IETF Logo Mail Archive

Re: [Cfrg] VMAC Internet-Draft Available

David McGrew <mcgrew@cisco.com> Wed, 02 May 2007 20:46 UTC

Return-path: <cfrg-bounces@ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1HjLj0-0002CX-BD; Wed, 02 May 2007 16:46:58 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1HjLiy-0002B6-Aw for cfrg@ietf.org; Wed, 02 May 2007 16:46:56 -0400
Received: from sj-iport-6.cisco.com ([171.71.176.117]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1HjLiu-0005AK-UX for cfrg@ietf.org; Wed, 02 May 2007 16:46:56 -0400
Received: from sj-dkim-1.cisco.com ([171.71.179.21]) by sj-iport-6.cisco.com with ESMTP; 02 May 2007 13:46:52 -0700
X-IronPort-AV: i="4.14,482,1170662400"; d="scan'208"; a="143561967:sNHT48883437"
Received: from sj-core-5.cisco.com (sj-core-5.cisco.com [171.71.177.238]) by sj-dkim-1.cisco.com (8.12.11/8.12.11) with ESMTP id l42Kkq2x027372; Wed, 2 May 2007 13:46:52 -0700
Received: from xbh-sjc-211.amer.cisco.com (xbh-sjc-211.cisco.com [171.70.151.144]) by sj-core-5.cisco.com (8.12.10/8.12.6) with ESMTP id l42KkqEi015795; Wed, 2 May 2007 20:46:52 GMT
Received: from xfe-sjc-212.amer.cisco.com ([171.70.151.187]) by xbh-sjc-211.amer.cisco.com with Microsoft SMTPSVC(6.0.3790.1830); Wed, 2 May 2007 13:46:52 -0700
Received: from [192.168.2.100] ([10.32.254.210]) by xfe-sjc-212.amer.cisco.com with Microsoft SMTPSVC(6.0.3790.1830); Wed, 2 May 2007 13:46:51 -0700
In-Reply-To: <7DCE3EFF-BA9C-46E5-80C9-06A020E02AF7@acm.org>
References: <7DCE3EFF-BA9C-46E5-80C9-06A020E02AF7@acm.org>
Mime-Version: 1.0 (Apple Message framework v752.2)
Content-Type: text/plain; charset="US-ASCII"; delsp="yes"; format="flowed"
Message-Id: <5418320A-6B46-4190-85EC-B1E0C29490C7@cisco.com>
Content-Transfer-Encoding: 7bit
From: David McGrew <mcgrew@cisco.com>
Subject: Re: [Cfrg] VMAC Internet-Draft Available
Date: Wed, 02 May 2007 13:46:49 -0700
To: Ted Krovetz <tdk@acm.org>
X-Mailer: Apple Mail (2.752.2)
X-OriginalArrivalTime: 02 May 2007 20:46:51.0712 (UTC) FILETIME=[02ED1400:01C78CFB]
DKIM-Signature: v=0.5; a=rsa-sha256; q=dns/txt; l=3552; t=1178138812; x=1179002812; c=relaxed/simple; s=sjdkim1004; h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version; d=cisco.com; i=mcgrew@cisco.com; z=From:=20David=20McGrew=20<mcgrew@cisco.com> |Subject:=20Re=3A=20[Cfrg]=20VMAC=20Internet-Draft=20Available |Sender:=20; bh=W5T/m28PX9f+pFMz7zCkYXOJDFer3GW1IsUGZItFOw0=; b=FIop64A0FO6ihdaJj3YB4wQCJt2JD7Ys4kgCILuT5R7wt1FZG5qQWWm5ZaQBqaMDKP+op2Wy CmkASO3QX1oBMTMwyOdkvz19No6Vgno+wIXhVgVA+WqRlXlKc4fUmAxM6BJ9SMJJGxSF9CxE8s ImJ4t8tHRoR9WvTbZs9k8N+0w=;
Authentication-Results: sj-dkim-1; header.From=mcgrew@cisco.com; dkim=pass ( sig from cisco.com/sjdkim1004 verified; );
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 0fa76816851382eb71b0a882ccdc29ac
Cc: cfrg@ietf.org
X-BeenThere: cfrg@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:cfrg@ietf.org>
List-Help: <mailto:cfrg-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@ietf.org?subject=subscribe>
Errors-To: cfrg-bounces@ietf.org

Hi Ted,

thanks for posting.  I have not had a chance to read over it in  
detail yet, but I look forward to that.

