pco.easydns.vpn [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JpgZSZCbHJu5; Tue, 31 Mar 2020 18:55:42 +0000 (UTC)
Received: from [192.168.3.179] (66-215-86-135.dhcp.psdn.ca.charter.com [66.215.86.135]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mailout.easymail.ca (Postfix) with ESMTPSA id 6F1ADBF972; Tue, 31 Mar 2020 18:55:39 +0000 (UTC)
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
Mime-Version: 1.0 (1.0)
From: Henry B Hotz <hbhotz@oxy.edu>
In-Reply-To: <83571efb-a32f-6a59-a496-de56716f07da@htt-consult.com>
Date: Tue, 31 Mar 2020 11:55:37 -0700
Cc: cfrg@ietf.org
Message-Id: <A282938F-F720-4434-A014-F99C47205EE4@oxy.edu>
References: <83571efb-a32f-6a59-a496-de56716f07da@htt-consult.com>
To: Robert Moskowitz <rgm-sec@htt-consult.com>
X-Mailer: iPhone Mail (17C54)
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/M48GER01Y1tjTCO45y90l4_hUos>
Subject: Re: [Cfrg] Encrypt in place guidance
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Tue, 31 Mar 2020 18:55:45 -0000

What about format preserving encryption?

Personal email. hbhotz@oxy.edu

> On Mar 31, 2020, at 11:30 AM, Robert Moskowitz <rgm-sec@htt-consult.com> wrote:
> 
> The problem is in the Unmanned Aircraft broadcast messages (see DRIP work).
> 
> In the System Message defined in ASTM F3411-19 there are 8 bytes of sensitive Operator Information that I want to encrypt.  I can get a shared secret via the PK mechanism in ECIES.
> 
> The challenge is in encrypting, then decrypting these 8 bytes.
> 
> There is no room for expansion in the message.  All we have are these 8 bytes.
> 
> There is nothing unique in each System Message to use an an IV. There are 7 bytes of mission information and 1 byte of flags that are constant for a given mission (but may be the same in a later mission).
> 
> There are 8 reserved bytes, but I feel they left out 4 bytes of important Operator Information (thus making 12 bytes to encrypt). So no grabbing those reserved bytes.
> 
> Since this information is of limited value for some period after the completion of the mission, I was considering just using AES-ECB.
> 
> Opps.   I need 16 bytes for the output of AES-ECB.  Or at least that is my reading of the ECB mode.
> 
> So I am seeking guidance here on what cipher to use in this particular situation.
> 
> Thank you.
> 
> 
> _______________________________________________
> Cfrg mailing list
> Cfrg@irtf.org
> https://www.irtf.org/mailman/listinfo/cfrg