IETF Logo Mail Archive

Re: [saag] [Cfrg] Re: TCP-AO MAC algorithms

"Steven M. Bellovin" <smb@cs.columbia.edu> Fri, 04 January 2008 03:05 UTC

Return-path: <cfrg-bounces@ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1JAcrw-0000Xi-Sh; Thu, 03 Jan 2008 22:05:12 -0500
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1JAcrv-0000Xb-Ir for cfrg@ietf.org; Thu, 03 Jan 2008 22:05:11 -0500
Received: from machshav.com ([198.180.150.44]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1JAcrv-0005h9-6A for cfrg@ietf.org; Thu, 03 Jan 2008 22:05:11 -0500
Received: by machshav.com (Postfix, from userid 512) id B609C183; Fri, 4 Jan 2008 03:05:10 +0000 (GMT)
Received: from berkshire.machshav.com (localhost [127.0.0.1]) by machshav.com (Postfix) with ESMTP id 4E493160; Fri, 4 Jan 2008 03:05:09 +0000 (GMT)
Received: from cs.columbia.edu (localhost [127.0.0.1]) by berkshire.machshav.com (Postfix) with ESMTP id 27C4276618B; Thu, 3 Jan 2008 22:05:08 -0500 (EST)
Date: Fri, 04 Jan 2008 03:05:07 +0000
From: "Steven M. Bellovin" <smb@cs.columbia.edu>
To: Sean Shuo Shen <sshen@huawei.com>
Subject: Re: [saag] [Cfrg] Re: TCP-AO MAC algorithms
Message-ID: <20080104030507.7297e280@cs.columbia.edu>
In-Reply-To: <002301c84e75$a9354580$350c6f0a@china.huawei.com>
References: <p06240515c3a15fd25b8f@[192.168.0.101]> <002301c84e75$a9354580$350c6f0a@china.huawei.com>
Organization: Columbia University
X-Mailer: Claws Mail 3.2.0 (GTK+ 2.12.0; i386--netbsdelf)
Mime-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"
Content-Transfer-Encoding: 7bit
X-Spam-Score: -4.0 (----)
X-Scan-Signature: 4adaf050708fb13be3316a9eee889caa
Cc: saag@mit.edu, cfrg@ietf.org, 'Stephen Kent' <kent@bbn.com>
X-BeenThere: cfrg@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:cfrg@ietf.org>
List-Help: <mailto:cfrg-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@ietf.org?subject=subscribe>
Errors-To: cfrg-bounces@ietf.org

On Fri, 04 Jan 2008 10:01:03 +0800
Sean Shuo Shen <sshen@huawei.com> wrote:

> Hi Stephen,
> Can you talk more details about the FIPS evaluation problem?
> 
The issue is what the assurance boundary is.  If the TCP sequence
number is cryptographically significant, the entire process by which
it's set (including original generation and anything else in the stack
or kernel that could touch it) has to be part of the evaluation, too.

It is, I think, less of an issue for TCP-AO, since I suspect that
that's not very likely to be done by a dedicated hardware module.
Still, as a matter of design principle one should keep
security-critical matters separate.

> 
> -----Original Message-----
> From: saag-bounces@mit.edu [mailto:saag-bounces@mit.edu] On Behalf Of
> Stephen Kent
> Sent: Wednesday, January 02, 2008 11:37 PM
> To: mcgrew
> Cc: saag@mit.edu; Sean Shuo Shen; cfrg@ietf.org
> Subject: Re: [saag] [Cfrg] Re: TCP-AO MAC algorithms
> 
> Anoher issue to keep in mind is that a nonce-less MAC avoids the FIPS 
> evaluation problems that would arise from attempts to make use of the 
> TCP sequence number as an input to the nonce generation process.
> 
> Steve
> _______________________________________________
> saag mailing list
> saag@mit.edu
> http://mailman.mit.edu/mailman/listinfo/saag
> 
> 
> 
> _______________________________________________
> Cfrg mailing list
> Cfrg@ietf.org
> https://www1.ietf.org/mailman/listinfo/cfrg
> 



		--Steve Bellovin, http://www.cs.columbia.edu/~smb

_______________________________________________
Cfrg mailing list
Cfrg@ietf.org
https://www1.ietf.org/mailman/listinfo/cfrg

v2.23.0 | Report a Bug | By Email