Re: [Cfrg] SIV for non-AES ciphers first draft

Paul Lambert <plambert@usfca.edu> Mon, 26 November 2018 08:07 UTC

Return-Path: <plambert@usfca.edu>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 12AF3130DF2 for <cfrg@ietfa.amsl.com>; Mon, 26 Nov 2018 00:07:57 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.059
X-Spam-Level:
X-Spam-Status: No, score=-4.059 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-1.459, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=usfca-edu.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id he_GBycPklod for <cfrg@ietfa.amsl.com>; Mon, 26 Nov 2018 00:07:55 -0800 (PST)
Received: from mx0a-00277301.pphosted.com (mx0a-00277301.pphosted.com [148.163.148.175]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 01A4F130DE5 for <cfrg@ietf.org>; Mon, 26 Nov 2018 00:07:54 -0800 (PST)
Received: from pps.filterd (m0109195.ppops.net [127.0.0.1]) by mx0a-00277301.pphosted.com (8.16.0.27/8.16.0.27) with SMTP id wAQ86A27009543 for <cfrg@ietf.org>; Mon, 26 Nov 2018 00:07:54 -0800
Received: from mail-pf1-f199.google.com (mail-pf1-f199.google.com [209.85.210.199]) by mx0a-00277301.pphosted.com with ESMTP id 2ny35uny8c-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NOT) for <cfrg@ietf.org>; Mon, 26 Nov 2018 00:07:52 -0800
Received: by mail-pf1-f199.google.com with SMTP id p15so5859125pfk.7 for <cfrg@ietf.org>; Mon, 26 Nov 2018 00:07:52 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=usfca-edu.20150623.gappssmtp.com; s=20150623; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=oJApOA9VotNBBGZkkcxBnOPU+iVLsdnq3mjgodqh3Zs=; b=E0Bpe9JmiAkRCJtxzb7u63tWfhJPmSzNlWR1QwEyCzORKx54JhL3IOL4dpM4Bh5LEy lSr8HYqkWt3iAER3k+JjKnOHDAEIcrMOa8P+eefhf9UYSZHk6Rag+Yh80LS4jPgFjODz Bm8GrYew0USR8G4KC2cLtQOLYKz7kGyIjim+6xWeeXnerjKMqw8n16LR9FadfPiL4/Cm BSv0lJGGH3UqIQYOmaBfOvvntegu/QI7Y6HkOquGTikQsqFdG1gxrWGI9+pHQbUOVs8f b9yeM1o2+vFZCU3aO3l/jtPGjQVrS1qZpEAyw+AHGnuJpCl9cr8AYN/T+f2cYfYASnnQ W2UA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=oJApOA9VotNBBGZkkcxBnOPU+iVLsdnq3mjgodqh3Zs=; b=Av/NVXz5BuYAJ1eQ0qBpL/ePd+pLW18bbtbaSApC/ZMMmq3OLMHu51n6Lbf3+T4TO1 7B6Vy8RxUXZ9eyu8TdxiW1OlJ3b8JVBPiQOQtPkE+qZ7lGNoDqpg8GTmue8AnEWJd/1j LcMnKOZ8pzxIGCeSYVqYgUyGk6Y3qI0hR4w0t4V5wF60inOmAEGKpcSreI2+FXtb4Jni E3HMEd9B02tqSkWKyPtenkJkj6yZzysW3SOzJn45MD5lbQ96C4BGDzrHaIBEAzDL1gzt 4NBxYJHZcUvgnhNjjdZ3mkCCTqmBie7YLW9CpyGnnQvxJJTup+0+E1Mv8Uy3SJfKNY25 8Ijw==
X-Gm-Message-State: AA+aEWbhHcOjYAlDOAfsTC3O7LpyYx/rNVTLt9SZ9TP8BXOlC3E/IrBH 38UWaPW+pxj4KzZ+m7YHCO979p6B33mxM7Tm/R8I5Vb5OXskoX5gJw+CdPl9rdf7RbXxzfS/xXy xzKpo
X-Received: by 2002:a63:da14:: with SMTP id c20mr22981949pgh.233.1543219671405; Mon, 26 Nov 2018 00:07:51 -0800 (PST)
X-Google-Smtp-Source: AFSGD/XBvFm4rGapTGtSz9UPbshPCPDVytzJwuDDtqseXdjwUoCIzFwfFSMsVA8pzQx27Ie0LJB0gA==
X-Received: by 2002:a63:da14:: with SMTP id c20mr22981940pgh.233.1543219671185; Mon, 26 Nov 2018 00:07:51 -0800 (PST)
Received: from ?IPv6:2600:1700:42f0:da0:61aa:c1dc:8c9a:9533? ([2600:1700:42f0:da0:61aa:c1dc:8c9a:9533]) by smtp.gmail.com with ESMTPSA id j14sm15150244pfn.175.2018.11.26.00.07.50 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 26 Nov 2018 00:07:50 -0800 (PST)
Content-Type: text/plain; charset=utf-8
Mime-Version: 1.0 (Mac OS X Mail 12.0 \(3445.100.39\))
From: Paul Lambert <plambert@usfca.edu>
In-Reply-To: <0D91AF7A-F26F-4E20-A009-B7D75BF8107D@gmail.com>
Date: Mon, 26 Nov 2018 00:07:58 -0800
Cc: cfrg@ietf.org
Content-Transfer-Encoding: quoted-printable
Message-Id: <A7D10A25-1DC1-4633-A745-64EF35BD1F8B@usfca.edu>
References: <0D91AF7A-F26F-4E20-A009-B7D75BF8107D@gmail.com>
To: Neil Madden <neil.e.madden@gmail.com>
X-Mailer: Apple Mail (2.3445.100.39)
X-MailRoute: Internal
X-Proofpoint-Spam-Reason: safe
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/nQW2x0BMVe7AllzUm3odKsijVYY>
Subject: Re: [Cfrg] SIV for non-AES ciphers first draft
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Mon, 26 Nov 2018 08:07:57 -0000

