IETF Logo Mail Archive

[CFRG] Extract-and-expand with KMAC

John Mattsson <john.mattsson@ericsson.com> Sun, 15 November 2020 13:47 UTC

Return-Path: <john.mattsson@ericsson.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 10D7B3A1278 for <cfrg@ietfa.amsl.com>; Sun, 15 Nov 2020 05:47:49 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.102
X-Spam-Level:
X-Spam-Status: No, score=-2.102 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ovJtWzKuLZRs for <cfrg@ietfa.amsl.com>; Sun, 15 Nov 2020 05:47:48 -0800 (PST)
Received: from EUR04-DB3-obe.outbound.protection.outlook.com (mail-eopbgr60089.outbound.protection.outlook.com [40.107.6.89]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id ACBF93A1277 for <cfrg@irtf.org>; Sun, 15 Nov 2020 05:47:47 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=bYkVMKcAieZgK+DXk5IBu40FJK3KgdT5hObr+ukn2m+ePybBiBxIJMz3iL2e1Im8s5PVnrll/RVetZNc6yQkULeuIMTDth8IUSpsjuoLkE58t65qMfXj69laV089uD6SZ6i8b6145LSboA4qQAomGT326IGi6YxppIbyuziHYQMQNCBvBLHtY2AfTcF+2x1xKzRrasUhtidn3KTE8TmAjgVo2lM17W8rKs0rGNe6kiuoJbvSThKqUnlIZLjbqxvs80fOT96VA+4d85js8BW+eKz2CU3xxiBqsftQZasfmdGv4uxajKQllON/hRYwfJXJklYcZiNowFaeLHKzVKedNA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=BgHJI9slxoHBKFR7Pohtwqy2k+sO/dI9Pf/M5AxXACk=; b=SauauKBsIw78nUTvihsQa+gIjOzkbb5wybMXlaeLOGktWBDoawiWNrTMKrFZx4yAWZwBPO1yrOHlKlBpqj0cEITKGtjVxFYU79Yml6V6GZF2zfuolo16hRXe5VH+wTBuIpwHfdHsOqmL+8srfpjYWwOsSHF4Vt3QvaQj/K8Hph1f4NavuEqCmaCcy8Ky8vvCPYU+/twKAubUN947SFhyLIZ7+M1fb4Ya3tSpWS9pVY45LhU7mxU7no+SAB0UkDm4pdDb3yrGp6r3CdcoGG298iByd0qCIabDcwLtCZoYlGbBQzDU+SF8g813/u6Ma2BTCgq96qK1WTbCdrXcrN2d1w==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ericsson.com; dmarc=pass action=none header.from=ericsson.com; dkim=pass header.d=ericsson.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=BgHJI9slxoHBKFR7Pohtwqy2k+sO/dI9Pf/M5AxXACk=; b=tzYNTW+onrZ5My1axWqFPvpcsBQEvi+z30C7fAPFjVKzS4zkBds9mitAg9NCkNIMZagb1RP6gIv2VoT4UHXZuCdjOspPiNCE8APQm+HQNJJqqFL4Ei5CI5OIefyWDighOm9pIk0SHyU0xEl6LgFZUy0C2+dBe5yLKZDa8pWp8YY=
Received: from AM6PR07MB4584.eurprd07.prod.outlook.com (2603:10a6:20b:17::24) by AM6PR07MB6103.eurprd07.prod.outlook.com (2603:10a6:20b:9a::31) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3564.13; Sun, 15 Nov 2020 13:47:42 +0000
Received: from AM6PR07MB4584.eurprd07.prod.outlook.com ([fe80::951:a4c3:7f39:e39c]) by AM6PR07MB4584.eurprd07.prod.outlook.com ([fe80::951:a4c3:7f39:e39c%5]) with mapi id 15.20.3564.021; Sun, 15 Nov 2020 13:47:42 +0000
From: John Mattsson <john.mattsson@ericsson.com>
To: CFRG <cfrg@irtf.org>
Thread-Topic: Extract-and-expand with KMAC
Thread-Index: AQHWu1XkK+V8z67lR0WSuO+k6tbdQw==
Date: Sun, 15 Nov 2020 13:47:42 +0000
Message-ID: <467DD0FC-FF7F-453F-98B2-ADC7F0F976B1@ericsson.com>
Accept-Language: en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.42.20101102
authentication-results: irtf.org; dkim=none (message not signed) header.d=none;irtf.org; dmarc=none action=none header.from=ericsson.com;
x-originating-ip: [81.225.97.222]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 62077116-2d4f-4ba3-0e24-08d8896d0698
x-ms-traffictypediagnostic: AM6PR07MB6103:
