Re: [Cfrg] Second RGLC on "AES-GCM-SIV"
"Paterson, Kenny" <Kenny.Paterson@rhul.ac.uk> Fri, 19 January 2018 16:00 UTC
Return-Path: <Kenny.Paterson@rhul.ac.uk>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 66EFF12D958 for <cfrg@ietfa.amsl.com>; Fri, 19 Jan 2018 08:00:46 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=rhul.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2CsyFg203UMY for <cfrg@ietfa.amsl.com>; Fri, 19 Jan 2018 08:00:43 -0800 (PST)
Received: from EUR03-VE1-obe.outbound.protection.outlook.com (mail-eopbgr50063.outbound.protection.outlook.com [40.107.5.63]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 50C1E12DA05 for <cfrg@irtf.org>; Fri, 19 Jan 2018 08:00:38 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rhul.onmicrosoft.com; s=selector1-rhul-ac-uk; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=pkCOoMrPST5QtoliMHlgL3/V9xXs0gUuN4IOK1eYRw4=; b=TrJI9x8IsFIZYjxxso0aTXqFSSdHoKqBOemAtksG7oaEqQDhvHp8st8Q/RN2rVuywfemCKFkRqWHxW9+s2JbrSK8JyqnQUcO9OCDO0bA9P1Xgd+8k9CXBtyDbioIovT5xxnlA/O7Nuty1Sk4pr4vhYeZc3eWNwwS2lpvGmPZQEI=
Received: from AM4PR0301MB1906.eurprd03.prod.outlook.com (10.168.2.156) by AM4PR0301MB1908.eurprd03.prod.outlook.com (10.168.3.8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.407.7; Fri, 19 Jan 2018 16:00:36 +0000
Received: from AM4PR0301MB1906.eurprd03.prod.outlook.com ([fe80::6159:c0ab:3c77:2083]) by AM4PR0301MB1906.eurprd03.prod.outlook.com ([fe80::6159:c0ab:3c77:2083%13]) with mapi id 15.20.0407.012; Fri, 19 Jan 2018 16:00:35 +0000
From: "Paterson, Kenny" <Kenny.Paterson@rhul.ac.uk>
To: "cfrg@irtf.org" <cfrg@irtf.org>
CC: Alexey Melnikov <alexey.melnikov@isode.com>, Yehuda Lindell <Yehuda.Lindell@biu.ac.il>, Adam Langley <agl@imperialviolet.org>, Shay Gueron <shay.gueron@gmail.com>
Thread-Topic: Second RGLC on "AES-GCM-SIV"
Thread-Index: AQHTjuedRk3NkCRPO0ONUYyfhtg7QKN7X3iA
Date: Fri, 19 Jan 2018 16:00:35 +0000
Message-ID: <FB4E92A0-B574-431B-82A7-E6AFD7E5A382@rhul.ac.uk>
References: <E16F508E-7C08-4DB2-A570-DDACC162F435@rhul.ac.uk>
In-Reply-To: <E16F508E-7C08-4DB2-A570-DDACC162F435@rhul.ac.uk>
Accept-Language: en-GB, en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/f.28.0.171108
authentication-results: spf=none (sender IP is ) smtp.mailfrom=Kenny.Paterson@rhul.ac.uk;
x-originating-ip: [134.219.227.30]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; AM4PR0301MB1908; 6:j+N5VklGmd3EurXwKa+e7sSmJDKqRnnFKPJ9AMbnnIarNbfgddh5K/ObAl/lcrGgfm6BHXOQLfMQmKPsswgnNBXbgDSrLIlnDKm1KJx222kt7HG7d/ElDxWDu94HVvPgAFWiTWQoK+DE0A7hC2gZm6qeGpN85zPc/12BwMGtVwBSz94fdwIKi/Dg3kat0e6CSirP8NNR1utrsfSvmrCTShaAwKpwL3eNkHAgt+qeMs9ALe+Mu2jiq2hSOicWWFZ3VDv+zChkZY5ppccHcJL2Fot262REFx+ECkts5idA7KCLdmaqu72+UxJLKbHBXH8W5Bs9/xMBHkr0J6zd04Oz+0oG3lCCNcTzj0TqEwrfDiP+G4tPqMwIflwW/hJIBT7c; 5:ybev0oGMByWhyJkWEbRMQtW60xzI3WWwoGRb6YKaK9FCcfV82hxHqJEOgIruOz8YLIKv0tPhfSKkyiipbYSBWVv9eryg8GUXu1lVy6xxDN6iphFHA/4ahiuPHhBL6fwGgqxdiYSdJMdyiSk/sEwUqHxJG47NUMJerEy/CFwTfHA=; 