IETF Logo Mail Archive

Re: [Cfrg] Adopting "AES-GCM-SIV: Nonce Misuse-Resistant Authenticated Encryption" as a CFRG document

David McGrew <mcgrew@cisco.com> Mon, 28 March 2016 15:53 UTC

Return-Path: <mcgrew@cisco.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 53C5812DB8C for <cfrg@ietfa.amsl.com>; Mon, 28 Mar 2016 08:53:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.531
X-Spam-Level:
X-Spam-Status: No, score=-14.531 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XUPStQEOFTsn for <cfrg@ietfa.amsl.com>; Mon, 28 Mar 2016 08:53:00 -0700 (PDT)
Received: from alln-iport-5.cisco.com (alln-iport-5.cisco.com [173.37.142.92]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E502912DBC8 for <cfrg@irtf.org>; Mon, 28 Mar 2016 08:50:55 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=2204; q=dns/txt; s=iport; t=1459180255; x=1460389855; h=mime-version:subject:from:in-reply-to:date:cc: content-transfer-encoding:message-id:references:to; bh=OguCrZfZyRiW49fUW52RQy1q4h2Q7DHaTFZd9AD0F/w=; b=mSgga/Lm7IyYFHa8VrwoIMgHYNezLwfHZxGcYX1krmQyKo2HISBAi3q4 D69uBl3anQhpj93x2bFOoSBUZGwJE76fm4SRRx/QMyCjait4rFCZUjdMX nK3AzOiS+R7+L7TKc0D1keI83XTg+2t6CKnP9n4DzrYgxaYeyHGmJNlMY o=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0D6AQAqUvlW/4ENJK1ZAw6DIFN9ryWLTgENgXAXCoVsAoEiOBQBAQEBAQEBZCeEQQEBAQMBAQEBIEsLBQsLGAICHwcCAiEGMAYTiBIDCggOr1mLIw2EWAEBAQEBAQEBAQEBAQEBAQEBAQEBAREEfIcVglGCPoFNLyMmgjkrgisFhViRWDGLT0KBdY8LhzaHVR4BAUKCMHpXIDABiHkBAQE
X-IronPort-AV: E=Sophos;i="5.24,407,1454976000"; d="scan'208";a="252603116"
Received: from alln-core-9.cisco.com ([173.36.13.129]) by alln-iport-5.cisco.com with ESMTP/TLS/DHE-RSA-AES256-SHA; 28 Mar 2016 15:50:54 +0000
Received: from rtp-mcgrew-8915.cisco.com (rtp-mcgrew-8915.cisco.com [10.117.10.230]) by alln-core-9.cisco.com (8.14.5/8.14.5) with ESMTP id u2SForTt028812 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Mon, 28 Mar 2016 15:50:54 GMT
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 9.2 \(3112\))
From: David McGrew <mcgrew@cisco.com>
In-Reply-To: <D31EFD69.68456%kenny.paterson@rhul.ac.uk>
Date: Mon, 28 Mar 2016 11:50:53 -0400
Content-Transfer-Encoding: quoted-printable
Message-Id: <DB57E803-7A6A-43E1-B2D2-6FBD96A3106F@cisco.com>
References: <D31EFD69.68456%kenny.paterson@rhul.ac.uk>
To: "Paterson, Kenny" <Kenny.Paterson@rhul.ac.uk>
X-Mailer: Apple Mail (2.3112)
Archived-At: <http://mailarchive.ietf.org/arch/msg/cfrg/qB9oJZU3c2FXpQGHOXWIRmKDQig>
Cc: Yehuda Lindell <Yehuda.Lindell@biu.ac.il>, "cfrg@irtf.org" <cfrg@irtf.org>, Adam Langley <agl@google.com>
Subject: Re: [Cfrg] Adopting "AES-GCM-SIV: Nonce Misuse-Resistant Authenticated Encryption" as a CFRG document
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Mon, 28 Mar 2016 15:53:06 -0000

Hi Kenny,

> On Mar 28, 2016, at 10:34 AM, Paterson, Kenny <Kenny.Paterson@rhul.ac.uk> wrote:
> 
> Dear CFRG,
> 
> Shay, Adam and Yehuda have asked the CFRG chairs whether their draft for
> AES-GCM-SIV can be adopted as a CFRG document. We are minded to do so, but
> first wanted to canvass members of the group for their opinions on taking
> this step.
> 

I support taking on this draft as an RG item, and I offer to review it and offer some detailed comments.  

best

David

> We are aware of the on-going CAESAR competition for AEAD schemes.
> AES-GCM-SIV is not a CAESAR candidate. CFRG adopting this document should
> not be interpreted as competing with or pre-empting the results of that
> very valuable activity. Indeed, once CAESAR is complete, we hope that some
> or all of the competition winners will end up being turned into RFCs under
> the auspices of CFRG.
> 
> Regards,
> 
> Kenny (for the chairs)
> 
> 
> On 06/03/2016 03:50, "Cfrg on behalf of Shay Gueron"
> <cfrg-bounces@irtf.org on behalf of shay.gueron@gmail.com> wrote:
> 
>> Hello CFRG,
>> 
>> 
>> We would like to draw your attention to our new submission draft entitled
>> “AES-GCM-SIV: Nonce Misuse-Resistant Authenticated Encryption”. Posted on
>> https://www.ietf.org/internet-drafts/draft-gueron-gcmsiv-00.txt
>> 
>> The submission specifies two authenticated encryption algorithms that are
>> nonce misuse-resistant. Their performance is expected to be roughly on
>> par with AES-GCM,
>> when run on modern processors that have AES instructions.
>> 
>> Security and performance analysis can be found in S. Gueron and Y.
>> Lindell. GCM-SIV: Full Nonce Misuse-Resistant Authenticated Encryption at
>> Under One Cycle
>> per Byte. In 22nd ACM CCS, pages 109-119, 2015.
>> 
>> We hope that the CFRG will take this up as a working-group item.
>> 
>> Thank you,
>> 
>> 
>> Shay Gueron, Adam Langley, Yehuda Lindell
>> 
>> 
>> 
> 
> _______________________________________________
> Cfrg mailing list
> Cfrg@irtf.org
> https://www.irtf.org/mailman/listinfo/cfrg

v2.23.0 | Report a Bug | By Email