Re: [Cfrg] Encrypt in place guidance

"Blumenthal, Uri - 0553 - MITLL" <uri@ll.mit.edu> Wed, 01 April 2020 16:14 UTC

Return-Path: <prvs=136048fdfc=uri@ll.mit.edu>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CD8CC3A1217 for <cfrg@ietfa.amsl.com>; Wed, 1 Apr 2020 09:14:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.62
X-Spam-Level:
X-Spam-Status: No, score=-1.62 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, KHOP_HELO_FCRDNS=0.276, SPF_HELO_NONE=0.001, SPF_NONE=0.001, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id InWFqM1Dsn_U for <cfrg@ietfa.amsl.com>; Wed, 1 Apr 2020 09:14:52 -0700 (PDT)
Received: from llmx3.ll.mit.edu (LLMX3.LL.MIT.EDU [129.55.12.49]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 68DD13A1215 for <cfrg@irtf.org>; Wed, 1 Apr 2020 09:14:52 -0700 (PDT)
Received: from LLE2K16-MBX04.mitll.ad.local (LLE2K16-MBX04.mitll.ad.local) by llmx3.ll.mit.edu (unknown) with ESMTPS id 031GEjaP015472; Wed, 1 Apr 2020 12:14:45 -0400
From: "Blumenthal, Uri - 0553 - MITLL" <uri@ll.mit.edu>
To: Leo Perrin <leo.perrin@inria.fr>
CC: "noloader@gmail.com" <noloader@gmail.com>, cfrg <cfrg@irtf.org>
Thread-Topic: [Cfrg] Encrypt in place guidance
Thread-Index: AQHWCEBD0stjZkQJPEKrD3gOeev7b6hks9oA
Date: Wed, 1 Apr 2020 16:14:44 +0000
Message-ID: <A84246B3-194F-4152-B4E2-4FFCAD2A8CBB@ll.mit.edu>
References: <273890572.24433090.1585757442539.JavaMail.zimbra@inria.fr>
In-Reply-To: <273890572.24433090.1585757442539.JavaMail.zimbra@inria.fr>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-ms-exchange-messagesentrepresentingtype: 1
Content-Type: multipart/signed; boundary="Apple-Mail-4DE320D4-1042-401F-87D8-E73B1EAA1E01"; protocol="application/pkcs7-signature"; micalg=sha-256
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.138, 18.0.676 definitions=2020-04-01_03:2020-03-31, 2020-04-01 signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 suspectscore=0 malwarescore=0 phishscore=0 bulkscore=0 spamscore=0 mlxscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-2002250000 definitions=main-2004010141
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/yA4hqvbDZzgj2Jx1vLXFw7zo-Vw>
Subject: Re: [Cfrg] Encrypt in place guidance
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Wed, 01 Apr 2020 16:14:54 -0000

The clue may lie in the specifics of their use case(s) and the corresponding threat models. 

Regards,
Uri

Sent from my iPhone

> On Apr 1, 2020, at 12:11, Leo Perrin <leo.perrin@inria.fr> wrote:
> 
> 
>> The ISO eventually adopted Simon and Speck in other standards,
>> however. ISO/29167-21 (for Simon) and ISO/29167-22 (for Speck). The
>> 29167 ISO has something to do with RFID.
> 
> In that standard (29167), SIMON and SPECK are in good company with... the "XOR encryption" (29167-15), i.e. the XOR of a fixed string. Being included in that standard is then obviously *not* a sign of trustworthiness. 
> 
> To be fair, it is not a sign of untrustworthiness either. In fact, 29167 seems to be intended to contain everything as good algorithms can also be found in it: PRESENT is 29167-11, Grain is 29167-13, and the AES is 29167-14. Why did they standardize "XOR encryption"? Why do so after standardizing the AES? I don't have the slightest clue.
> 
> 
> /Léo
> 
> _______________________________________________
> Cfrg mailing list
> Cfrg@irtf.org
> https://www.irtf.org/mailman/listinfo/cfrg