IETF Logo Mail Archive

Re: [Cfrg] Adopting "AES-GCM-SIV: Nonce Misuse-Resistant Authenticated Encryption" as a CFRG document

"Paterson, Kenny" <Kenny.Paterson@rhul.ac.uk> Mon, 18 April 2016 09:29 UTC

Return-Path: <Kenny.Paterson@rhul.ac.uk>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5041C12D150 for <cfrg@ietfa.amsl.com>; Mon, 18 Apr 2016 02:29:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=rhul.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fG_wR37Omh9i for <cfrg@ietfa.amsl.com>; Mon, 18 Apr 2016 02:29:35 -0700 (PDT)
Received: from emea01-am1-obe.outbound.protection.outlook.com (mail-am1on0657.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe00::657]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AFD9F12D143 for <cfrg@irtf.org>; Mon, 18 Apr 2016 02:29:34 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rhul.onmicrosoft.com; s=selector1-rhul-ac-uk; h=From:To:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=YkQD2e1MIvu/wxozEmIxOtmR7fz2pE6aDb3Cq93yy/s=; b=sweEFzFVdxGw2+jEXGM6z6pb9KKI4HgB9fwgHPW2ZyRTTinYhJFT8w+PHPMVF44S4mzGm0yGX5gj5uy1HHKpG01P14/nw/x2ZqeLRBZjghKICJqLsXcOPQKxcEkHaGLP5+Hb6Sw3QYu3a+BSQS7FX7KFe3BgjdNku53layH5NyM=
Received: from VI1PR03MB1822.eurprd03.prod.outlook.com (10.166.42.148) by VI1PR03MB1822.eurprd03.prod.outlook.com (10.166.42.148) with Microsoft SMTP Server (TLS) id 15.1.466.19; Mon, 18 Apr 2016 09:29:16 +0000
Received: from VI1PR03MB1822.eurprd03.prod.outlook.com ([10.166.42.148]) by VI1PR03MB1822.eurprd03.prod.outlook.com ([10.166.42.148]) with mapi id 15.01.0466.022; Mon, 18 Apr 2016 09:29:16 +0000
From: "Paterson, Kenny" <Kenny.Paterson@rhul.ac.uk>
To: "cfrg@irtf.org" <cfrg@irtf.org>
Thread-Topic: Adopting "AES-GCM-SIV: Nonce Misuse-Resistant Authenticated Encryption" as a CFRG document
Thread-Index: AQHRiP7+wUFnuBtreUe1MCzt43wYjp+PqI2A
Date: Mon, 18 Apr 2016 09:29:16 +0000
Message-ID: <D33A675F.6A562%kenny.paterson@rhul.ac.uk>
References: <D31EFD69.68456%kenny.paterson@rhul.ac.uk>
In-Reply-To: <D31EFD69.68456%kenny.paterson@rhul.ac.uk>
Accept-Language: en-GB, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/14.6.2.160219
authentication-results: irtf.org; dkim=none (message not signed) header.d=none;irtf.org; dmarc=none action=none header.from=rhul.ac.uk;
x-ms-exchange-messagesentrepresentingtype: 1
x-originating-ip: [92.4.66.92]
x-ms-office365-filtering-correlation-id: a220ec95-b585-4438-175a-08d3676be9a4
x-microsoft-exchange-diagnostics: 1; VI1PR03MB1822; 5:aTRXWjXTcyyOnu4blaLX1r335n7PwXvuA2ca/w8x27HiS2KZAai8bsgQD1j9m5VRPksvxYViecS2Fu2KkBMtU0rIPsmPv14uEcBE0FdQI7ri4NBbA2fmKtPCIxZEtRGH21pkwa6TeXE0tfoEuo7lUlwqZ7/bySdSAOLghgyOOcECVZZgFAHwYfiqI7oY6Lu6; 24:dXUrfgQlJPxlpPclPJg0n/kbO4KBsGquTYdmqH6zOCRjlzdOExYRXdpPjjGQufYGhRUS12tVcCbtBphXaNvsuskbaWVOOX8OfeyWAYhzMPc=; 7:SGjKnzbGADNCwtTY7/crmeG1kk8fC5lY25Pyly7XeF0kQCe9zXf4v/KtJlGVbNsLGlqBy6mZKClz5exYgDU3jFxu3RVMu62mxtCjNzrDCqE1w8lTck7BEzzWM354k0uZ0VqHrv9AB+wlpsuy06DUNBbFlwh6heUQBDRca9aRh316+HSue0iI4P4AyTZLcEC+S5tNfFDIPocxT7JUKKRSeA==
x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:VI1PR03MB1822;
x-microsoft-antispam-prvs: <VI1PR03MB18228BA026FF3C948456EA00BC6B0@VI1PR03MB1822.eurprd03.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:;
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(9101521026)(601004)(2401047)(5005006)(8121501046)(10201501046)(3002001); SRVR:VI1PR03MB1822; BCL:0; PCL:0; RULEID:; SRVR:VI1PR03MB1822;
x-forefront-prvs: 0916FC3A18
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(6009001)(24454002)(110136002)(83506001)(586003)(4326007)(1096002)(230783001)(5002640100001)(19580395003)(19580405001)(1220700001)(10400500002)(189998001)(102836003)(122556002)(3846002)(2906002)(4001350100001)(36756003)(2501003)(6116002)(1730700002)(5640700001)(81166005)(5008740100001)(74482002)(5004730100002)(3280700002)(86362001)(11100500001)(92566002)(3660700001)(50986999)(15975445007)(66066001)(76176999)(54356999)(87936001)(2950100001)(77096005)(2351001)(106116001); DIR:OUT; SFP:1101; SCL:1; SRVR:VI1PR03MB1822; H:VI1PR03MB1822.eurprd03.prod.outlook.com; FPR:; SPF:None; MLV:sfv; LANG:en;
Content-Type: text/plain; charset="utf-8"
Content-ID: <1BE0BFDBCDDA4B4FB9B30B857714FBF1@eurprd03.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: rhul.ac.uk
X-MS-Exchange-CrossTenant-originalarrivaltime: 18 Apr 2016 09:29:16.7440 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 2efd699a-1922-4e69-b601-108008d28a2e
X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1PR03MB1822
Archived-At: <http://mailarchive.ietf.org/arch/msg/cfrg/xwug9I18svvw6wlTEM2M4IU0v3Q>
Cc: Yehuda Lindell <Yehuda.Lindell@biu.ac.il>, Adam Langley <agl@google.com>
Subject: Re: [Cfrg] Adopting "AES-GCM-SIV: Nonce Misuse-Resistant Authenticated Encryption" as a CFRG document
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Mon, 18 Apr 2016 09:29:37 -0000

