IETF Logo Mail Archive

Re: [core] Chairs' review of draft-ietf-core-stateless-03.txt

Carsten Bormann <cabo@tzi.org> Sat, 02 November 2019 20:12 UTC

Return-Path: <cabo@tzi.org>
X-Original-To: core@ietfa.amsl.com
Delivered-To: core@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A1496120289 for <core@ietfa.amsl.com>; Sat, 2 Nov 2019 13:12:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.199
X-Spam-Level:
X-Spam-Status: No, score=-4.199 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WueEArblkZny for <core@ietfa.amsl.com>; Sat, 2 Nov 2019 13:12:36 -0700 (PDT)
Received: from gabriel-vm-2.zfn.uni-bremen.de (gabriel-vm-2.zfn.uni-bremen.de [134.102.50.17]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1EEA312021C for <core@ietf.org>; Sat, 2 Nov 2019 13:12:36 -0700 (PDT)
Received: from [192.168.217.102] (p548DC893.dip0.t-ipconnect.de [84.141.200.147]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by gabriel-vm-2.zfn.uni-bremen.de (Postfix) with ESMTPSA id 4759GB32LwzyhP; Sat, 2 Nov 2019 21:12:34 +0100 (CET)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 11.5 \(3445.9.1\))
From: Carsten Bormann <cabo@tzi.org>
In-Reply-To: <913.1572725390@localhost>
Date: Sat, 02 Nov 2019 21:12:33 +0100
Cc: Thomas Fossati <Thomas.Fossati@arm.com>, Core WG mailing list <core@ietf.org>
X-Mao-Original-Outgoing-Id: 594418351.383221-7d7008be94fdffff47ad9308eef3fc1f
Content-Transfer-Encoding: quoted-printable
Message-Id: <1185AA69-06DD-47D5-9310-10CA4001CE83@tzi.org>
References: <157237477119.11043.4363082013315464920@ietfa.amsl.com> <F964F5EF-96F7-49EC-BECB-0604B16F31FF@tzi.org> <27A826D9-5F28-4044-BE61-E7CD1C05EA90@arm.com> <913.1572725390@localhost>
To: Michael Richardson <mcr@sandelman.ca>
X-Mailer: Apple Mail (2.3445.9.1)
Archived-At: <https://mailarchive.ietf.org/arch/msg/core/Tp8-F2i2T75931dCVwuYXzqCrxs>
Subject: Re: [core] Chairs' review of draft-ietf-core-stateless-03.txt
X-BeenThere: core@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Constrained RESTful Environments \(CoRE\) Working Group list" <core.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/core>, <mailto:core-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/core/>
List-Post: <mailto:core@ietf.org>
List-Help: <mailto:core-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/core>, <mailto:core-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 02 Nov 2019 20:12:39 -0000

On Nov 2, 2019, at 21:09, Michael Richardson <mcr@sandelman.ca> wrote:
> 
> Thomas Fossati <Thomas.Fossati@arm.com> wrote:
>> Quibbles aside, the document recommends CCM -- over other AEAD
>> constructions -- and does so consciously, I think, to provide the best
>> trade-off between overall security, wire efficiency and processing cost.
> 
> … because CCM is most likely to be available accelerated in small devices?

It is used both in 802.15.4 and WiFi, so you are likely to have some support.
Whether that is easily accessible from the application layer is another question.
It is slightly more robust against nonce reuse than, say, GCM (reuse only jeopardizes the confidentiality of the two data items encrypted with the same nonce, instead of essentially giving away your hash key as with GCM).
It also has been out for a while, so implementations tend to be mature.

Grüße, Carsten

v2.23.0 | Report a Bug | By Email