Re: [CFRG] [EXT] IETF WG Interest in AES-GCM-SST
"Blumenthal, Uri - 0553 - MITLL" <uri@ll.mit.edu> Wed, 03 April 2024 13:56 UTC
Return-Path: <prvs=68230e960b=uri@ll.mit.edu>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 041A2C1519A5 for <cfrg@ietfa.amsl.com>; Wed, 3 Apr 2024 06:56:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.797
X-Spam-Level:
X-Spam-Status: No, score=-6.797 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_FONT_LOW_CONTRAST=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, TRACKER_ID=0.1] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5fhGPaDpJxjX for <cfrg@ietfa.amsl.com>; Wed, 3 Apr 2024 06:56:36 -0700 (PDT)
Received: from MX2.LL.MIT.EDU (mx2.ll.mit.edu [129.55.12.51]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B4AD2C1519A9 for <cfrg@irtf.org>; Wed, 3 Apr 2024 06:56:36 -0700 (PDT)
Received: from LLEX2019-2.mitll.ad.local (llex2019-2.llan.ll.mit.edu [172.25.4.124]) by MX2.LL.MIT.EDU (8.17.1.19/8.17.1.19) with ESMTPS id 433DtBdf068703 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=FAIL); Wed, 3 Apr 2024 09:55:11 -0400
ARC-Seal: i=1; a=rsa-sha256; s=arcselector5401; d=microsoft.com; cv=none; b=zFW2VJWE32/i1qmCGqbnJ5jMXROfcJX678/lKJnyd2nvOIZL5QP9efdi9YBdgUEtdc31KN1jueTAlMsuOQHC7nOOAbQg98sbCo0Wo/v2kneS6XO5p8raThcZsyKBhTO6sLBtuWRi7PAwL1Qq/d6DeuZwvetJkVI/ATChi5RzSCfPFSbDHRPTjwqbXWr6TyHLIN07U3fSs8ob87KX5C+0FNmz+uLqcB9PsG9P5fgtqWXFFCx2qDNUhm83WmaAdYwrgxU4vnvoThkykQSwd6RvnLGGCxfhClAKs8MI9+yCcNH0Z0R60pTpP8p4CxsoYz3QuTRPPMTGMjn6xySwsbGaXQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector5401; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=Qc+8d1si+1IG/OTQZGZbG+YICn6PUnkfpYNGbwEFFQI=; b=q872FU3uJVOj/TRv1PJN1780ROUEZsmS15+bZUzIrbNLXJFr2ZuTCI+pwgzM58kLnGjzT+WJxAhetb7ds2eBtH5rkLxGcoYuD4InomEyIcW8z1fJHjy9TqdgYPRQVHWwwnMsk/9zfcRuYvFIqC1ODeQcmQB314AEQa6jnbd/3rpuJN4pSMCRu94TGHnz4KbKeGzTIm/2EKVhPwdTJSI1C5zZ3clU7GC1U4Dm9iwNFm8pvk54MTxk+RcX7ARxs+lQupsNuxBcHr9l2+sEHPDBnM5xgOdfExze2EA3r4AWKov3oxnA4jX2ZHKBVB7n+vwm0v1znVjAR0XRmLik3wMw/Q==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ll.mit.edu; dmarc=pass action=none header.from=ll.mit.edu; dkim=pass header.d=ll.mit.edu; arc=none
From: "Blumenthal, Uri - 0553 - MITLL" <uri@ll.mit.edu>
To: Jonathan Lennox <jonathan.lennox42@gmail.com>, "cfrg@irtf.org" <cfrg@irtf.org>
Thread-Topic: [EXT] [CFRG] IETF WG Interest in AES-GCM-SST
Thread-Index: AQHahc5Zrcj+5KKTAUCaOpde9O+e/bFWkbPE
Date: Wed, 03 Apr 2024 13:56:31 +0000
Message-ID: <BN0P110MB14192D55538E9115BDB9A28F903DA@BN0P110MB1419.NAMP110.PROD.OUTLOOK.COM>
References: <CAKx+b+ZaqUfAQiLjkpWGgZAWRpVJYJtAm=v+-PVU1PMPP5Tu8Q@mail.gmail.com>
In-Reply-To: <CAKx+b+ZaqUfAQiLjkpWGgZAWRpVJYJtAm=v+-PVU1PMPP5Tu8Q@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: BN0P110MB1419:EE_|BN0P110MB1340:EE_
x-ms-office365-filtering-correlation-id: 0ba55d51-d1fe-4fdb-db7a-08dc53e5ddea
