RE: [saag] [Cfrg] Re: TCP-AO MAC algorithms
Sean Shuo Shen <sshen@huawei.com> Mon, 07 January 2008 12:44 UTC
Return-path: <cfrg-bounces@ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1JBrL6-0002gV-4h; Mon, 07 Jan 2008 07:44:24 -0500
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1JBrL4-0002gQ-R3 for cfrg@ietf.org; Mon, 07 Jan 2008 07:44:22 -0500
Received: from szxga03-in.huawei.com ([61.144.161.55]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1JBrL2-0005L1-6j for cfrg@ietf.org; Mon, 07 Jan 2008 07:44:22 -0500
Received: from huawei.com (szxga03-in [172.24.2.9]) by szxga03-in.huawei.com (iPlanet Messaging Server 5.2 HotFix 2.14 (built Aug 8 2006)) with ESMTP id <0JU9000EWY0JS7@szxga03-in.huawei.com> for cfrg@ietf.org; Mon, 07 Jan 2008 20:43:31 +0800 (CST)
Received: from huawei.com ([172.24.1.24]) by szxga03-in.huawei.com (iPlanet Messaging Server 5.2 HotFix 2.14 (built Aug 8 2006)) with ESMTP id <0JU90049MY0JHZ@szxga03-in.huawei.com> for cfrg@ietf.org; Mon, 07 Jan 2008 20:43:31 +0800 (CST)
Received: from s102542 ([10.111.12.53]) by szxml04-in.huawei.com (iPlanet Messaging Server 5.2 HotFix 2.14 (built Aug 8 2006)) with ESMTPA id <0JU900CRIY0F0H@szxml04-in.huawei.com> for cfrg@ietf.org; Mon, 07 Jan 2008 20:43:31 +0800 (CST)
Date: Mon, 07 Jan 2008 20:43:27 +0800
From: Sean Shuo Shen <sshen@huawei.com>
Subject: RE: [saag] [Cfrg] Re: TCP-AO MAC algorithms
In-reply-to: <477FB4E6.4030507@isi.edu>
To: 'Joe Touch' <touch@ISI.EDU>
Message-id: <000601c8512a$e6785060$350c6f0a@china.huawei.com>
MIME-version: 1.0
X-MIMEOLE: Produced By Microsoft MimeOLE V6.00.2900.3198
X-Mailer: Microsoft Office Outlook 11
Content-type: text/plain; charset="us-ascii"
Content-transfer-encoding: 7bit
Thread-index: AchPuuoXYxsXIcERShWEt2RG5G0EgABZi98g
X-Spam-Score: 0.0 (/)
X-Scan-Signature: ea4ac80f790299f943f0a53be7e1a21a
Cc: saag@mit.edu, cfrg@ietf.org
X-BeenThere: cfrg@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:cfrg@ietf.org>
List-Help: <mailto:cfrg-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@ietf.org?subject=subscribe>
Errors-To: cfrg-bounces@ietf.org
Hi Joe, >Please indicate the proof for this. First, it requires that the rest of >the system enforce the "no reuse of keys during seqno rollover"; second, >it requires that TCP implementations not allow the socket data to change >between initial transmission and retransmission. First, I remember somewhere it is said that the MAC key should be renewed when sequence number rollover, in your first email you also mentioned that "This is why we probably need to explicitly require that the connection key change whenever the sequence number rolls over (through the ISN)." I believe you are giving a reasonable and achievable requirement (hash key renewing during rollover). If hash key renewing during rollover is doable, nonce key renewing during rollover is also doable and it's not an extra requirement. The way to renew keys is out of the scope of our discussion. I don't think we have to give a key management scheme before talking about MAC algorithms. Second, maybe there is a misunderstanding here. What I mean is: the nonce generation algorithm can guarantee that nonce is different when the MAC protected data are different (because some mac algorithms require different nonce when hashing different messages). If the MAC protected data (I assume this is what you mean by "socket data") are same between transmission and retransmission, it is totally fine for nonce to be same. So I did not require that TCP implementations not allow the socket data to change between initial transmission and retransmission. Regards Sean _______________________________________________ Cfrg mailing list Cfrg@ietf.org https://www1.ietf.org/mailman/listinfo/cfrg
- [Cfrg] Re: [saag] TCP-AO MAC algorithms mcgrew
- RE: [Cfrg] Re: [saag] TCP-AO MAC algorithms Sean Shuo Shen
- RE: [saag] [Cfrg] Re: TCP-AO MAC algorithms Sean Shuo Shen
- RE: [saag] [Cfrg] Re: TCP-AO MAC algorithms Sean Shuo Shen
- Re: [Cfrg] Re: [saag] TCP-AO MAC algorithms mcgrew
- Re: [saag] [Cfrg] Re: TCP-AO MAC algorithms Stephen Kent
- RE: [Cfrg] Re: [saag] TCP-AO MAC algorithms Sean Shuo Shen
- RE: [saag] [Cfrg] Re: TCP-AO MAC algorithms Sean Shuo Shen
- RE: [saag] [Cfrg] Re: TCP-AO MAC algorithms Sean Shuo Shen
- Re: [saag] [Cfrg] Re: TCP-AO MAC algorithms Steven M. Bellovin
- RE: [saag] [Cfrg] Re: TCP-AO MAC algorithms Sean Shuo Shen
- Re: [saag] [Cfrg] Re: TCP-AO MAC algorithms Steven M. Bellovin
- RE: [saag] [Cfrg] Re: TCP-AO MAC algorithms Sean Shuo Shen
- RE: [saag] [Cfrg] Re: TCP-AO MAC algorithms Stephen Kent
- RE: [saag] [Cfrg] Re: TCP-AO MAC algorithms Sean Shuo Shen
- RE: [saag] [Cfrg] Re: TCP-AO MAC algorithms Sean Shuo Shen
- RE: [saag] [Cfrg] Re: TCP-AO MAC algorithms Sean Shuo Shen
- RE: [saag] [Cfrg] Re: TCP-AO MAC algorithms Sean Shuo Shen