Re: [jose] 192 bit AES keys

"Matt Miller (mamille2)" <mamille2@cisco.com> Thu, 18 July 2013 21:24 UTC

Return-Path: <mamille2@cisco.com>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5A9BD11E8216 for <jose@ietfa.amsl.com>; Thu, 18 Jul 2013 14:24:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.599
X-Spam-Level:
X-Spam-Status: No, score=-10.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id o7uPr2z256X6 for <jose@ietfa.amsl.com>; Thu, 18 Jul 2013 14:24:15 -0700 (PDT)
Received: from rcdn-iport-7.cisco.com (rcdn-iport-7.cisco.com [173.37.86.78]) by ietfa.amsl.com (Postfix) with ESMTP id A878D11E8209 for <jose@ietf.org>; Thu, 18 Jul 2013 14:24:15 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=7159; q=dns/txt; s=iport; t=1374182655; x=1375392255; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=mjSb3M+jx/aaHM20ZCnjakUtluRohl//V4iU2LkGGRk=; b=Gjmhv7tQCWtRP/BDkrDglKck4CR/ojNyHa2Dt4xckQCjsk6w/FvlUYgd dGKU78Uu2LWfKBy1Nn5iQkhYhfX5SnqLdXNmOCc9y78VqeVNS5pLFR/RH JJEGGtcpXNxuRrA3qioLkhsVMbiTCZo/FGU9/KuEeFZdiSNYwBCwyQOxC 0=;
X-Files: smime.p7s : 4136
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AhAFAFhc6FGtJV2Y/2dsb2JhbABagwaBBcBGgRMWdIIkAQEBAQIBeQULAgEIDhQkAjAlAQEEDgUIBod8BrYUj14xBwSDCm4DkBCBLZdtgxKCKg
X-IronPort-AV: E=Sophos; i="4.89,696,1367971200"; d="p7s'?scan'208"; a="236650553"
Received: from rcdn-core-1.cisco.com ([173.37.93.152]) by rcdn-iport-7.cisco.com with ESMTP; 18 Jul 2013 21:24:14 +0000
Received: from xhc-aln-x08.cisco.com (xhc-aln-x08.cisco.com [173.36.12.82]) by rcdn-core-1.cisco.com (8.14.5/8.14.5) with ESMTP id r6ILOEGi008124 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Thu, 18 Jul 2013 21:24:14 GMT
Received: from xmb-aln-x11.cisco.com ([169.254.6.51]) by xhc-aln-x08.cisco.com ([173.36.12.82]) with mapi id 14.02.0318.004; Thu, 18 Jul 2013 16:24:13 -0500
From: "Matt Miller (mamille2)" <mamille2@cisco.com>
To: Mike Jones <Michael.Jones@microsoft.com>
Thread-Topic: [jose] 192 bit AES keys
Thread-Index: Ac6D/C12cBeywWJlQkC7ZUVSucIBIQAKuGCA
Date: Thu, 18 Jul 2013 21:24:13 +0000
Message-ID: <BF7E36B9C495A6468E8EC573603ED941152C51A6@xmb-aln-x11.cisco.com>
References: <4E1F6AAD24975D4BA5B16804296739436B6EC698@TK5EX14MBXC284.redmond.corp.microsoft.com>
In-Reply-To: <4E1F6AAD24975D4BA5B16804296739436B6EC698@TK5EX14MBXC284.redmond.corp.microsoft.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-originating-ip: [10.129.24.90]
Content-Type: multipart/signed; boundary="Apple-Mail=_BCE9C2AC-9E95-4552-92FB-DF9FE35695F7"; protocol="application/pkcs7-signature"; micalg=sha1
MIME-Version: 1.0
Cc: "jose@ietf.org" <jose@ietf.org>
Subject: Re: [jose] 192 bit AES keys
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 18 Jul 2013 21:24:21 -0000

On Jul 18, 2013, at 3:17 PM, Mike Jones <Michael.Jones@microsoft.com>
 wrote:

> Richard had previously requested that we register algorithm identifiers for AES using 192 bit keys.  As he previously pointed out, "It seems like if we're going to support AES, then we should support AES.  Every AES library I know of supports all three key lengths, so it's not like there's extra cost besides the registry entry."  (I'll note that we already have algorithm identifiers for the "mid-size" HMAC and signature functions "HS384", "RS384", and "ES384".)
> 
> I heard no objections at the time.  I'm therefore thinking that we should register algorithm identifiers for these key sizes as well.  Specifically, we would add:
> "A192KW", "ECDH-ES+A192KW", "A192GCMKW", "PBES2-HS256+A192KW", "A192CBC-HS384", and "A192GCM".  Support for these algorithms would be optional.
> 
> What do people think?
> 
>                                                            -- Mike


+1


- m&m

Matt Miller < mamille2@cisco.com >
Cisco Systems, Inc.