[CFRG] Re: We would like to have your feedback!
Tushar Patel <tjpatel.tl@gmail.com> Fri, 27 September 2024 20:16 UTC
Return-Path: <tjpatel.tl@gmail.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 215ACC1D5C6D for <cfrg@ietfa.amsl.com>; Fri, 27 Sep 2024 13:16:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.104
X-Spam-Level:
X-Spam-Status: No, score=-7.104 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nUnDnw6MFmHN for <cfrg@ietfa.amsl.com>; Fri, 27 Sep 2024 13:16:36 -0700 (PDT)
Received: from mail-ej1-x630.google.com (mail-ej1-x630.google.com [IPv6:2a00:1450:4864:20::630]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EA60FC14F693 for <cfrg@irtf.org>; Fri, 27 Sep 2024 13:16:35 -0700 (PDT)
Received: by mail-ej1-x630.google.com with SMTP id a640c23a62f3a-a8d51a7d6f5so311232966b.2 for <cfrg@irtf.org>; Fri, 27 Sep 2024 13:16:35 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1727468194; x=1728072994; darn=irtf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=4tyS5SpbRme8rSsG1kDezcDZOtJwKc0VEFdfwyC6V8I=; b=FxLof298UUV1xYHrdAKZsipWOnMiC+yQoWRw+PDnY5Q0cwaaZAa+snvzHN13Dvfmid FBiK5EyJPrD9fMYNzp+5SI4MdJzGKhTq4dSAt7KozeIwMbenLdWXYPAWyqRoF0tiT5ne YNRvFH0aYCeoeYlijiIjvhqIQpe6OuCTsaBOdtOfRuooQQW+OvhjF4bwaFi7yMr82StS 2gAd4G241AEWycrnpxCaUw3Z1mFj5NZCQwBC9svQJr4QzJMq5UqzrS7ItakFGl3Zb9oC mVdWNa8uaBly4ve1zw2lNhvnGwK/sQBggIFMW9zU7VDMFIQrjBEyAEW4S8IHLw4cCvyF rOAg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1727468194; x=1728072994; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=4tyS5SpbRme8rSsG1kDezcDZOtJwKc0VEFdfwyC6V8I=; b=k1TfrahtJ88N1nK5FQIlslYW17nNt7hn6Eg3xlz2aJxEAryry4ZjzRwyY/tDsvBXBP q8WwoYrPsRtTkcisvHI9Zp9dF/xOTlxWN+ijWjXbp2Ir0YxQQkx17R7CIwl54wj3gKxV jlPrpsKc61r4PKf8k4dFloK3/ay47bO95lNVIEoRrfBIF6BSXZwFGptZoOWYSesOzyEI kcKDOHJ+i2YMXZUB8RB/yvqIer9rj6GRWYoEe3a/YMxWbuMHMUfWEJpreQYs8TFP5A0e u6+nKvMM79qTCC04YBUslS7LGKp7XY4B5Vr7QRtSXnUwVDR1kf/XiIKwpXEHjc42/MW0 +rJQ==
X-Forwarded-Encrypted: i=1; AJvYcCU8mwXAgJ4WTIYABOZ/CyCQ0iGn01Ww/O5zPEmd8s1Ztmqp/lOkarEzFLPC/JczjXjUb7Yy@irtf.org
X-Gm-Message-State: AOJu0YzTFuSjpBO0XUXZ8M+KRkgiCdfX4JU+AMk0nJrQFtDjsqbt1iXU LOAac5xriYNuOOYKXonzZ+teaUPVApK98yqJuj/qICx+jofzTpMrTLp5nviHEQ6B5CCz4CQxKaC rKPnMiG1pWBaiH6NmJCwMEPzX81zsMafW
X-Google-Smtp-Source: AGHT+IHhyJq0gkStsxywn710lUkB9qNq5NEw9prQtKzEH8Rx2GznJIsrRaHaKKlZqa7B1hXHlqGHa5W0vf9PEZhbEQk=
X-Received: by 2002:a17:907:86a8:b0:a8a:8127:4a8 with SMTP id a640c23a62f3a-a93c4a880b7mr449509266b.43.1727468194062; Fri, 27 Sep 2024 13:16:34 -0700 (PDT)
MIME-Version: 1.0
References: <MW4PR09MB100597E3E1B42E76E553779D0F39F2@MW4PR09MB10059.namprd09.prod.outlook.com> <CAMjbhoVSTPvuitvx_ubGPWE_o3xC5Z9y6mNmHpZZJojeP88zMg@mail.gmail.com>
In-Reply-To: <CAMjbhoVSTPvuitvx_ubGPWE_o3xC5Z9y6mNmHpZZJojeP88zMg@mail.gmail.com>
From: Tushar Patel <tjpatel.tl@gmail.com>
Date: Fri, 27 Sep 2024 13:16:22 -0700
Message-ID: <CAJfyev0__x=nDapyhNvRaV7QD9UX+gC106t3YkfR4fdKKLPWbQ@mail.gmail.com>
To: Bas Westerbaan <bas=40cloudflare.com@dmarc.ietf.org>
Content-Type: multipart/alternative; boundary="000000000000116ac806231f88fd"
Message-ID-Hash: ORQ7SYY2TTWWRC6QCZRBIPE4EOXYHRFY
X-Message-ID-Hash: ORQ7SYY2TTWWRC6QCZRBIPE4EOXYHRFY
X-MailFrom: tjpatel.tl@gmail.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-cfrg.irtf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: "Dang, Quynh H. (Fed)" <quynh.dang=40nist.gov@dmarc.ietf.org>, "saag@ietf.org" <saag@ietf.org>, "cfrg@irtf.org" <cfrg@irtf.org>
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [CFRG] Re: We would like to have your feedback!
