Re: [Cfrg] RG Last Call - draft-irtf-cfrg-ocb-00

["Blumenthal, Uri - 0558 - MITLL" <uri@ll.mit.edu>]

Going to Phil's page gives the following. What is the relation between
"License 1" and "License 2"?


* License for Open-Source Software Implementations of OCB
<http://www.cs.ucdavis.edu/~rogaway/ocb/license1.pdf> (Jan 9, 2013) ‹
³License 1² 
Under this license, you are authorized to make, use, and distribute
open-source software implementations of OCB. This license terminates for
you if you sue someone over their open-source software implementation of
OCB claiming that you have a patent covering their implementation.
This is a non-binding summary of a legal document (the link above). The
parameters of the license are specified in the license document and that
document is controlling.

* General License for Non-Military Software Implementations OCB
<http://www.cs.ucdavis.edu/~rogaway/ocb/license2.pdf> (Jan 10, 2013). ‹
³License 2² 
This license does not authorize any military use of OCB. Aside from
military uses, you are authorized to make, use, and distribute (1) any
software implementation of OCB and (2) non-software implementations of OCB
for noncommercial or research purposes. You are required to include notice
of this license to users of your work so that they are aware of the
prohibition against military use. This license terminates for you if you
sue someone over an implementation of OCB authorized by this license
claiming that you have a patent covering their implementation.
This is a non-binding summary of a legal document (the link above). The
parameters of the license are specified in the license document and that
document is controlling.

P.S. GCM may be slower - but at least I don't need a law degree to figure
out what can be done with it.
P.P.S. My assembly skills are rusty, but I didn't find use of CLMUL in the
assembly code. Could you clarify whether only AES-NI instructions were
used, or CLMUL was used too? Tnx!

--
Regards,
Uri Blumenthal
<Disclaimer>



On 2/5/13 17:17 , "Ted Krovetz" <ted@krovetz.net> wrote:

>Phil has issued broad licenses for OCB, allowing open-source software
>implementations and software implementations in non-military contexts and
>non-commercial non-military hardware implementations. The licenses are at
>
>  http://www.cs.ucdavis.edu/~rogaway/ocb/license.htm
>
>It is my understanding -- correct me if I'm wrong -- that IP disclosures
>do not go directly in the RFC but instead get disclosed to the IETF along
>with the RFC submission. This has been done and the disclosures are at
>
>  
>https://datatracker.ietf.org/ipr/search/?option=document_search&id_documen
>t_tag=draft-krovetz-ocb
>
>There is a study of OCB performance vs other AE schemes which includes
>AES-NI on Westmere hardware.
>
>  http://www.cs.ucdavis.edu/~rogaway/ocb/ocb-doc.htm
>  http://www.cs.ucdavis.edu/~rogaway/ocb/performance
>
>These have not been updated for Sandy Bridge or Ivy Bridge. I can tell
>you that under Sandy Bridge OCB takes just 0.87 cycles per byte when
>processing 4KB messages. The fastest GHASH implementation I know about is
>Andy Polyakov's OpenSSL implementation that runs at 2.0 cycles per byte
>(just for GCM's hashing, you'd have to add the cost of encryption to get
>GCM's overall speed). Sandy Bridge and Ivy Bridge did not improve
>PCLMULQDQ performance but did improve AESENC performance, meaning that
>Sandy and Ivy improved OCB's performance much more than GCM's.
>
>-Ted
>
>
>_______________________________________________
>Cfrg mailing list
>Cfrg@irtf.org
>http://www.irtf.org/mailman/listinfo/cfrg