[IPsec] Fwd: New Version Notification for draft-nir-ipsecme-chacha20-poly1305-02.txt

Yoav Nir <ynir.ietf@gmail.com> Mon, 31 March 2014 07:12 UTC

Return-Path: <ynir.ietf@gmail.com>
X-Original-To: ipsec@ietfa.amsl.com
Delivered-To: ipsec@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com []) by ietfa.amsl.com (Postfix) with ESMTP id E76991A096E for <ipsec@ietfa.amsl.com>; Mon, 31 Mar 2014 00:12:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id WWB04i0vLDGh for <ipsec@ietfa.amsl.com>; Mon, 31 Mar 2014 00:12:55 -0700 (PDT)
Received: from mail-wi0-x22e.google.com (mail-wi0-x22e.google.com [IPv6:2a00:1450:400c:c05::22e]) by ietfa.amsl.com (Postfix) with ESMTP id B46C11A0966 for <ipsec@ietf.org>; Mon, 31 Mar 2014 00:12:54 -0700 (PDT)
Received: by mail-wi0-f174.google.com with SMTP id d1so2728836wiv.7 for <ipsec@ietf.org>; Mon, 31 Mar 2014 00:12:51 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=from:content-type:subject:date:references:to:message-id :mime-version; bh=d74jOLGcSmCyC6x5olaruo6yIpoNzrBg/BN2hf12X34=; b=OcSkV95kOgOE6gDJTr/VNqPWkUO4mhiqLuVKoX/GOmPAdZdW3/39ImdfsS0X82zheO OqQ6kJX5uoFBYts0JhrJcWQxPVi0/3uxHifJMzYNHR8hgn5Gr1ZZ9BA7OdV/a7NkktNO wLgKLyJCx4HxYBdWj6EeIzSzYMkgrKGA4A98Nj/Ol49wHkznhAernspGSzGVH319Sxgc woXeiqoz0aIMlj54QH0TXHwoVINFWyyqpknZH47jKUydHVgeIf/EUrfmJorCkDaQQR15 USlptomd/l6qqJxbuBBvwSTmqkCYs9DMrWmrMi0xb+YgrKJyqljV2pHOgPts35WwPO82 1INw==
X-Received: by with SMTP id gn10mr12214952wjc.9.1396249971164; Mon, 31 Mar 2014 00:12:51 -0700 (PDT)
Received: from [] (dyn32-131.checkpoint.com. []) by mx.google.com with ESMTPSA id s46sm31014509ees.3.2014. for <ipsec@ietf.org> (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Mon, 31 Mar 2014 00:12:50 -0700 (PDT)
From: Yoav Nir <ynir.ietf@gmail.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_0F69D92B-77EB-4A83-9318-CD124D787A10"
Date: Mon, 31 Mar 2014 10:12:45 +0300
References: <20140331064443.17420.20177.idtracker@ietfa.amsl.com>
To: ipsec <ipsec@ietf.org>
Message-Id: <AD4EAEE1-5B47-4D7B-8E87-D4906F0AD8D6@gmail.com>
Mime-Version: 1.0 (Mac OS X Mail 7.2 \(1874\))
X-Mailer: Apple Mail (2.1874)
Archived-At: http://mailarchive.ietf.org/arch/msg/ipsec/aRCCbmy_FehVnIkVwk13-LhNn2M
Subject: [IPsec] Fwd: New Version Notification for draft-nir-ipsecme-chacha20-poly1305-02.txt
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipsec/>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 31 Mar 2014 07:12:57 -0000


I’ve posted a new version of the ChaCha20-Poly1305 draft.  I have removed the stand-alone version of both algorithms, leaving only the combined mode.  Reasoning:
 - The authenticator is not really needed, as we have HMAC-SHA1, HMAC-SHA2-*, AES-XCBC, GHASH. So we’re not short on choices for an algorithm to complement AES-CBC.
 - Stand-alone ChaCha is fast, but would require an authenticator anyway, and the mailing list did not show enthusiasm for ChaCha20 + HMAC-SHA1
 - The working group (everyone who commented except Yaron) wanted to only have the AEAD.
 - This makes the document only 7 pages long, with only three pages containing the actual protocol.

Comments are, of course, welcome, and I’d like to repeat my questions from the London meeting:
 - Should this be a WG item.
 - Should we apply for early identifier assignment
 - Should this be extended for IKE (current draft covers only ESP)


Begin forwarded message:

> From: internet-drafts@ietf.org
> Subject: New Version Notification for draft-nir-ipsecme-chacha20-poly1305-02.txt
> Date: March 31, 2014 at 9:44:43 AM GMT+3
> To: Yoav Nir <ynir.ietf@gmail.com>om>, "Yoav Nir" <ynir.ietf@gmail.com>
> A new version of I-D, draft-nir-ipsecme-chacha20-poly1305-02.txt
> has been successfully submitted by Yoav Nir and posted to the
> IETF repository.
> Name:		draft-nir-ipsecme-chacha20-poly1305
> Revision:	02
> Title:		ChaCha20 and Poly1305 and their use in IPsec
> Document date:	2014-03-31
> Group:		Individual Submission
> Pages:		7
> URL:            http://www.ietf.org/internet-drafts/draft-nir-ipsecme-chacha20-poly1305-02.txt
> Status:         https://datatracker.ietf.org/doc/draft-nir-ipsecme-chacha20-poly1305/
> Htmlized:       http://tools.ietf.org/html/draft-nir-ipsecme-chacha20-poly1305-02
> Diff:           http://www.ietf.org/rfcdiff?url2=draft-nir-ipsecme-chacha20-poly1305-02
> Abstract:
>   This document describes the use of the ChaCha20 stream cipher along
>   with the Poly1305 authenticator, combined into an AEAD algorithm for
>   IPsec.
> Please note that it may take a couple of minutes from the time of submission
> until the htmlized version and diff are available at tools.ietf.org.
> The IETF Secretariat