24:RYzhZTjA/Sr/u2E760lvgVRAXTe0ydZoooeocMdfWM30A2LX6W7zH6EQBVM8f76OTowUXRgiRB42SrWKvuvPEJMOKSPp2C9l4xoxNduCcNU=; 7:LG6V/TRZEBXca2N0DtG9Zp2uZWmUV4ur8LzEjQP/rKuMCMfajjg1hIGuIIJb4p4pPQDBPlxOfO3JRL7HsFBr8EVTG+AqH2gKpV58nCdoIfQIVWcrytF6BpgEGh/IjrOCvvHzcvSQ5Knhm5bGb/c4RZZOgoLrklp4bQggyzZLqsm0xhjLn7X9RzDLO4dwiVrZb6OzMmGwjjAr/j3CPMp0gVz/V/W88mybvtEe/3dO1XoSEf7RVncGdQDT8FooUqbj
x-ms-exchange-antispam-srfa-diagnostics: SSOS;SSOR;
x-forefront-antispam-report: SFV:SKI; SCL:-1; SFV:NSPM; SFS:(10009020)(346002)(366004)(39860400002)(39380400002)(376002)(396003)(199004)(189003)(13464003)(66066001)(2351001)(36756003)(86362001)(2950100002)(42882006)(6916009)(316002)(230783001)(786003)(2906002)(54906003)(5660300001)(106356001)(58126008)(305945005)(99286004)(7736002)(6506007)(53546011)(59450400001)(33656002)(68736007)(8936002)(102836004)(76176011)(6116002)(3846002)(82746002)(1730700003)(8676002)(6246003)(72206003)(478600001)(81156014)(5250100002)(14454004)(81166006)(97736004)(3280700002)(2900100001)(4326008)(966005)(83716003)(74482002)(53936002)(2501003)(3660700001)(39060400002)(6486002)(6306002)(105586002)(83506002)(26005)(229853002)(25786009)(5640700003)(6512007)(6436002); DIR:OUT; SFP:1101; SCL:1; SRVR:AM4PR0301MB1908; H:AM4PR0301MB1906.eurprd03.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en;
x-ms-office365-filtering-correlation-id: 4b9e6ee2-9d32-4fae-6948-08d55f55c6f1
x-microsoft-antispam: UriScan:(161990435356232); BCL:0; PCL:0; RULEID:(7020095)(4652020)(8989060)(5600026)(4604075)(3008032)(2017052603307)(7153060)(7193020); SRVR:AM4PR0301MB1908;
x-ms-traffictypediagnostic: AM4PR0301MB1908:
x-microsoft-antispam-prvs: <AM4PR0301MB1908944437FDA6D3295D988CBCEF0@AM4PR0301MB1908.eurprd03.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(161990435356232)(120809045254105)(192374486261705)(85827821059158);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(6040470)(2401047)(5005006)(8121501046)(10201501046)(3231023)(2400079)(944501161)(93006095)(93001095)(3002001)(6041268)(20161123562045)(20161123558120)(201703131423095)(201702281529075)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123564045)(20161123560045)(6072148)(201708071742011); SRVR:AM4PR0301MB1908; BCL:0; PCL:0; RULEID:(100000803101)(100110400095); SRVR:AM4PR0301MB1908;
x-forefront-prvs: 0557CBAD84
received-spf: None (protection.outlook.com: rhul.ac.uk does not designate permitted sender hosts)
x-microsoft-antispam-message-info: EwTSEc/t6etBu2pcSNGD0uDrQUzUTYnGzDO+ogB+mZ5Pm6qBhzKFwfcVAIbySHFxzb7jABBOmcFhe1CJtT+4yw==
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="utf-8"
Content-ID: <D93C0679A7C3F4478D0BFB27368160F6@eurprd03.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: rhul.ac.uk
X-MS-Exchange-CrossTenant-Network-Message-Id: 4b9e6ee2-9d32-4fae-6948-08d55f55c6f1