x-microsoft-antispam-prvs: <AM6PR07MB61031923FD6FA425AF1457FE89E40@AM6PR07MB6103.eurprd07.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:8273;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: D6qZskL6w6p4/ppLqeTvDU8AGOuAWzydCT2irAHq4Sip4F9gIGFST7bzF5BB9xdVlqe6CBO9YxH+Y+hGq+X1ZTKMqKDJUucNheTr/7DV1uugzkdDHNG9p3bVC3jpW3YN04CwkWGgBHlq+rw8qdUx4QOzezBj38aJaOmoHzvBJRCeigGK/qmWkWdEPysHO3qSQGJh9GMWjEMgzZgXRnWPLMCFYnvL2uU2EjlXgjl88Sgw2xQXkN+Y2yhjoNSEKsvyKpLEBeSkuKCw9sCypW6jPsASk0OEKUE0rN0lUxex+I9lH42vb3iVx1AowkYERw3bP0uRdEhRtsYn7wszMlovOA==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:AM6PR07MB4584.eurprd07.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(396003)(39860400002)(346002)(136003)(376002)(366004)(6506007)(66446008)(26005)(71200400001)(8936002)(64756008)(76116006)(36756003)(66946007)(33656002)(91956017)(478600001)(6916009)(186003)(8676002)(2616005)(66556008)(66476007)(83380400001)(6486002)(86362001)(4744005)(2906002)(3480700007)(5660300002)(44832011)(316002)(6512007); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: YNhGm09uRMHqcvm9nBFoPz61pEIxu8OVXvkeYDcaSGsGKgAT4VNAR7e8Q4sJIKQ8NwD1OrttOHU5nmFpSk3sC8XE0Du5cGh2EPU1e4ukwZOSk0GNpg+pi7tRTCNB/DZVXSxjCPIEoNsNV6GK1Eb6MWh4q0QfrVjBpZmQN91kg8p+HSTxaX9hY7r7Kmk9lw1RA6dmka28hL0UkleGOHR++Qcb046KruVk9XEKjRZQI/x5A0pQlo+F9EnVo7bICMj3dDVzxM/mAPmP8VG3GmgNbGWwj+QV6JGhSxD30KOzrr3Rg/pqubIGflT0TeTO7sISBpbd/rTU6gyN92qQOxe0JyjHISQbjw2oI/3iPafZEzthpLHC8T5f2/E+rOgv2LOCXlCgsK/0LwbzR9v/IjamF7PVo25QIjtpkCn5tj/+8bJlhRooKSE+2+pksO0iCA8SDl0XyvwWWTf7TvaIhbHeMLKNCDKHOXcXk32e+E/vSCbiVetwcPBi51MQMKcOL3EDmxhViqEMgA/vf2pEdWNp9ru3C5Hy5vPgR1AAEv57SNb1AqD70u+lHY6I9hOGzye7zWQbONJ3Yh+BJtxdjqS6YQrFVHjt44uUcVNo9tq5CNdShgN5oF3dZTMqBM2iPUBMYcm7ac0xkEQQMKBC5FxTKQ==
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-ID: <BE88E212E1B2DF49BA7ABE732FD1F290@eurprd07.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: AM6PR07MB4584.eurprd07.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 62077116-2d4f-4ba3-0e24-08d8896d0698
X-MS-Exchange-CrossTenant-originalarrivaltime: 15 Nov 2020 13:47:42.7494 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: vzlUoruKSQSFxogeH4BL8FF7ihnBsoOieCLitn46z3ETWpY0Yrzvu8CNsdJoJlr/wUNM6kF+MlRKJoUaZFgZTVWPXSw+E0tZ9OS0OQ9JKQY=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM6PR07MB6103
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/kJUSJQZYC2Z0hX-ed1rILALqh5s>
Subject: [CFRG] Extract-and-expand with KMAC
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Sun, 15 Nov 2020 13:47:49 -0000

 Hi,

HMAC is needed to mitigate the length extension weakness of SHA-2. SHAKE does not have this weakness and NIST has therefore standardized the simple and efficient KMAC mode.

LAKE WG is discussing using KMAC in a extract-and-expand fashion similar to HKDF. However, there are several options when mapping the HKDF Extract and Expand interfaces to KMAC(K, X, L, S).

Would the following be reasonable for KMAC128, or would CFRG suggest something else?

PRK = Extract(salt, IKM) = KMAC128(salt, IKM, 256, “”)
OKM = Expand(PRK, L, info)  = KMAC128(PRK, “”, L, info)

Or should maybe the Extract and Expand intefaces be updated with more parameters?

Cheers John

v2.23.0 | Report a Bug | By Email