Re: Last Call: draft-ietf-tcpm-tcp-ao-crypto ...
Alfred Hönes <ah@TR-Sys.de> Wed, 24 February 2010 21:01 UTC
Return-Path: <A.Hoenes@TR-Sys.de>
X-Original-To: ietf@core3.amsl.com
Delivered-To: ietf@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id B381528C18B for <ietf@core3.amsl.com>; Wed, 24 Feb 2010 13:01:10 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 1.391
X-Spam-Level: *
X-Spam-Status: No, score=1.391 tagged_above=-999 required=5 tests=[AWL=0.140, BAYES_00=-2.599, CHARSET_FARAWAY_HEADER=3.2, HELO_EQ_DE=0.35, MIME_8BIT_HEADER=0.3]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xV10KlX8Kbo0 for <ietf@core3.amsl.com>; Wed, 24 Feb 2010 13:01:09 -0800 (PST)
Received: from TR-Sys.de (gateway.tr-sys.de [213.178.172.147]) by core3.amsl.com (Postfix) with ESMTP id C974B28C1A2 for <ietf@ietf.org>; Wed, 24 Feb 2010 13:01:08 -0800 (PST)
Received: from ZEUS.TR-Sys.de by w. with ESMTP ($Revision: 1.37.109.26 $/16.3.2) id AA181335361; Wed, 24 Feb 2010 22:02:41 +0100
Received: (from ah@localhost) by z.TR-Sys.de (8.9.3 (PHNE_25183)/8.7.3) id WAA04538; Wed, 24 Feb 2010 22:02:40 +0100 (MEZ)
From: Alfred Hönes <ah@TR-Sys.de>
Message-Id: <201002242102.WAA04538@TR-Sys.de>
Subject: Re: Last Call: draft-ietf-tcpm-tcp-ao-crypto ...
To: ietf@ietf.org, draft-ietf-tcpm-tcp-ao-crypto@tools.IETF.ORG
Date: Wed, 24 Feb 2010 22:02:39 +0100
X-Mailer: ELM [$Revision: 1.17.214.3 $]
Mime-Version: 1.0
Content-Type: text/plain; charset="hp-roman8"
Content-Transfer-Encoding: quoted-printable
X-Mailman-Approved-At: Thu, 25 Feb 2010 08:17:07 -0800
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 24 Feb 2010 21:01:10 -0000
Hello, draft-ietf-tcpm-tcp-ao-crypto-02 intends to make mandatory-to-implement for TCP-AO two MAC algorithms, HMAC-SHA-1-96 and AES-128-CMAC-96, as well as two related KDFs. IIRC, other WG(s) have been advised last year by important stakeholders (in particular NIST) to not standardize new use cases (e.g. in IPsec) of the CMAC / CCM Modes of Operation for a block cipher primitive, in favor of the GMAC / GCM Modes of Operation, because of the significant performance benefits of the latter modes. While the draft discusses arguments and properties of the two algorithms selected, it remains silent wrt the non-selection of suitable GMAC modes. TCP-AO seems to be intended for specific use cases with high performance / low cost ratio requirements, and hence particularly suitable for application of the performance argument. Could you please provide arguments to the IETF at large that support the recommendation of the draft in favor of CMAC vs. GMAC ? Or could it be that this decision needs to be revisited? Kind regards, Alfred Hönes. -- +------------------------+--------------------------------------------+ | TR-Sys Alfred Hoenes | Alfred Hoenes Dipl.-Math., Dipl.-Phys. | | Gerlinger Strasse 12 | Phone: (+49)7156/9635-0, Fax: -18 | | D-71254 Ditzingen | E-Mail: ah@TR-Sys.de | +------------------------+--------------------------------------------+
- Re: Last Call: draft-ietf-tcpm-tcp-ao-crypto ... Alfred Hönes
- RE: Last Call: draft-ietf-tcpm-tcp-ao-crypto ... Pasi.Eronen