IETF Logo Mail Archive

Re: [Cfrg] Adopting "AES-GCM-SIV: Nonce Misuse-Resistant Authenticated Encryption" as a CFRG document

"Dan Harkins" <dharkins@lounge.org> Mon, 28 March 2016 16:37 UTC

Return-Path: <dharkins@lounge.org>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F276912DB50 for <cfrg@ietfa.amsl.com>; Mon, 28 Mar 2016 09:37:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.201
X-Spam-Level:
X-Spam-Status: No, score=-4.201 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id l3F0Rm4MVLtA for <cfrg@ietfa.amsl.com>; Mon, 28 Mar 2016 09:37:53 -0700 (PDT)
Received: from colo.trepanning.net (colo.trepanning.net [69.55.226.174]) by ietfa.amsl.com (Postfix) with ESMTP id 21B1D12DA42 for <cfrg@irtf.org>; Mon, 28 Mar 2016 09:37:53 -0700 (PDT)
Received: from www.trepanning.net (localhost [127.0.0.1]) by colo.trepanning.net (Postfix) with ESMTP id 744C3A888014; Mon, 28 Mar 2016 09:37:52 -0700 (PDT)
Received: from 69.12.173.8 (SquirrelMail authenticated user dharkins@lounge.org) by www.trepanning.net with HTTP; Mon, 28 Mar 2016 09:37:52 -0700 (PDT)
Message-ID: <b573e5aa60de5121200ceca64f524dc2.squirrel@www.trepanning.net>
In-Reply-To: <D31EFD69.68456%kenny.paterson@rhul.ac.uk>
References: <D31EFD69.68456%kenny.paterson@rhul.ac.uk>
Date: Mon, 28 Mar 2016 09:37:52 -0700
From: Dan Harkins <dharkins@lounge.org>
To: "Paterson, Kenny" <Kenny.Paterson@rhul.ac.uk>
User-Agent: SquirrelMail/1.4.14 [SVN]
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 8bit
X-Priority: 3 (Normal)
Importance: Normal
Archived-At: <http://mailarchive.ietf.org/arch/msg/cfrg/loBOHQT46aYPdaVBjSyymwjfhHo>
Cc: Yehuda Lindell <yehuda.lindell@biu.ac.il>, "cfrg@irtf.org" <cfrg@irtf.org>, Adam Langley <agl@google.com>
Subject: Re: [Cfrg] Adopting "AES-GCM-SIV: Nonce Misuse-Resistant Authenticated Encryption" as a CFRG document
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Mon, 28 Mar 2016 16:37:55 -0000


On Mon, March 28, 2016 7:34 am, Paterson, Kenny wrote:
> Dear CFRG,
>
> Shay, Adam and Yehuda have asked the CFRG chairs whether their draft for
> AES-GCM-SIV can be adopted as a CFRG document. We are minded to do so,
> but
> first wanted to canvass members of the group for their opinions on taking
> this step.

  I am in favor of adoption of this draft as a CFRG document.

  regards,

  Dan.

> We are aware of the on-going CAESAR competition for AEAD schemes.
> AES-GCM-SIV is not a CAESAR candidate. CFRG adopting this document should
> not be interpreted as competing with or pre-empting the results of that
> very valuable activity. Indeed, once CAESAR is complete, we hope that
> some
> or all of the competition winners will end up being turned into RFCs
> under
> the auspices of CFRG.
>
> Regards,
>
> Kenny (for the chairs)
>
>
> On 06/03/2016 03:50, "Cfrg on behalf of Shay Gueron"
> <cfrg-bounces@irtf.org on behalf of shay.gueron@gmail.com> wrote:
>
>>Hello CFRG,
>>
>>
>>We would like to draw your attention to our new submission draft
>> entitled
>>“AES-GCM-SIV: Nonce Misuse-Resistant Authenticated Encryption”.
>> Posted on
>>https://www.ietf.org/internet-drafts/draft-gueron-gcmsiv-00.txt
>>
>>The submission specifies two authenticated encryption algorithms that
>> are
>>nonce misuse-resistant. Their performance is expected to be roughly on
>>par with AES-GCM,
>> when run on modern processors that have AES instructions.
>>
>>Security and performance analysis can be found in S. Gueron and Y.
>>Lindell. GCM-SIV: Full Nonce Misuse-Resistant Authenticated Encryption
>> at
>>Under One Cycle
>> per Byte. In 22nd ACM CCS, pages 109-119, 2015.
>>
>>We hope that the CFRG will take this up as a working-group item.
>>
>>Thank you,
>>
>>
>>Shay Gueron, Adam Langley, Yehuda Lindell
>>
>>
>>
>
> _______________________________________________
> Cfrg mailing list
> Cfrg@irtf.org
> https://www.irtf.org/mailman/listinfo/cfrg
>

v2.23.0 | Report a Bug | By Email