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/mHcRUKePce7DovNs-gzrSLb_sRI>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Owner: <mailto:cfrg-owner@irtf.org>
List-Post: <mailto:cfrg@irtf.org>
List-Subscribe: <mailto:cfrg-join@irtf.org>
List-Unsubscribe: <mailto:cfrg-leave@irtf.org>
I would recommend holding this off until both 3rd Conf on Block Ciphers and Accordion contests start and finalize, there are many good solutions that can address these issues and in correctness one shoe fits all cannot apply to so many cryptography applications. Just on one note, there are hardware acceleration requirements and other items to plan in and SHA-3 does have some partial information that needs clarification in the context of cipher-modes, e.g., how would a hash improve anything over the AES-GCM random IV, it still will be 96-bits to 128-bits and the hash will not improve it, on the other hand a cipher-mode change for AEAD with a new definition for the MAC key and an increase in the MAC tag size can be very helpful. Also, the problem of random IVs have been solved by many including my incubation atnacipher.com. Thx., Tushar On Fri, Sep 27, 2024 at 12:31 PM Bas Westerbaan <bas= 40cloudflare.com@dmarc.ietf.org> wrote: > Thanks for the heads up, Quynh. We sent the following comments. > > Cloudflare appreciates the opportunity to comment on NIST’s proposal to > update SP 800-185. > > NIST is considering whether to specify and approve one or more SHA-3 > derived functions for AEAD. Currently approved encryption methods such as > AES-GCM are challenging and error-prone to deploy, primarily because of > strict limits of encryption when using random nonces. An approved AEAD that > can be used safely with random nonces would be of great benefit to us. > > > We do not have a preference whether this AEAD should be based on SHA-3 or > AES. If it would be based on SHA3, we suggest NIST uses the 12-round > permutation, put forward by the Keccak team in 2016 and reconfirmed [1] in > 2022. > > > We agree with NIST’s proposal to add a streaming XOF specification. This > matches many modern use cases of XOFs. > > [1] > https://groups.google.com/a/list.nist.gov/g/pqc-forum/c/t95kZqnbS4Q/m/E8VGP0juAwAJ > > > On Sat, Sep 7, 2024 at 12:02 PM Dang, Quynh H. (Fed) <quynh.dang= > 40nist.gov@dmarc.ietf.org> wrote: > >> Hi SAAG and CFRG, >> >> >> >> NIST is considering whether to specify and approve one or more SHA-3 >> derived functions for authenticated encryption with associated data in a >> new, separate Special Publication. The announcement is here : >> https://csrc.nist.gov/News/2024/proposal-to-update-fips-202-and-revise-sp-800-185 >> . >> >> >> >> We would like to have your comments/suggestions by October 7, 2024. They >> should be sent to cryptopubreviewboard@nist.gov with "Comments on FIPS >> 202 Decision Proposal" or “Comments on SP 800-185 Decision Proposal” in the >> subject line. >> >> >> >> More information is available on the website above. >> >> >> >> Regards, >> >> Quynh. >> _______________________________________________ >> CFRG mailing list -- cfrg@irtf.org >> To unsubscribe send an email to cfrg-leave@irtf.org >> > _______________________________________________ > CFRG mailing list -- cfrg@irtf.org > To unsubscribe send an email to cfrg-leave@irtf.org >
- [CFRG] We would like to have your feedback! Dang, Quynh H. (Fed)
- [CFRG] Re: We would like to have your feedback! John Mattsson
- [CFRG] Re: We would like to have your feedback! Bas Westerbaan
- [CFRG] Re: We would like to have your feedback! Tushar Patel