IETF Logo Mail Archive

Re: [Cfrg] [RFC] [DRAFT] eXtended-nonce ChaCha and AEAD_XChaCha20-Poly1305 (updated)

Scott Arciszewski <scott@paragonie.com> Thu, 11 October 2018 18:29 UTC

Return-Path: <scott@paragonie.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5C9A3130ED4 for <cfrg@ietfa.amsl.com>; Thu, 11 Oct 2018 11:29:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=paragonie-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id P4Zfr-wWhppr for <cfrg@ietfa.amsl.com>; Thu, 11 Oct 2018 11:29:15 -0700 (PDT)
Received: from mail-lj1-x232.google.com (mail-lj1-x232.google.com [IPv6:2a00:1450:4864:20::232]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EF393130ED0 for <cfrg@ietf.org>; Thu, 11 Oct 2018 11:29:14 -0700 (PDT)
Received: by mail-lj1-x232.google.com with SMTP id p1-v6so9128270ljg.6 for <cfrg@ietf.org>; Thu, 11 Oct 2018 11:29:14 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=paragonie-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to; bh=7d11Hb5K45uhLikCoUlkgwDwQ5cDpKIBPZPOZ8y4hGM=; b=YifXlRnzmyDLDpDKLH3+g2ki4LpPY7TeIZpZ8nj7zU1YTwYGkuI8kAn8DxKFtuJwVj 1Qvywz5CSK/zpxRyP102iWTforHlwmClCWehnafj2ymTrj3jctPQbgLBOXAWdyA0WWyz 7XaSHs8+SB2ONqXYWxYJncEBypSMI+1vHJdbQVOcpSb0grZhqCcreYz9K28+aph/3qjK 5Z0S4Mje7a+Tjr1UfE64U9HWKHMtimU/4riXk/pBN4iHdBUp+lV4TKXwNLaNhiAbk8N0 +jWykCbtXPyGPqY2+Dr9alumx2txV8Q2fiM32/0fzUOJTxGNuECeUcBfMFFNuozMaq6x 5vsQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to; bh=7d11Hb5K45uhLikCoUlkgwDwQ5cDpKIBPZPOZ8y4hGM=; b=op32vNnHU9PaSGwlTLPSONVdYTFhLY3m8IoN1mRTqfiUyxBkYFaUjMD8k+N8/p5UpF XMd7z2oS7EojEZHa8c1ulNJk56UkamKcknZ9EnE2xZojXsKf7Zmz/YHQUTpNU11Bvc9Y tDkuNDEUzxx41toiyadcI+9OesN+8RS0S4yG2TdLScVDP6T3r4EUVsUfJFxfpneP+Tqe nfbvwLMQZtTc+681tWy67nJ7VLvPY/Lee3RQafejIwRo3RGeTOdPLWAqWYEpYRecexpO 87OdOa2E0Nsa23mzNBM5+vS6Pu9XfmTbWZKyRYTZLYOpxttFqNbVT2esJEKR48AOeCLY EVdg==
X-Gm-Message-State: ABuFfojE/3yn9M6kGyvSahMtT82DHgMs6BrDU5Bl0J3zY8DXsfzczkeu 2w3C9qYwKXtMQAPEzgFVIT1K2jIznPN7RN1sCvk4J+/QtxY=
X-Google-Smtp-Source: ACcGV63HNndAiIfPki8Slw/ZFfTT+p8l0ey+TEibYYcHOReMg/8+tHXtaz635COJdJKiSC6tOBvmvlKujBCaH09cOn4=
X-Received: by 2002:a2e:8257:: with SMTP id j23-v6mr1733409ljh.38.1539282552375; Thu, 11 Oct 2018 11:29:12 -0700 (PDT)
MIME-Version: 1.0
References: <CAKws9z3+4DftG5Ov=C3w-u=toaUj6_xOC1s_f5t+dx0fWObTxw@mail.gmail.com>
In-Reply-To: <CAKws9z3+4DftG5Ov=C3w-u=toaUj6_xOC1s_f5t+dx0fWObTxw@mail.gmail.com>
From: Scott Arciszewski <scott@paragonie.com>
Date: Thu, 11 Oct 2018 14:29:00 -0400
Message-ID: <CAKws9z0eoJqhXbf8U0Z9ZiCKbfGoK13R-REo2Yj=oJ_J7iSdmQ@mail.gmail.com>
To: cfrg@ietf.org
Content-Type: multipart/alternative; boundary="000000000000be6b080577f8253d"
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/f9y-RBPWbKsDFu_vG4kW2IKR3UU>
Subject: Re: [Cfrg] [RFC] [DRAFT] eXtended-nonce ChaCha and AEAD_XChaCha20-Poly1305 (updated)
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Thu, 11 Oct 2018 18:29:17 -0000

Good afternoon,

I've submitted another updated draft.

Based on feedback received via Github, this revision includes a
clarification about HPolyC's use of XChaCha12.

Additionally, I included copy-and-paste-friendly versions of the test
vectors to aid developers in writing their unit tests.

https://datatracker.ietf.org/doc/draft-arciszewski-xchacha/
https://github.com/bikeshedders/xchacha-rfc

At this point I'm comfortable with the state of the draft and would like to
move forward with the IESG process soon.

If anyone at CFRG has any remarks (positive, negative, or neutral), please
share them at your earliest convenience.

Scott Arciszewski
Chief Development Officer
Paragon Initiative Enterprises <https://paragonie.com>


On Fri, Oct 5, 2018 at 1:36 PM Paragon Initiative Enterprises Security Team
<security@paragonie.com> wrote:

> Good afternoon,
>
> I've uploaded draft01, which contains some typo fixes and an additional
> test vector for XChaCha20 directly.
>
> https://datatracker.ietf.org/doc/draft-arciszewski-xchacha/
>
> If anyone would like to contribute to this document directly, its
> development is being facilitated on GitHub:
> https://github.com/bikeshedders/xchacha-rfc
>
> Of course, I'm also open to feedback/criticism via email as well.
>
> Scott Arciszewski
> Chief Development Officer
> Paragon Initiative Enterprises <https://paragonie.com>
>

v2.23.0 | Report a Bug | By Email