[Cfrg] Re: Comments on SIV and draft-dharkins-siv-aes-00
"Dan Harkins" <dharkins@lounge.org> Mon, 22 October 2007 05:07 UTC
Return-path: <cfrg-bounces@ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1IjpVV-0005rt-KC; Mon, 22 Oct 2007 01:07:17 -0400
Received: from [10.90.34.44] (helo=chiedprmail1.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1IjpVU-0005pY-2e for cfrg@ietf.org; Mon, 22 Oct 2007 01:07:16 -0400
Received: from colo.trepanning.net ([69.55.226.174] helo=mail1.trepanning.net) by chiedprmail1.ietf.org with esmtp (Exim 4.43) id 1IjpVT-0006gR-Mv for cfrg@ietf.org; Mon, 22 Oct 2007 01:07:15 -0400
Received: from www.trepanning.net (localhost [127.0.0.1]) by mail1.trepanning.net (Postfix) with ESMTP id DE9001FA6120; Sun, 21 Oct 2007 22:07:14 -0700 (PDT)
Received: from 69.12.173.8 (SquirrelMail authenticated user dharkins@lounge.org) by www.trepanning.net with HTTP; Sun, 21 Oct 2007 22:07:14 -0700 (PDT)
Message-ID: <38964.69.12.173.8.1193029634.squirrel@www.trepanning.net>
In-Reply-To: <C33D1301.1904%mcgrew@cisco.com>
References: <C33D1301.1904%mcgrew@cisco.com>
Date: Sun, 21 Oct 2007 22:07:14 -0700
From: Dan Harkins <dharkins@lounge.org>
To: mcgrew <mcgrew@cisco.com>
User-Agent: SquirrelMail/1.4.8
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
X-Priority: 3 (Normal)
Importance: Normal
Content-Transfer-Encoding: quoted-printable
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 52e1467c2184c31006318542db5614d5
Cc: cfrg@ietf.org
Subject: [Cfrg] Re: Comments on SIV and draft-dharkins-siv-aes-00
X-BeenThere: cfrg@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:cfrg@ietf.org>
List-Help: <mailto:cfrg-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@ietf.org?subject=subscribe>
Errors-To: cfrg-bounces@ietf.org
Hi David, I think my response to your key derivation comment was wrong. On Thu, October 18, 2007 1:41 pm, mcgrew wrote: [snip] > For the key derivation application (Section 1.3.3), what would the SIV > plaintext input be equal to? Would it be omitted? > > Also, I would guess that SIV-based key derivation would only be > appropriate > for deriving keys from a given key, and that it may not be suitable for > use > in deriving keys from data that is unpredictable but not uniformly random, > as is used e.g. in Diffie-Hellman. At least, I believe that this is > outside > of the scope of what is claimed in the security analysis, and it would > make > sense to document that (after verifying with Phil and Tom). As I mentioned, there is no plaintext since it S2V that's doing the key derivation but I let that cause me to misinterpret your subsequent comment. S2V requires a key and if that key is not uniformly random I do believe that it would be inappropriate to use. I'll verify with Phil and Tom and most likely come up with some text to address this. Sorry for the brush off. I read one comment and let that cloud my response to another. Dan. _______________________________________________ Cfrg mailing list Cfrg@ietf.org https://www1.ietf.org/mailman/listinfo/cfrg
- [Cfrg] Comments on SIV and draft-dharkins-siv-aes… mcgrew
- [Cfrg] Re: Comments on SIV and draft-dharkins-siv… Dan Harkins
- [Cfrg] Re: Comments on SIV and draft-dharkins-siv… Dan Harkins
- [Cfrg] Re: Comments on SIV and draft-dharkins-siv… mcgrew
- [Cfrg] Re: Comments on SIV and draft-dharkins-siv… mcgrew
- [Cfrg] Re: Comments on SIV and draft-dharkins-siv… Dan Harkins