[Ipsec] CCM: AAD construction
"Bansal, Yogesh" <yogesh.bansal@intel.com> Wed, 06 April 2005 20:51 UTC
Received: from megatron.ietf.org (megatron.ietf.org [132.151.6.71]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id QAA03081 for <ipsec-archive@lists.ietf.org>; Wed, 6 Apr 2005 16:51:00 -0400 (EDT)
Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1DJHPG-0002TI-Ey; Wed, 06 Apr 2005 16:45:46 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1DJHP8-0002T9-Ho for ipsec@megatron.ietf.org; Wed, 06 Apr 2005 16:45:38 -0400
Received: from ietf-mx.ietf.org (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id QAA02612 for <ipsec@ietf.org>; Wed, 6 Apr 2005 16:45:35 -0400 (EDT)
Received: from fmr13.intel.com ([192.55.52.67] helo=fmsfmr001.fm.intel.com) by ietf-mx.ietf.org with esmtp (Exim 4.33) id 1DJHXX-0006LU-A8 for ipsec@ietf.org; Wed, 06 Apr 2005 16:54:20 -0400
Received: from fmsfmr100.fm.intel.com (fmsfmr100.fm.intel.com [10.1.192.58]) by fmsfmr001.fm.intel.com (8.12.10/8.12.10/d: major-outer.mc, v 1.1 2004/09/17 17:50:56 root Exp $) with ESMTP id j36KjRxv022899 for <ipsec@ietf.org>; Wed, 6 Apr 2005 20:45:27 GMT
Received: from fmsmsxvs042.fm.intel.com (fmsmsxvs042.fm.intel.com [132.233.42.128]) by fmsfmr100.fm.intel.com (8.12.10/8.12.10/d: major-inner.mc, v 1.2 2004/09/17 18:05:01 root Exp $) with SMTP id j36KjI2o026962 for <ipsec@ietf.org>; Wed, 6 Apr 2005 20:45:27 GMT
Received: from fmsmsx332.amr.corp.intel.com ([132.233.42.148]) by fmsmsxvs042.fm.intel.com (SAVSMTP 3.1.7.47) with SMTP id M2005040613302530271 for <ipsec@ietf.org>; Wed, 06 Apr 2005 13:30:25 -0700
Received: from fmsmsx407.amr.corp.intel.com ([132.233.42.217]) by fmsmsx332.amr.corp.intel.com with Microsoft SMTPSVC(6.0.3790.211); Wed, 6 Apr 2005 13:30:25 -0700
X-MimeOLE: Produced By Microsoft Exchange V6.5.7226.0
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Date: Wed, 06 Apr 2005 13:30:24 -0700
Message-ID: <E4FF889B88DF4A4EBBDDDEF6D5BF7CE40515F615@fmsmsx407.amr.corp.intel.com>
Thread-Topic: CCM: AAD construction
Thread-Index: AcU653YNjZEox9K1QzSLw6pl2tD1FA==
From: "Bansal, Yogesh" <yogesh.bansal@intel.com>
To: ipsec@ietf.org
X-OriginalArrivalTime: 06 Apr 2005 20:30:25.0448 (UTC) FILETIME=[76C62280:01C53AE7]
X-Scanned-By: MIMEDefang 2.44
X-Spam-Score: 0.0 (/)
X-Scan-Signature: f607d15ccc2bc4eaf3ade8ffa8af02a0
Content-Transfer-Encoding: quoted-printable
Cc: "Raghunandan, Makaram" <makaram.raghunandan@intel.com>
Subject: [Ipsec] CCM: AAD construction
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: IP Security <ipsec.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
Sender: ipsec-bounces@ietf.org
Errors-To: ipsec-bounces@ietf.org
Content-Transfer-Encoding: quoted-printable
Group - I have few questions on CCM & it's use in IPSec ESP mode. The questions are related to construction of AAD blocks required for authentication purposes. 1) Construction of AAD blocks in CCM in general RFC 3610 specifies construction of B_0, B_1 blocks The construction of B_0 has been clearly defined. This block is followed by length encoding of "a" followed by "a" itself, as per the following paragraph in the spec: Blocks encoding a are formed by concatenating this string that encodes l(a) with a itself, and splitting the result into 16-octet blocks, and then padding the last block with zeros if necessary. These blocks are appended to the first block B_0. Does this mean the following: B_1 = encoding(l(a)) || a || pad (to the next 16 octet block ) Hence, the AAD block stream then consists of B_0 || B_1 || m_0 || m_1 ... || m_n (padding, if required) [Q] Please confirm whether the interpretation of B_1 construction is correct. 2) Construction of AAD blocks in IPSec ESP mode Does B_1 definition mean the following in IPSec ESP mode AAD_IPSec = SPI || SEQ_Num B_1 = encoding (l (AAD_IPSec)) || AAD_IPsec || pad (to the next 16 octet block) [Q] Please confirm construction of B_1 block in IPSec mode is correct. 3) Computing CBC-MAC in CCM Mode With IPsec ESP CCM spec (RFC 3610) implies that authentication is done on the plain text (and not the cipher text). However, IPSec ESP mode states that encryption is done prior to authentication. Does this order change in the draft-ietf-ipsec-ciph-aes-ccm-05.txt, meaning that authentication is done after CTR-encryption? If so, is the CBC-MAC encrypted again. My interpretation is that the order still remains the same as specified in RFC 3610, i.e. authentication is on plain text and not cipher text. [Q] Please indicate what is the correct order of processing on the outbound side. Thanks for your time. Regards, Yogesh _______________________________________________ Ipsec mailing list Ipsec@ietf.org https://www1.ietf.org/mailman/listinfo/ipsec
- [Ipsec] CCM: AAD construction Bansal, Yogesh
- Re: [Ipsec] CCM: AAD construction Stephen Kent
- Re: [Ipsec] CCM: AAD construction Russ Housley