X-MS-Exchange-CrossTenant-originalarrivaltime: 19 Jan 2018 16:00:35.7049 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 2efd699a-1922-4e69-b601-108008d28a2e
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM4PR0301MB1908
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/a_HK98ksnBo3DHfrkuI0tnwbqRY>
Subject: Re: [Cfrg] Second RGLC on "AES-GCM-SIV"
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Fri, 19 Jan 2018 16:00:46 -0000
Hi, One comment from me on the AES-GCM-SIV draft, with my co-chair hat on: I believe it would be preferable if the final version of this draft were to also refer to the analysis of Bose-Hoang-Tessaro. It looks like the paper is now accepted to Eurocrypt 2018 (see https://eurocrypt.iacr.org/2018/acceptedpapers.html) so there should be a stable reference pretty soon. Perhaps in the "Security Considerations" section? Thanks, Kenny -----Original Message----- From: "Paterson, Kenny" <Kenny.Paterson@rhul.ac.uk> Date: Tuesday, 16 January 2018 at 16:32 To: "cfrg@irtf.org" <cfrg@irtf.org> Cc: Alexey Melnikov <alexey.melnikov@isode.com>, Yehuda Lindell <Yehuda.Lindell@biu.ac.il>, Adam Langley <agl@imperialviolet.org>, Shay Gueron <shay.gueron@gmail.com> Subject: Second RGLC on "AES-GCM-SIV" Dear CFRG participants, This message starts a second 2-week RGLC on "AES-GCM-SIV: Nonce Misuse-Resistant Authenticated Encryption" (draft-irtf-cfrg-gcmsiv-07), that will end on January 30th. See https://datatracker.ietf.org/doc/draft-irtf-cfrg-gcmsiv for the latest version of the draft. We are having a second last call because, although there only were small changes to the draft in going from 06 to 07, we also had the benefit of new security analysis on the draft: http://www.cs.ucsb.edu/~tessaro/papers/BHT17.pdf We also had some productive discussion on the benefits of using POLYVAL versus GHASH during the previous last call period, with the thread beginning at: https://www.ietf.org/mail-archive/web/cfrg/current/msg09333.html Please send your comments, as well as expression of support to publish as an RFC (or possible reasons for not doing so) in reply to this message or directly to CFRG chairs. Your feedback will help chairs to decide whether the document is ready for review by IRSG and subsequent publication as an RFC. Thank you, Alexey and Kenny
- [Cfrg] Second RGLC on "AES-GCM-SIV" Paterson, Kenny
- Re: [Cfrg] Second RGLC on "AES-GCM-SIV" Blumenthal, Uri - 0553 - MITLL
- Re: [Cfrg] Second RGLC on "AES-GCM-SIV" Tony Arcieri
- Re: [Cfrg] Second RGLC on "AES-GCM-SIV" Russ Housley
- Re: [Cfrg] Second RGLC on "AES-GCM-SIV" Ronald Tse
- Re: [Cfrg] Second RGLC on "AES-GCM-SIV" Paterson, Kenny
- Re: [Cfrg] Second RGLC on "AES-GCM-SIV" Yoav Nir
- Re: [Cfrg] Second RGLC on "AES-GCM-SIV" Stefano Tessaro
- Re: [Cfrg] Second RGLC on "AES-GCM-SIV" Tony Arcieri
- Re: [Cfrg] Second RGLC on "AES-GCM-SIV" Alexey Melnikov
- Re: [Cfrg] Second RGLC on "AES-GCM-SIV" Adam Langley