Re: [Cfrg] RGLC on draft-irtf-cfrg-chacha20-poly1305-01.txt

"Dan Harkins" <dharkins@lounge.org> Mon, 06 October 2014 21:06 UTC

Return-Path: <dharkins@lounge.org>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C0BEB1A1A47 for <cfrg@ietfa.amsl.com>; Mon, 6 Oct 2014 14:06:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.353
X-Spam-Level:
X-Spam-Status: No, score=-2.353 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, IP_NOT_FRIENDLY=0.334, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_PASS=-0.001, URIBL_RHS_DOB=1.514] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id B0PSROOJCKMh for <cfrg@ietfa.amsl.com>; Mon, 6 Oct 2014 14:06:44 -0700 (PDT)
Received: from colo.trepanning.net (colo.trepanning.net [69.55.226.174]) by ietfa.amsl.com (Postfix) with ESMTP id 0912A1A6FD6 for <cfrg@irtf.org>; Mon, 6 Oct 2014 14:06:44 -0700 (PDT)
Received: from www.trepanning.net (localhost [127.0.0.1]) by colo.trepanning.net (Postfix) with ESMTP id C4C2A10224008; Mon, 6 Oct 2014 14:06:42 -0700 (PDT)
Received: from 104.36.248.10 (SquirrelMail authenticated user dharkins@lounge.org) by www.trepanning.net with HTTP; Mon, 6 Oct 2014 14:06:43 -0700 (PDT)
Message-ID: <9a348a00f974bffba1c3785464cd2032.squirrel@www.trepanning.net>
In-Reply-To: <CAGvU-a7zd9jB_0vwipe4ALO5u5F0tk5BrfQ-0B5sLNjNRjZiPQ@mail.gmail.com>
References: <542D48CD.9060404@isode.com> <CAGvU-a7zd9jB_0vwipe4ALO5u5F0tk5BrfQ-0B5sLNjNRjZiPQ@mail.gmail.com>
Date: Mon, 6 Oct 2014 14:06:43 -0700 (PDT)
From: "Dan Harkins" <dharkins@lounge.org>
To: "Yoav Nir" <ynir.ietf@gmail.com>
User-Agent: SquirrelMail/1.4.14 [SVN]
MIME-Version: 1.0
Content-Type: text/plain;charset=iso-8859-1
Content-Transfer-Encoding: 8bit
X-Priority: 3 (Normal)
Importance: Normal
Archived-At: http://mailarchive.ietf.org/arch/msg/cfrg/vKyjL1yd66fjdMWLRlRX6Zz5kwU
Cc: "cfrg@irtf.org" <cfrg@irtf.org>
Subject: Re: [Cfrg] RGLC on draft-irtf-cfrg-chacha20-poly1305-01.txt
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Mon, 06 Oct 2014 21:06:47 -0000


On Mon, October 6, 2014 1:13 am, Yoav Nir wrote:
> Hi.
>
> As co-author of the draft, it's no surprise that I think it's ready. So
> I'll just point out that:
>  - The algorithms described have been implemented multiple times, both by
> the authors and by others
>  - At least two implementations were done by following the draft (and the
> test vectors checked out)
>  - At least one browser (Google Chrome) has these algorithms running in
> production and used with the Google servers.
>
> So I guess we've got the "running code" part down.

  Very nice! It's good to see people with running code that implements
the proposals for which they are attempting to achieve rough consensus.
I guess we could call it "old school" :-)

  One suggestion is that since this takes a cipher and a separate MAC
function to create a composite, you should define this combined AEAD
mode to fit into the RFC 5116 AEAD abstraction. This will require a subtle
modification to section 2.8-- around formation of the AEAD, and
specification of maximal limits-- and the requisite IANA Considerations
in section 5.

  I understand that this is the CFRG and not any particular IETF WG
that produces standards for some protocol but given that you say your
running code includes some secure browser-to-server communication
it might be nice to include such a conversation (using, for example,
ssldump) as a separate test vector.

  regards,

  Dan.

> Yoav
>
> On Thu, Oct 2, 2014 at 3:45 PM, Alexey Melnikov
> <alexey.melnikov@isode.com>
> wrote:
>
>> The authors of "ChaCha20 and Poly1305 for IETF protocols",
>> draft-irtf-cfrg-chacha20-poly1305-01.txt believe the draft is ready for
>> a
>> RGLC.
>>
>> This starts a two week research group last call, to end on 17 Oct 2014.
>>
>> The draft is available at http://datatracker.ietf.org/
>> doc/draft-irtf-cfrg-chacha20-poly1305/
>>
>> Please do comment on the list, indicating whether you believe this draft
>> is ready for publication. Please send your comments, indication of
>> support
>> for the publication or objections to the publication to the mailing list
>> or
>> directly to the RG chairs (cfrg-chairs@tools.ietf.org).
>>
>> Alexey,
>> As a co-chair.
>>
>> _______________________________________________
>> Cfrg mailing list
>> Cfrg@irtf.org
>> http://www.irtf.org/mailman/listinfo/cfrg
>>
> _______________________________________________
> Cfrg mailing list
> Cfrg@irtf.org
> http://www.irtf.org/mailman/listinfo/cfrg
>