I do have a quick question, though.  What would change if the high  
level structure were modified to something like Tag = F_K2(H_K1(M))?   
As you probably guessed, the reason that I ask is that I believe that  
there are applications that would be interested in alternatives to  
HMAC, but which would prefer to use a MAC that does not require a  
sequence number.

David

On Apr 24, 2007, at 10:32 AM, Ted Krovetz wrote:

> A new Internet-Draft is available for VMAC. The draft and reference  
> code are available at
>
>   http://fastcrypto.org/vmac
>
> VMAC is a message authentication code that is extremely fast on 64- 
> bit little-endian machines, and pretty fast on other architectures.  
> The primary goals of VMAC are:
>
> * High speed on 64-bit architectures. The table below gives sample  
> performance on several architectures. The code that generated these  
> numbers is written in C with a small amount of inline assembly.  
> Optimizing for other architectures requires as little as writing  
> efficient 64-bit multiplication, 128-bit addition and 64-bit byte- 
> swapping routines.
>
>                                           64-bit Tags     128-bit Tags
>         Bits/Endian/Architecture         64  512   4K     64  512   4K
>     ---------------------------------+-----+----+-----+-----+----+----
>     64/LE/AMD Athlon 64 "Manchester" |  6.0  1.1  0.5 |  7.0  1.6  0.9
>     64/LE/Intel Core 2 "Merom"       |  5.9  1.2  0.6 |  6.9  1.7  1.1
>     64/BE/IBM PowerPC 970FX          | 10.1  2.5  1.6 | 11.4  3.8  3.0
>     32/LE/Intel Core 2 "Merom"       |  8.3  2.2  1.4 | 11.1  3.6  2.8
>     32/LE/Intel NetBurst "Nocona"    | 15.0  4.4  3.1 | 18.9  7.1  5.8
>     32/BE/Freescale PowerPC 7457     | 15.3  6.4  5.3 | 22.1 11.2 10.0
>     32/LE/Embedded ARM v5te core     | 39.9 13.1 10.1 | 53.6 22.9 19.8
>     ---------------------------------+-----+----+-----+-----+----+----
>     Table: Tag generation speed measured in CPU cycles per message
>     byte, for cache-resident messages of length 64, 512 and 4K bytes.
>     Architectures are listed as register-size/endianness/model.
>
> * Reduction of per-session memory requirement over UMAC (A VMAC  
> predecessor). Whereas UMAC required 1080 bytes of internal key to  
> produce 64-bit authentication tags, VMAC uses 160 bytes. (If one  
> were to increase VMAC's internal key to the same as UMAC's, peak  
> speeds would be as low as 0.3 CPU cycles per byte.)
>
> * Retention of the virtues of UMAC: no intellectual-property  
> claims, provable security, flexibility between normal-security tags  
> (64-bit) and high-security tags (128-bit).
>
> VMAC was introduced at the Selected Areas of Cryptography 2006  
> conference. Special thanks go to Wei Dai, a very talented crypto  
> programmer. He read the SAC paper and then made significant  
> contributions to the VMAC design (increasing speed and security)  
> and code (resulting in the speeds reported here).
>
> A security note is being written and will be available on eCrypt  
> and the VMAC website later this summer. Any comments you may have  
> would be most welcome.
>
> Thank you,
> Ted Krovetz
> Computer Science Department
> California State University, Sacramento
>
>
> _______________________________________________
> Cfrg mailing list
> Cfrg@ietf.org
> https://www1.ietf.org/mailman/listinfo/cfrg

_______________________________________________
Cfrg mailing list
Cfrg@ietf.org
https://www1.ietf.org/mailman/listinfo/cfrg

v2.23.0 | Report a Bug | By Email