Re: [Cfrg] New UMAC Draft
Ted Krovetz <tdk@csus.edu> Sat, 01 October 2005 18:26 UTC
Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1ELm4Q-0005dc-Di; Sat, 01 Oct 2005 14:26:50 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1ELm4O-0005dS-Ea for cfrg@megatron.ietf.org; Sat, 01 Oct 2005 14:26:48 -0400
Received: from ietf-mx.ietf.org (ietf-mx [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id OAA13007 for <cfrg@ietf.org>; Sat, 1 Oct 2005 14:26:44 -0400 (EDT)
Received: from [209.133.52.163] (helo=wifi.zrnetservice.com) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1ELmCR-0004fb-D7 for cfrg@ietf.org; Sat, 01 Oct 2005 14:35:12 -0400
Received: from [64.164.26.77] (helo=zrnet-CaffeSapore.zrnetservice.com) by wifi.zrnetservice.com with asmtp (Exim 3.36 #1 (Debian)) id 1ELm48-0000yH-00 for <cfrg@ietf.org>; Sat, 01 Oct 2005 11:26:32 -0700
Received: from [10.100.1.251] (helo=[10.100.1.251]) by zrnet-CaffeSapore.zrnetservice.com with esmtp (Exim 3.36 #1 (Debian)) id 1ELm46-00048n-00 for <cfrg@ietf.org>; Sat, 01 Oct 2005 11:26:30 -0700
Mime-Version: 1.0 (Apple Message framework v733)
Content-Transfer-Encoding: 7bit
Message-Id: <89E8D8B7-3B23-4BBF-87B8-E2B73093DC3D@csus.edu>
Content-Type: text/plain; charset="US-ASCII"; delsp="yes"; format="flowed"
To: cfrg@ietf.org
From: Ted Krovetz <tdk@csus.edu>
Subject: Re: [Cfrg] New UMAC Draft
Date: Sat, 01 Oct 2005 11:26:29 -0700
X-Mailer: Apple Mail (2.733)
X-Spam-Score: 0.0 (/)
X-Scan-Signature: c1c65599517f9ac32519d043c37c5336
Content-Transfer-Encoding: 7bit
X-BeenThere: cfrg@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:cfrg@ietf.org>
List-Help: <mailto:cfrg-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@ietf.org?subject=subscribe>
Sender: cfrg-bounces@ietf.org
Errors-To: cfrg-bounces@ietf.org
> I'm going away for a few days. In my absence, please run the > following algorithm > > Funny thing... It turns out they have the Internet in the cafes of San Francisco! > Please define ``secure'' and then show us the proof of this claimed > forgery-probability bound. > > Dan, I suggest to you that we have strayed far from the point of this discussion. On September 9, Russ Housley asked if there were any ``cryptographic concerns'' with UMAC. You have stated your concerns and we have responded both online and with a revised Internet-Draft. Your concerns at this point no longer seem to me to be cryptographic in nature, but instead seem to be about history and process (ie, what bounds were claimed in the past and should RFCs be accompanied by formal proofs). Clearly you believe that an \e-SU hash family wed with AES makes a good MAC (witness Poly1305-AES). So, your demands for "show me the proof, show me the proof", peppered with "your bounds were inaccurate, your bounds were inaccurate" ring as hollow haranguing to me. If you have any cryptographic concerns with our claim that UHASH is \e-SU or that it is wed appropriately with AES, please detail the worry (in any security model of your choosing). I contend that a proof that UHASH is \e-SU along with the proofs of Wegman, Carter and Bernstein should be enough for any cryptographer worth his salt to be satisfied enough to accept UMAC passing into an RFC. If you don't think people should use UMAC or if you can find a weakness in any security model of your choosing, you are welcome to publish your findings in whatever forum you choose. But, please, in the meantime, keep your comments focussed on cryptographic concerns affecting UMAC's passing into an RFC. Ciao from North Beach, Ted Krovetz _______________________________________________ Cfrg mailing list Cfrg@ietf.org https://www1.ietf.org/mailman/listinfo/cfrg
- [Cfrg] New UMAC Draft Ted Krovetz
- Fwd: [Cfrg] New UMAC Draft Hal Finney
- Re: [Cfrg] New UMAC Draft Ted Krovetz
- Re: [Cfrg] New UMAC Draft D. J. Bernstein
- Re: [Cfrg] New UMAC Draft D. J. Bernstein
- Re: [Cfrg] New UMAC Draft David McGrew
- Re: [Cfrg] New UMAC Draft Ted Krovetz
- Re: [Cfrg] New UMAC Draft Hal Finney
- Re: [Cfrg] New UMAC Draft Hal Finney
- Re: [Cfrg] New UMAC Draft Ted Krovetz
- Re: [Cfrg] New UMAC Draft Mark Baugher
- Re: [Cfrg] New UMAC Draft D. J. Bernstein
- Re: [Cfrg] New UMAC Draft D. J. Bernstein
- Re: [Cfrg] New UMAC Draft Hugo Krawczyk
- Re: [Cfrg] New UMAC Draft Ted Krovetz
- Re: [Cfrg] New UMAC Draft D. J. Bernstein
- Re: [Cfrg] New UMAC Draft Ted Krovetz
- Re: [Cfrg] New UMAC Draft D. J. Bernstein
- [Cfrg] An attack violating the UMAC security clai… D. J. Bernstein
- Re: [Cfrg] An attack violating the UMAC security … David McGrew
- Re: [Cfrg] An attack violating the UMAC security … D. J. Bernstein
- Re: [Cfrg] An attack violating the UMAC security … John Wilkinson
- Re: [Cfrg] An attack violating the UMAC security … David McGrew
- Re: [Cfrg] An attack violating the UMAC security … D. J. Bernstein
- Re: [Cfrg] An attack violating the UMAC security … canetti
- Re: [Cfrg] An attack violating the UMAC security … D. J. Bernstein
- Re: [Cfrg] An attack violating the UMAC security … canetti
- Re: [Cfrg] An attack violating the UMAC security … D. J. Bernstein