Re: [Emu] EAP-GPSK: Ciphersuites
Hannes Tschofenig <Hannes.Tschofenig@gmx.net> Tue, 22 August 2006 09:26 UTC
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1GFSWu-0000Y9-HS; Tue, 22 Aug 2006 05:26:40 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GFSWt-0000Y3-Bq for emu@ietf.org; Tue, 22 Aug 2006 05:26:39 -0400
Received: from mail.gmx.net ([213.165.64.20]) by ietf-mx.ietf.org with smtp (Exim 4.43) id 1GFSWr-0005jG-Ul for emu@ietf.org; Tue, 22 Aug 2006 05:26:39 -0400
Received: (qmail invoked by alias); 22 Aug 2006 09:19:57 -0000
Received: from socks1.netz.sbs.de (EHLO [192.35.17.26]) [192.35.17.26] by mail.gmx.net (mp031) with SMTP; 22 Aug 2006 11:19:57 +0200
X-Authenticated: #29516787
Message-ID: <44EACC41.1000506@gmx.net>
Date: Tue, 22 Aug 2006 11:20:01 +0200
From: Hannes Tschofenig <Hannes.Tschofenig@gmx.net>
User-Agent: Thunderbird 1.5.0.5 (Windows/20060719)
MIME-Version: 1.0
To: "M. Vanderveen" <mvandervn@yahoo.com>
Subject: Re: [Emu] EAP-GPSK: Ciphersuites
References: <20060821160616.29426.qmail@web54408.mail.yahoo.com>
In-Reply-To: <20060821160616.29426.qmail@web54408.mail.yahoo.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Y-GMX-Trusted: 0
X-Spam-Score: 0.0 (/)
X-Scan-Signature: bdc523f9a54890b8a30dd6fd53d5d024
Cc: emu@ietf.org
X-BeenThere: emu@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "EAP Methods Update \(EMU\)" <emu.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/emu>, <mailto:emu-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/emu>
List-Post: <mailto:emu@ietf.org>
List-Help: <mailto:emu-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/emu>, <mailto:emu-request@ietf.org?subject=subscribe>
Errors-To: emu-bounces@ietf.org
Hi
let us for a moment assume that RFC 4307 makes some reasonable algorithm
choices (we are talking about IKEv2 here). If we take the text and apply
it to EAP-GPSK then we would produce something like:
Conservative Choice:
-----------------------
(Integrity)
AUTH_HMAC_SHA1_96 2 [RFC2404] MUST
(Encryption)
ENCR_3DES 3 [RFC2451] MUST-
(Key Derivation)
PRF_HMAC_SHA1 2 [RFC2104] MUST
(Note that there is no MUST for encryption algorithms specified in RFC
4307.)
Choice for the Future:
-----------------------
(Encryption)
ENCR_AES_CBC 12 [AES-CBC] SHOULD+
(Integrity)
AUTH_AES_XCBC_96 5 [AES-MAC] SHOULD+
(Key Derivation)
PRF_AES128_CBC 4 [AESPRF] SHOULD+
Does this sound like a terrible bad idea?
Ciao
Hannes
M. Vanderveen schrieb:
> Both are pretty popular. Why not list them both? As for which one to be
> mandatory to implement, someone should to a search through other systems
> (e.g. IEEE, IPSec) and see which one is most popular.
>
> */Hannes Tschofenig <Hannes.Tschofenig@gmx.net>/* wrote:
>
> Hi all,
>
> the current version of the document
> http://tools.ietf.org/wg/emu/draft-clancy-emu-eap-shared-secret-01.txt
> still supports AES-EAX:
>
> +-----------+----+-------------+---------------+--------------------+
> | CSuite/ | KS | Encryption | Integrity | Key Derivation |
> | Specifier | | | | Function |
> +-----------+----+-------------+---------------+--------------------+
> | 0x000001 | 16 | AES-EAX-128 | AES-CMAC-128 | GKDF-128 |
> +-----------+----+-------------+---------------+--------------------+
>
> At the IETF#66 EMU meeting AES CCM was suggested.
>
> Later, it got the impression that AES-CBC was more appreciated. Should
> we update the draft with AES-CBC?
>
> Ciao
> Hannes
>
>
> _______________________________________________
> Emu mailing list
> Emu@ietf.org
> https://www1.ietf.org/mailman/listinfo/emu
>
>
> ------------------------------------------------------------------------
> Do you Yahoo!?
> Get on board. You're invited
> <http://us.rd.yahoo.com/evt=40791/*http://advision.webevents.yahoo.com/handraisers>
> to try the new Yahoo! Mail Beta.
_______________________________________________
Emu mailing list
Emu@ietf.org
https://www1.ietf.org/mailman/listinfo/emu
- [Emu] EAP-GPSK: Ciphersuites Hannes Tschofenig
- Re: [Emu] EAP-GPSK: Ciphersuites Lakshminath Dondeti
- Re: [Emu] EAP-GPSK: Ciphersuites M. Vanderveen
- Re: [Emu] EAP-GPSK: Ciphersuites Hannes Tschofenig
- Re: [Emu] EAP-GPSK: Ciphersuites Hannes Tschofenig
- Re: [Emu] EAP-GPSK: Ciphersuites Lakshminath Dondeti
- Re: [Emu] EAP-GPSK: Ciphersuites Charles Clancy
- AW: [Emu] EAP-GPSK: Ciphersuites Tschofenig, Hannes
- Re: [Emu] EAP-GPSK: Ciphersuites Bernard Aboba
- RE: [Emu] EAP-GPSK: Ciphersuites Ray Bell
- Re: [Emu] EAP-GPSK: Ciphersuites Hannes Tschofenig
- [Emu] RFC 2716bis update Bernard Aboba
- RE: [Emu] EAP-GPSK: Ciphersuites Joseph Salowey (jsalowey)
- Re: [Emu] EAP-GPSK: Ciphersuites David McGrew
- RE: [Emu] EAP-GPSK: Ciphersuites Joseph Salowey (jsalowey)
- Re: [Emu] EAP-GPSK: Ciphersuites Hannes Tschofenig
- Re: [Emu] EAP-GPSK: Ciphersuites Hannes Tschofenig
- RE: [Emu] EAP-GPSK: Ciphersuites Joseph Salowey (jsalowey)
- RE: [Emu] EAP-GPSK: Ciphersuites Joseph Salowey (jsalowey)
- Re: [Emu] EAP-GPSK: Ciphersuites Hannes Tschofenig
- Re: [Emu] EAP-GPSK: Ciphersuites David McGrew
- Re: [Emu] EAP-GPSK: Ciphersuites David McGrew
- Re: [Emu] EAP-GPSK: Ciphersuites Hannes Tschofenig
- RE: [Emu] EAP-GPSK: Ciphersuites Joseph Salowey (jsalowey)
- Re: [Emu] EAP-GPSK: Ciphersuites Charles Clancy
- RE: [Emu] EAP-GPSK: Ciphersuites Lakshminath Dondeti
- RE: [Emu] EAP-GPSK: Ciphersuites Joseph Salowey (jsalowey)
- Re: [Emu] EAP-GPSK: Ciphersuites David McGrew