On the draft …
Given the benefits of Blake2 and it’s similar construction to ChaCha, why not use Blake2 instead of HMAC-SHA-256?

Paul


> On Nov 22, 2018, at 9:22 AM, Neil Madden <neil.e.madden@gmail.com> wrote:
> 
> I have now uploaded a (very rough) first draft describing how to extend the SIV mode of operation to non-AES ciphers and MACs, as previously discussed on this list.
> 
> The I-D is available here: https://urldefense.proofpoint.com/v2/url?u=https-3A__datatracker.ietf.org_doc_draft-2Dmadden-2Dgeneralised-2Dsiv_&d=DwIGaQ&c=qgVugHHq3rzouXkEXdxBNQ&r=oIg4FfS8P761BlhMPJ2ys3IvSyH4XQ12Mbj_mXrCAJs&m=5WQpmA8deCCE8ehAcBhR-0SwNWDHfNA7dEo1IVxbNUM&s=Bs8DJzvOJ6KwhzN8Yti0sRCdOT5r02Ho7m3qmNKJpuI&e=
> The source is on Github here: https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_NeilMadden_draft-2Dmadden-2Dgeneralised-2Dsiv&d=DwIGaQ&c=qgVugHHq3rzouXkEXdxBNQ&r=oIg4FfS8P761BlhMPJ2ys3IvSyH4XQ12Mbj_mXrCAJs&m=5WQpmA8deCCE8ehAcBhR-0SwNWDHfNA7dEo1IVxbNUM&s=qgsdZqOvSNNunN3u9v69TfSUfrP3mW7OV865Ui6qq8E&e=
> 
> Feedback welcome. Hopefully I’ve managed to wrestle xml2rfc to produce the right output.
> 
> Kind regards,
> 
> Neil Madden
> _______________________________________________
> Cfrg mailing list
> Cfrg@irtf.org
> https://urldefense.proofpoint.com/v2/url?u=https-3A__www.irtf.org_mailman_listinfo_cfrg&d=DwIGaQ&c=qgVugHHq3rzouXkEXdxBNQ&r=oIg4FfS8P761BlhMPJ2ys3IvSyH4XQ12Mbj_mXrCAJs&m=5WQpmA8deCCE8ehAcBhR-0SwNWDHfNA7dEo1IVxbNUM&s=g8oGz_kyMuTTp26sl6yblddFB_S1C5LiXRE9KKXhvxw&e=