Re: [jose] [Cfrg] Authenticated Encryption with AES-CBC and HMAC-SHA, version 01

Mike Jones <> Tue, 20 November 2012 01:48 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 135B321F87E5 for <>; Mon, 19 Nov 2012 17:48:58 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.598
X-Spam-Status: No, score=-2.598 tagged_above=-999 required=5 tests=[AWL=-0.000, BAYES_00=-2.599, HTML_MESSAGE=0.001]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id ZrYBjTfN5fL6 for <>; Mon, 19 Nov 2012 17:48:56 -0800 (PST)
Received: from ( []) by (Postfix) with ESMTP id 1734621F87C1 for <>; Mon, 19 Nov 2012 17:48:55 -0800 (PST)
Received: from ( by ( with Microsoft SMTP Server (TLS) id 15.0.556.9; Tue, 20 Nov 2012 01:48:49 +0000
Received: from ( by ( with Microsoft SMTP Server (TLS) id 15.0.556.9 via Frontend Transport; Tue, 20 Nov 2012 01:48:48 +0000
Received: from ([]) by ([]) with mapi id 14.02.0318.003; Tue, 20 Nov 2012 01:48:43 +0000
From: Mike Jones <>
To: Russ Housley <>
Thread-Topic: [Cfrg] Authenticated Encryption with AES-CBC and HMAC-SHA, version 01
Thread-Index: AQHNxYqe+EdNf2OoW02Ggo3Wp5fiaZfx9t3g
Date: Tue, 20 Nov 2012 01:48:43 +0000
Message-ID: <>
References: <> <> <>
In-Reply-To: <>
Accept-Language: en-US
Content-Language: en-US
x-originating-ip: []
Content-Type: multipart/alternative; boundary="_000_4E1F6AAD24975D4BA5B1680429673943668D8EE3TK5EX14MBXC283r_"
MIME-Version: 1.0
X-Forefront-Antispam-Report: CIP:; CTRY:US; IPV:CAL; IPV:NLI; EFV:NLI; SFV:NSPM; SFS:(24454001)(51914002)(377454001)(164054002)(47446002)(54316002)(4396001)(76482001)(49866001)(5343655001)(47736001)(50986001)(16406001)(550184003)(74662001)(47976001)(44976002)(31966008)(5343635001)(56776001)(54356001)(512954001)(15202345001)(53806001)(46102001)(51856001)(56816002)(74502001)(33656001)(55846005); DIR:OUT; SFP:; LANG:en;
X-Forefront-PRVS: 0671F32598
Cc: IRTF CFRG <>, "" <>
Subject: Re: [jose] [Cfrg] Authenticated Encryption with AES-CBC and HMAC-SHA, version 01
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Javascript Object Signing and Encryption <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 20 Nov 2012 01:48:58 -0000

Thanks for the pointer, Russ.  This is a useful point of reference in several regards.

                                                                -- Mike

From: Russ Housley []
Sent: Sunday, November 18, 2012 4:45 AM
To: Mike Jones
Subject: Re: [Cfrg] Authenticated Encryption with AES-CBC and HMAC-SHA, version 01

Have you looked at the algorithm in RFC 6476?  While the discussion is CMS-specific, the algorithm could be used with another syntax.


On Nov 12, 2012, at 1:55 PM, Mike Jones wrote:

As background, if there was a version of this spec that did not assume that the parameters would be concatenated together in a specific way, but left them as independent inputs and outputs, as AES GCM and AES CTR do, it would be a better match for JOSE's use case.

                                                            -- Mike

From:<> [] On Behalf Of David McGrew (mcgrew)
Sent: Monday, November 12, 2012 10:21 AM
Subject: [Cfrg] Authenticated Encryption with AES-CBC and HMAC-SHA, version 01


There is a new version of "Authenticated Encryption with AES-CBC and HMAC-SHA", and I would appreciate your review.   It is online at <><>   The diff between the current and the previous version is available at <><>

This draft has been proposed for use in the JOSE WG <><> , where its adoption would allow the working group to omit "raw" unauthenticated encryption, e.g. AES-CBC, and only include authenticated encryption.   Thus I am asking for your help in making

John Foley generated test cases that correspond to the current version of the draft, but I didn't include these in the draft because I did not yet get confirmation from a second independent implementation.   With hope, there will not be any need for any normative changes, and I will include these after I get confirmation.


Cfrg mailing list<>