Re: Fw: [Ipsec] I-D ACTION:draft-kelly-ipsec-ciph-sha2-00.txt
"Steven M. Bellovin" <smb@cs.columbia.edu> Fri, 29 September 2006 20:28 UTC
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1GTOxs-00061z-Vm; Fri, 29 Sep 2006 16:28:08 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GTOxs-00061u-Hf for ipsec@ietf.org; Fri, 29 Sep 2006 16:28:08 -0400
Received: from machshav.com ([147.28.0.16]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GTOxr-0006Gz-69 for ipsec@ietf.org; Fri, 29 Sep 2006 16:28:08 -0400
Received: by machshav.com (Postfix, from userid 512) id 29059FB2BE; Fri, 29 Sep 2006 16:27:52 -0400 (EDT)
Received: from berkshire.machshav.com (localhost [127.0.0.1]) by machshav.com (Postfix) with ESMTP id 1467CFB2AD; Fri, 29 Sep 2006 16:27:51 -0400 (EDT)
Received: by berkshire.machshav.com (Postfix, from userid 54047) id 0010F3C07A0; Fri, 29 Sep 2006 16:27:53 -0400 (EDT)
Date: Fri, 29 Sep 2006 16:27:53 -0400
From: "Steven M. Bellovin" <smb@cs.columbia.edu>
To: "Scott G. Kelly" <scott@hyperthought.com>
Subject: Re: Fw: [Ipsec] I-D ACTION:draft-kelly-ipsec-ciph-sha2-00.txt
Message-Id: <20060929162753.b39eac78.smb@cs.columbia.edu>
In-Reply-To: <13001419.1159549284566.JavaMail.root@elwamui-wigeon.atl.sa.earthlink.net>
References: <13001419.1159549284566.JavaMail.root@elwamui-wigeon.atl.sa.earthlink.net>
Organization: Columbia University
X-Mailer: Sylpheed version 2.2.7 (GTK+ 2.8.20; i386--netbsdelf)
Mime-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"
Content-Transfer-Encoding: 7bit
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 9466e0365fc95844abaf7c3f15a05c7d
Cc: ipsec list <ipsec@ietf.org>, "Scott G. Kelly" <s.kelly@ix.netcom.com>
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: IP Security <ipsec.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
Errors-To: ipsec-bounces@ietf.org
On Fri, 29 Sep 2006 13:01:24 -0400 (EDT), "Scott G. Kelly" <s.kelly@ix.netcom.com> wrote: > Please review and comment on this draft. It's a revamped version of > draft-ietf-ipsec-ciph-sha2-01.txt, resurrected at Russ's request. I found 2.1.1 + 2.1.2 confusing. 2.1.1 says you can't have keys of other than length 256. I might quarrel with that -- I'd definitely have used SHOULD NOT instead of MUST NOT -- but 2.1.2 tells you what to do if your key isn't 256 bits long. I perceive no increase in security from padding a short key with zeros, nor do I understand why it's better to do a SHA-256 reduction on a long key before using it with HMAC rather than simply using the longer key directly. And the notion of a variable key length function where the variable is constrained to exactly one value is a bit strange. You might want to cite RFC 4634 as an Informative reference, since it has code, and 4231 since it also gives definitions and code points for other uses of HMAC-SHA-256. Stepping back a bit, I personally would rather see a single RFC describing how to use a number of different hash functions with HMAC. I could almost use a set of text editor substitution patterns to change this draft from SHA-256 to SHA-384 or SHA-512. The core of such a document would be a table listing acceptable key sizes and truncation sizes for each function considered. An appendix could list test vectors. --Steven M. Bellovin, http://www.cs.columbia.edu/~smb _______________________________________________ Ipsec mailing list Ipsec@ietf.org https://www1.ietf.org/mailman/listinfo/ipsec
- [Ipsec] I-D ACTION:draft-kelly-ipsec-ciph-sha2-00… Internet-Drafts
- Fw: [Ipsec] I-D ACTION:draft-kelly-ipsec-ciph-sha… Scott G. Kelly
- Re: Fw: [Ipsec] I-D ACTION:draft-kelly-ipsec-ciph… Steven M. Bellovin
- Re: Fw: [Ipsec] I-D ACTION:draft-kelly-ipsec-ciph… Scott G. Kelly
- Re: Fw: [Ipsec] I-D ACTION:draft-kelly-ipsec-ciph… Tero Kivinen