Re: [IPsec] review of draft-ietf-ipsecme-aes-ctr-ikev2-02
"Paul Koning" <Paul_Koning@Dell.com> Thu, 22 October 2009 01:33 UTC
Return-Path: <Paul_Koning@Dell.com>
X-Original-To: ipsec@core3.amsl.com
Delivered-To: ipsec@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 993CF3A68DA for <ipsec@core3.amsl.com>; Wed, 21 Oct 2009 18:33:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -106.598
X-Spam-Level:
X-Spam-Status: No, score=-106.598 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BngkA7ehWG7j for <ipsec@core3.amsl.com>; Wed, 21 Oct 2009 18:33:54 -0700 (PDT)
Received: from aussmtpmrkps320.us.dell.com (aussmtpmrkps320.us.dell.com [143.166.224.254]) by core3.amsl.com (Postfix) with ESMTP id 041483A6876 for <ipsec@ietf.org>; Wed, 21 Oct 2009 18:33:53 -0700 (PDT)
X-Loopcount0: from 12.110.134.31
X-IronPort-AV: E=Sophos; i="4.44,601,1249275600"; d="scan'208,217"; a="417624964"
Received: from unknown (HELO M31.equallogic.com) ([12.110.134.31]) by aussmtpmrkps320.us.dell.com with SMTP; 21 Oct 2009 20:34:02 -0500
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----_=_NextPart_001_01CA52B7.BB0FB8D8"
Date: Wed, 21 Oct 2009 21:33:59 -0400
Message-ID: <D8CEBB6AE9D43848BD2220619A43F3263EB4E3@M31.equallogic.com>
In-Reply-To: <80b5a9190910211822j407a58fbo6872025d4f488bc2@mail.gmail.com>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: [IPsec] review of draft-ietf-ipsecme-aes-ctr-ikev2-02
thread-index: AcpStigGY2GCvqRsQTCvqaVKCK7vUgAAO4OQ
References: <200910131509.RAA22549@TR-Sys.de><80b5a9190910190108t46e6c862s9f8c48895e5b3851@mail.gmail.com><19165.32194.275245.431639@fireball.kivinen.iki.fi> <80b5a9190910211822j407a58fbo6872025d4f488bc2@mail.gmail.com>
From: Paul Koning <Paul_Koning@Dell.com>
To: Shen Sean <sean.s.shen@gmail.com>, Tero Kivinen <kivinen@iki.fi>
Cc: ipsec@ietf.org, Alfred HÎnes <ah@tr-sys.de>, draft-ietf-ipsecme-aes-ctr-ikev2@tools.ietf.org
Subject: Re: [IPsec] review of draft-ietf-ipsecme-aes-ctr-ikev2-02
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipsec>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 22 Oct 2009 01:33:58 -0000
AES is an algorithm with one parameter: the key length. Based on that parameter various things change inside the algorithm. It so happens that AES has rounds, and the number of rounds is a function of the key length. But as Tero says, that's irrelevant to users of AES. Any mention of rounds and other internal stuff belongs in exactly one place, the AES specification. It does NOT belong in any specs that are merely users of AES - such as the AES-CTR spec. It isn't a characteristic of aes-ctr.
Are you saying that people were arguing otherwise, that rounds need to be mentioned in the aes-ctr spec? I strongly disagree; I can't imagine any reason why that would be a good idea.
paul
From: ipsec-bounces@ietf.org [mailto:ipsec-bounces@ietf.org] On Behalf Of Shen Sean
Sent: Wednesday, October 21, 2009 9:23 PM
To: Tero Kivinen
Cc: ipsec@ietf.org; Alfred HÎnes; draft-ietf-ipsecme-aes-ctr-ikev2@tools.ietf.org
Subject: Re: [IPsec] review of draft-ietf-ipsecme-aes-ctr-ikev2-02
...
[Sean] I have no doubt that most users or vendors won't bother to choose or change what's already in crypto lib. But, a standard related document is responsible to clearly state what are necessary for a product, in this case, the basic characteristics of AES-CTR, even though some of these seems obvious. I remmeber the very early version of this document does not include rounds stuff, but eventually we added it based on reviewers' comments and requests.
- Re: [IPsec] review of draft-ietf-ipsecme-aes-ctr-… Sean Shen
- Re: [IPsec] review of draft-ietf-ipsecme-aes-ctr-… Shen Sean
- Re: [IPsec] review of draft-ietf-ipsecme-aes-ctr-… Tero Kivinen
- Re: [IPsec] review of draft-ietf-ipsecme-aes-ctr-… Shen Sean
- Re: [IPsec] review of draft-ietf-ipsecme-aes-ctr-… Paul Koning
- Re: [IPsec] review of draft-ietf-ipsecme-aes-ctr-… Tero Kivinen
- Re: [IPsec] review of draft-ietf-ipsecme-aes-ctr-… Sean Shen
- Re: [IPsec] review of draft-ietf-ipsecme-aes-ctr-… Alfred Hönes
- Re: [IPsec] review of draft-ietf-ipsecme-aes-ctr-… Sean Shen
- Re: [IPsec] review of draft-ietf-ipsecme-aes-ctr-… Alfred Hönes
- Re: [IPsec] review of draft-ietf-ipsecme-aes-ctr-… Alfred Hönes