Re: [Crypto-panel] Request for reviews: "Properties of AEAD Algorithms"
Russ Housley <housley@vigilsec.com> Mon, 12 February 2024 17:39 UTC
Return-Path: <housley@vigilsec.com>
X-Original-To: crypto-panel@ietfa.amsl.com
Delivered-To: crypto-panel@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C5497C15155B for <crypto-panel@ietfa.amsl.com>; Mon, 12 Feb 2024 09:39:14 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.908
X-Spam-Level:
X-Spam-Status: No, score=-6.908 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DxtXxIkZXWOj for <crypto-panel@ietfa.amsl.com>; Mon, 12 Feb 2024 09:39:11 -0800 (PST)
Received: from mail3.g24.pair.com (mail3.g24.pair.com [66.39.134.11]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1C8C4C1516E0 for <crypto-panel@irtf.org>; Mon, 12 Feb 2024 09:39:11 -0800 (PST)
Received: from mail3.g24.pair.com (localhost [127.0.0.1]) by mail3.g24.pair.com (Postfix) with ESMTP id 1A58C161DD4; Mon, 12 Feb 2024 12:39:10 -0500 (EST)
Received: from smtpclient.apple (unknown [96.241.2.243]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail3.g24.pair.com (Postfix) with ESMTPSA id 049401618FC; Mon, 12 Feb 2024 12:39:10 -0500 (EST)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3731.700.6\))
From: Russ Housley <housley@vigilsec.com>
In-Reply-To: <CAMr0u6mOoejinRPq83-Tz-2BF+Bd_hS9S15TBR1138H_pqhVTQ@mail.gmail.com>
Date: Mon, 12 Feb 2024 12:38:59 -0500
Cc: crypto-panel@irtf.org
Content-Transfer-Encoding: 7bit
Message-Id: <BC127F18-488D-4BF5-B077-B7A5AFAA82E4@vigilsec.com>
References: <CAMr0u6mOoejinRPq83-Tz-2BF+Bd_hS9S15TBR1138H_pqhVTQ@mail.gmail.com>
To: cfrg-chairs@ietf.org
X-Mailer: Apple Mail (2.3731.700.6)
X-Scanned-By: mailmunge 3.11 on 66.39.134.11
Archived-At: <https://mailarchive.ietf.org/arch/msg/crypto-panel/aNQc4kc0DFlSPy_ohUttM4QEVXc>
Subject: Re: [Crypto-panel] Request for reviews: "Properties of AEAD Algorithms"
X-BeenThere: crypto-panel@irtf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Crypto Review Panel review coordination <crypto-panel.irtf.org>
List-Unsubscribe: <https://mailman.irtf.org/mailman/options/crypto-panel>, <mailto:crypto-panel-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/crypto-panel/>
List-Post: <mailto:crypto-panel@irtf.org>
List-Help: <mailto:crypto-panel-request@irtf.org?subject=help>
List-Subscribe: <https://mailman.irtf.org/mailman/listinfo/crypto-panel>, <mailto:crypto-panel-request@irtf.org?subject=subscribe>
X-List-Received-Date: Mon, 12 Feb 2024 17:39:14 -0000
Document: draft-irtf-cfrg-aead-properties-03 Reviewer: Russ Housley Review Date: 2024-02-12 The CFRG Chairs asked the Crypto Panel to review this document. I am providing one review. There may be others. Summary: This document gives high-level definitions of AEAD algorithm properties. Major Concerns: Section 4.3.5: [RFC5116] is not an appropriate reference for AES-GCM. Please consider: Dworkin, M., "NIST Special Publication 800-38D: Recommendation for Block Cipher Modes of Operation: Galois/Counter Mode (GCM) and GMAC," U.S. National Institute of Standards and Technology. http://csrc.nist.gov/publications/nistpubs/800-38D/SP-800-38D.pdf Section 4.4.9: This subsection seems very different than the others. There is not an example AEAD that offers this property. If you really want to keep this subsection, please provide more discussion about The usefulness of a Zero-Knowledge proofs in an AEAD algorithm. Minor Concerns: Section 1.1: Please spell out "MAC" the first time it is used. Section 1.2: RFC 2119 is referenced in Section 3, but the terms are used before they are introduced. Section 4.4.1: I do not understand the need for "MAY". Please use "may". Nits: Abstract: s/ in the field/ in the terminology used by researchers/ Section 1: s/is an extension of authenticated encryption, which// Section 1.1: s/Most AEAD algorithms usually/Most AEAD algorithms/ Section 1.2: s/In the following document/In this document/ Section 1.2: s/ document's objective/ objective of this document/
- [Crypto-panel] Request for reviews: "Properties o… Stanislav V. Smyshlyaev
- Re: [Crypto-panel] Request for reviews: "Properti… Russ Housley
- Re: [Crypto-panel] Request for reviews: "Properti… Stanislav V. Smyshlyaev
- Re: [Crypto-panel] Request for reviews: "Properti… Russ Housley
- Re: [Crypto-panel] Request for reviews: "Properti… Stanislav V. Smyshlyaev