Dear CFRG,

Chairs had asked for discussion on whether the AES-GCM-SIV document should
be adopted as a CFRG document (see below). The chairs have been following
the ensuing discussions with interest. Taking all the discussion into
account, our view is that there is rough consensus to adopt the
AES-GCM-SIV draft as a CFRG document.

Regards,

Kenny (for the chairs)



On 28/03/2016 15:34, "Paterson, Kenny" <Kenny.Paterson@rhul.ac.uk> wrote:

>Dear CFRG,
>
>Shay, Adam and Yehuda have asked the CFRG chairs whether their draft for
>AES-GCM-SIV can be adopted as a CFRG document. We are minded to do so, but
>first wanted to canvass members of the group for their opinions on taking
>this step.
>
>We are aware of the on-going CAESAR competition for AEAD schemes.
>AES-GCM-SIV is not a CAESAR candidate. CFRG adopting this document should
>not be interpreted as competing with or pre-empting the results of that
>very valuable activity. Indeed, once CAESAR is complete, we hope that some
>or all of the competition winners will end up being turned into RFCs under
>the auspices of CFRG.
>
>Regards,
>
>Kenny (for the chairs)
>
>
>On 06/03/2016 03:50, "Cfrg on behalf of Shay Gueron"
><cfrg-bounces@irtf.org on behalf of shay.gueron@gmail.com> wrote:
>
>>Hello CFRG,
>>
>> 
>>We would like to draw your attention to our new submission draft entitled
>>“AES-GCM-SIV: Nonce Misuse-Resistant Authenticated Encryption”. Posted on
>>https://www.ietf.org/internet-drafts/draft-gueron-gcmsiv-00.txt
>> 
>>The submission specifies two authenticated encryption algorithms that are
>>nonce misuse-resistant. Their performance is expected to be roughly on
>>par with AES-GCM,
>> when run on modern processors that have AES instructions.
>> 
>>Security and performance analysis can be found in S. Gueron and Y.
>>Lindell. GCM-SIV: Full Nonce Misuse-Resistant Authenticated Encryption at
>>Under One Cycle
>> per Byte. In 22nd ACM CCS, pages 109-119, 2015.
>> 
>>We hope that the CFRG will take this up as a working-group item.
>> 
>>Thank you,
>>
>> 
>>Shay Gueron, Adam Langley, Yehuda Lindell
>> 
>>
>>
>

v2.23.0 | Report a Bug | By Email