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: QK2dk27dJ4GpW2hiPVVObPUC6qFdF4OgfwhbFCPbIwOh7l1QDt2CvCKt7D6X0udg5h1KiL1fElUilHB42jkabJpU3VuEW60us25uQ6k1TEusuMe7+8YuhQWZwfPgdhXOXPvbreucp4IQksafBhrZ852vrK72dRsZZ0rVNIICxGMgfaKQsLqwRkwwildxIEYLtsuHRx1QvMzLXOyzMMteFu7gn5v65AVoEK2MpONnsFqbOcYyObyGRg8kPaUfK2LHZqXAV1+fTZV/0jL53ohwfvwX0DqmhwMokRcs0/u+SUduS9Vm2HHwrllDcxSx6vpFpovQO3lvxbJzq7RcIex0YrSpAj4QeaBKYrSe28XeH+0Yfq884UolxWTlA8IHXoSXT7EartnV6m1lQfQfMNSU8qNuCFSgePjk0KsnL1Y38Wr/1b5nK21IUdc25JgZFH7yDiHmvA9tgwGxqMW5BLzU4jXX3gllEO2j1mkQFFtqEAAc7nubi5KdSSHuD6L6OqmP2gzMzV4TVlhSNkpktnyfNYBXZZApCjoK2vw3MdN4W6CqOxHi/y1SLd4ikvYp/mM0Tl3zahdQN/ac7ZRwvuCebLC7anepmWErEOnuQsFoh0w+GS1McbhW7+vmcobdF8k/oyBRvyGIJdUCCDyYlSzxQ8BznrKjG4dpVmqb2NeicrE=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BN0P110MB1419.NAMP110.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(13230031)(366007)(1800799015)(38070700009); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: z/2SWWe6nPIWmUo+hTjrqbNp9R9Jy7u/aj5oH+xFIuOvD1cxJpUGgNwyooxSQDlTe3snUbYjxaAbFJWd3QsJRMVeD6AfQE4FfKcYjXh2XvbuSCcLMi5ggDuTWybxHjlRpc0QpkeNp+/ivQdSa4ASIOchmMBg3Cp3iot7bAcf1zZ5HX4kodYRusPuLuwmxZrodKBKEDK5dmmj6ZyAKYYe8pMb70y2tUXyCxeNROiyq/9E5h/FHrr3het00/uUGqrP97/N9bnPj0RGAQ/A2/TZ4FC0UcvUGvlxvgsTB/qGLE7HLfui2/eslCvEaO/5pLOBKWjGn1fX0FGV4DjNmXvplOM5hZCSsuj74wTPU8JckkyZm5FHX/o9c1z9E4NTrK8z0/wLj5yiiYma7t99wpZpKdUc11r9GeFhyyOY+pYc+m76lIu2PCbitVUe2N8Ko5AtZ7uFlnUYr2q+gN+SrCmxGfGhu1chM9vJK7ENuanmaBtMrFSrO3dX8ljOj2V4vuQWBu2BvzdHP24y4BMDuM3gpLwCRx94gISRgYeQiE6GG7tDIDuPi+P9ZIPcWYZbmEm0nRZF5jjotW2zyZn5nKDTR373EbzIjW5YoTzeOr7dC40pv3Lew8wMmpbOnpYAxAvgP6eM5H26aAPdM92G8mCEYOzv0ot9sWtz4gFGn6cMLrZmYlOfbyOd/6RQxpTZmT61NqpahsFqmj2PV+ad1eT3LKUqSRKfGq7rYcDIIO4MuHFpk0KiZIT5JyLECdWHlQmhMjkN7Yd3qIkS0xGQ13UoJhbJThNF8fmE91lFcWXnNlBOpszG9ldD1unvx0tYJYQHixbWpRGccYimBewyJwD4o4U9+51BM0tDSd5ue7+xSGsvcoxNN57IDAFEt0BBTcxBLrg3hTuAytpEbmWFj1bjEI5aMq2qWOyNQkZYHCeK3NRXDCm4KEM2gph/OtzkkUvTy4qXFGxG/uOTdM2W63ixdov6VzB/lgktzCVa6i6K8gIF7YcfrQfxms0wXnbNBYgewdf4RpYq1yp/S9P/WtbKNJH9ujQA8nKZnBnHHopGm1dbxW5HrWWzMay+amEcWN+/xbVy99+uyiZcxGEqXXuKG+88Fdy0g/hFjKE9e1tAlI7zbfjmw1Z1lns3GCgky7P73qpnCKrAfwGoVvRZB3gNHAwDNIVpA89IDjePyCMzSzfM6OtROkbPQQ3CGnKGh3O+4kaniCSVjn/OfT6HW5nZMSHuYNIJaT9MusB2V0V4rKMNqmvBqdKYf+tHax1q+wROUvw5IItb4+XjLnHaQ2fTVzzJeimlPAkjWdZNCb/HvSci/U2yYqsVnB/8S5hZ+ZwTUq8BA/rudphS0rR4f6Wn8BNbQFk8nEsBXcQxjdIxBzuIvn84nSCrSHaq0m1Mrs5XhEUgxETHNq/NPdks2CvqxCYGtwybQMHvS87vm0cQlN5JgnOiTtO2g3spqthdaggMk1SJCuDC56hlTufgoasvIF0wYzX6ItJOJJu3p6nvZJrOIgqI/1WNvTY69QVUQsXS
Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg="sha256"; boundary="_8329B35D-53CD-1C48-ACAE-15193C86F39A_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: BN0P110MB1419.NAMP110.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: 0ba55d51-d1fe-4fdb-db7a-08dc53e5ddea
X-MS-Exchange-CrossTenant-originalarrivaltime: 03 Apr 2024 13:56:31.5187 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 83d1efe3-698e-4819-911b-0a8fbe79d01c
