[IPsec] XCBC MAC / PRF with Camellia proposal necessary?
Alfred Hönes <ah@TR-Sys.de> Mon, 19 October 2009 10:40 UTC
Return-Path: <A.Hoenes@TR-Sys.de>
X-Original-To: ipsec@core3.amsl.com
Delivered-To: ipsec@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id A5BE828C144 for <ipsec@core3.amsl.com>; Mon, 19 Oct 2009 03:40:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 3.425
X-Spam-Level: ***
X-Spam-Status: No, score=3.425 tagged_above=-999 required=5 tests=[AWL=-0.240, BAYES_40=-0.185, CHARSET_FARAWAY_HEADER=3.2, HELO_EQ_DE=0.35, MIME_8BIT_HEADER=0.3]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Q5M8G4FirvLN for <ipsec@core3.amsl.com>; Mon, 19 Oct 2009 03:40:34 -0700 (PDT)
Received: from TR-Sys.de (gateway.tr-sys.de [213.178.172.147]) by core3.amsl.com (Postfix) with ESMTP id 157D03A67A3 for <ipsec@ietf.org>; Mon, 19 Oct 2009 03:40:32 -0700 (PDT)
Received: from ZEUS.TR-Sys.de by w. with ESMTP ($Revision: 1.37.109.26 $/16.3.2) id AA259018780; Mon, 19 Oct 2009 12:39:40 +0200
Received: (from ah@localhost) by z.TR-Sys.de (8.9.3 (PHNE_25183)/8.7.3) id MAA07023; Mon, 19 Oct 2009 12:39:39 +0200 (MESZ)
From: Alfred Hönes <ah@TR-Sys.de>
Message-Id: <200910191039.MAA07023@TR-Sys.de>
To: ipsec@ietf.org
Date: Mon, 19 Oct 2009 12:39:39 +0200
X-Mailer: ELM [$Revision: 1.17.214.3 $]
Mime-Version: 1.0
Content-Type: text/plain; charset="hp-roman8"
Content-Transfer-Encoding: quoted-printable
Cc: draft-kanno-ipsecme-camellia-xcbc@cabernet.tools.IETF.ORG
Subject: [IPsec] XCBC MAC / PRF with Camellia proposal necessary?
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipsec>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 19 Oct 2009 10:40:34 -0000
I have performed a detailed editorial review of
draft-kanno-ipsecme-camellia-xcbc-01
and sent it off-list to the authors.
However, there seems to be a more fundamental strategic question:
Per the standardization of CMAC in NIST SP 800-38B,
the original XCBC enhancement to CBC-MAC seems to be
less interesting from a standardization point of view.
(CMAC is a improved refinement of XCBC-MAC, originally
published as OMAC / OMAC1 -- see the explanation in the
Introduction of NIST SP 800-38B.)
For AES as the underlying block cipher, use of CMAC with IPsec
and IKE already has been specified (in RFCs 4494 and 4615,
respectively), and the promoters of Camellia have a similar
draft as well (draft-kato-ipsec-camellia-cmac96and128).
For interoperability purposes, it is important to not let
the IPsec/IKE algorithm portfolio grow unnecessarily.
So I suggest to consider in general whether:
a) XCBC should be used in new specifications, and/or
b) the existing XCBC specifications for IPsec might
be demoted or even deprecated, and/or
c) CMAC use should be promoted in its support requirement level.
All related RFCs appear in draft-ietf-ipsecme-roadmap, which
thus might be affected by the outcome of any new recommendations.
Kind regards,
Alfred Hönes.
--
+------------------------+--------------------------------------------+
| TR-Sys Alfred Hoenes | Alfred Hoenes Dipl.-Math., Dipl.-Phys. |
| Gerlinger Strasse 12 | Phone: (+49)7156/9635-0, Fax: -18 |
| D-71254 Ditzingen | E-Mail: ah@TR-Sys.de |
+------------------------+--------------------------------------------+
- [IPsec] XCBC MAC / PRF with Camellia proposal nec… Alfred Hönes