[Cfrg] proposed RG action: draft-cfrg-cipher-catalog

David McGrew <mcgrew@cisco.com> Tue, 15 November 2011 19:35 UTC

Return-Path: <mcgrew@cisco.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id 08DF521F8B35 for <cfrg@ietfa.amsl.com>; Tue, 15 Nov 2011 11:35:27 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -106.353
X-Spam-Status: No, score=-106.353 tagged_above=-999 required=5 tests=[AWL=0.245, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id hgljj4K1gmqR for <cfrg@ietfa.amsl.com>; Tue, 15 Nov 2011 11:35:22 -0800 (PST)
Received: from mtv-iport-3.cisco.com (mtv-iport-3.cisco.com []) by ietfa.amsl.com (Postfix) with ESMTP id A9AC521F8B2A for <cfrg@irtf.org>; Tue, 15 Nov 2011 11:35:22 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=mcgrew@cisco.com; l=20459; q=dns/txt; s=iport; t=1321385722; x=1322595322; h=message-id:from:to:mime-version:subject:date; bh=dNKquQlYTH1SX9TuXqA/5xewDHSrAaFMfMX8esi2uXI=; b=EMzYmHoytvrRm3HE+pB2pg49O5daKtalI/9gN8uuuCi6Efk6kM8bx+CS EijFzPna4KEqLLV/r/OZPdXxGcEFXs5Jx/X7tHpyA0R1CzivY5fQBOy2D WfcAR0ede0iAHAj3/LIywPq8UG/eDJgP/DNItV2wFDHATNRzPvRBkCkXo 0=;
X-Files: cipher-summary.html : 18010
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AqIFAK+9wk6rRDoJ/2dsb2JhbABDp0qCJIEFggsBGoEfgSCgWYEmAZ5ZiS5jBIgTjB+FO4xg
X-IronPort-AV: E=Sophos; i="4.69,516,1315180800"; d="html'217?scan'217,208,217"; a="14398718"
Received: from mtv-core-4.cisco.com ([]) by mtv-iport-3.cisco.com with ESMTP; 15 Nov 2011 19:35:22 +0000
Received: from [] ([]) by mtv-core-4.cisco.com (8.14.3/8.14.3) with ESMTP id pAFJZHf1025902 for <cfrg@irtf.org>; Tue, 15 Nov 2011 19:35:21 GMT
Message-Id: <17C1DA88-4490-4DD9-A3F9-20DE54D54FE2@cisco.com>
From: David McGrew <mcgrew@cisco.com>
To: cfrg@irtf.org
Content-Type: multipart/mixed; boundary=Apple-Mail-900--518861941
Mime-Version: 1.0 (Apple Message framework v936)
Date: Tue, 15 Nov 2011 11:35:21 -0800
X-Mailer: Apple Mail (2.936)
Subject: [Cfrg] proposed RG action: draft-cfrg-cipher-catalog
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Tue, 15 Nov 2011 19:35:27 -0000


I would like to propose the creation of an research group draft that  
describes all of the ciphers defined or used in IETF RFCs.  This draft  
should contain the basic facts about each cipher, including  
intellectual property considerations, and also describe its security  
properties, and provide authoritative references.   The most important  
security considerations are key size and block size (though we have  
two stream ciphers that accept IVs and one that does not), and  
probably the easiest way to deal with this is to describe the security  
ramifications of the different parameter choices, which puts each  
cipher into a rough category.  There are about twenty such ciphers  
(see the attached html table) and it will be valuable for CFRG to put  
together this information and ensure appropriate review.

There has been discussion in some IETF working groups about the  
addition of new standards-track ciphers.  CFRG should be providing  
technical input, but it is not the right place for discussion of  
standards.  I think a draft focusing on technical properties is the  
right contribution.

Let me know what you think.  Are you willing to participate as an  
editor, contributor, or reviewer?   Do you see any problems with this  
approach?   Anything missing from the outline above?   Comments  
especially welcome on the subject of security categorization.