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN0P110MB1340
X-Proofpoint-GUID: yjqEpThRkCV4EenEdMhXovNIj6TD8cOu
X-Proofpoint-ORIG-GUID: yjqEpThRkCV4EenEdMhXovNIj6TD8cOu
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.1011,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2024-04-03_13,2024-04-03_01,2023-05-22_02
X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 adultscore=0 malwarescore=0 bulkscore=0 phishscore=0 mlxscore=0 spamscore=0 mlxlogscore=878 suspectscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2403210000 definitions=main-2404030096
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/uV6gaDIihLd4RcDWDbBaZhIYMvA>
Subject: Re: [CFRG] [EXT] IETF WG Interest in AES-GCM-SST
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://mailman.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://mailman.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Wed, 03 Apr 2024 13:56:38 -0000
Is AES-GCM-SST still failing catastrophically when nonce is re-used? -- V/R, Uri From: CFRG <cfrg-bounces@irtf.org> on behalf of Jonathan Lennox <jonathan.lennox42@gmail.com> Date: Wednesday, April 3, 2024 at 09:53 To: cfrg@irtf.org <cfrg@irtf.org> Subject: [EXT] [CFRG] IETF WG Interest in AES-GCM-SST When AES-GCM-SST was presented at CFRG there were questions about whether there were working groups in the IETF that would use this work, so I thought I would provide one answer. John Mattson also presented his work on AES-GCM-SST in AVTCore ZjQcmQRYFpfptBannerStart This Message Is From an External Sender This message came from outside the Laboratory. ZjQcmQRYFpfptBannerEnd When AES-GCM-SST was presented at CFRG there were questions about whether there were working groups in the IETF that would use this work, so I thought I would provide one answer. John Mattson also presented his work on AES-GCM-SST in AVTCore at the Brisbane meeting. There was substantial interest in the work, and if CFRG were to produce work meeting this profile AVTCore would be very likely to adopt it to use in SRTP. Concretely, we are interested in an AEAD with safe short tags and performance comparable to that of GCM. We will of course leave it to CFRG as to how best to accomplish this. No one has used GCM-SST yet for SRTP as far as I am aware, so there is no concern for any already-existing implementations in this space. One member also asked a question about to what extent existing hardware support for GCM could be re-used for short tags; this may also be a design question for CFRG to consider. Thanks! Jonathan Lennox AVTCore co-chair
- [CFRG] IETF WG Interest in AES-GCM-SST Jonathan Lennox
- Re: [CFRG] [EXT] IETF WG Interest in AES-GCM-SST Blumenthal, Uri - 0553 - MITLL
- Re: [CFRG] [EXT] IETF WG Interest in AES-GCM-SST Martin Thomson
- Re: [CFRG] [EXT] IETF WG Interest in AES-GCM-SST Roman Shpount