Re: [kitten] I-D Action: draft-ietf-kitten-aes-cts-hmac-sha2-03.txt
"Peck, Michael A" <mpeck@mitre.org> Mon, 07 July 2014 14:04 UTC
Return-Path: <mpeck@mitre.org>
X-Original-To: kitten@ietfa.amsl.com
Delivered-To: kitten@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 549071A011C for <kitten@ietfa.amsl.com>; Mon, 7 Jul 2014 07:04:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.851
X-Spam-Level:
X-Spam-Status: No, score=-4.851 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.651] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id aGpvTLUOc4Br for <kitten@ietfa.amsl.com>; Mon, 7 Jul 2014 07:03:59 -0700 (PDT)
Received: from smtpksrv1.mitre.org (smtpksrv1.mitre.org [198.49.146.77]) by ietfa.amsl.com (Postfix) with ESMTP id 935A51A0120 for <kitten@ietf.org>; Mon, 7 Jul 2014 07:03:59 -0700 (PDT)
Received: from smtpksrv1.mitre.org (localhost.localdomain [127.0.0.1]) by localhost (Postfix) with SMTP id F3E241F0267; Mon, 7 Jul 2014 10:03:58 -0400 (EDT)
Received: from IMCCAS01.MITRE.ORG (imccas01.mitre.org [129.83.29.78]) by smtpksrv1.mitre.org (Postfix) with ESMTP id D0A661F00EA; Mon, 7 Jul 2014 10:03:58 -0400 (EDT)
Received: from IMCMBX04.MITRE.ORG ([169.254.4.226]) by IMCCAS01.MITRE.ORG ([129.83.29.68]) with mapi id 14.03.0174.001; Mon, 7 Jul 2014 10:03:58 -0400
From: "Peck, Michael A" <mpeck@mitre.org>
To: Benjamin Kaduk <kaduk@MIT.EDU>, "kitten@ietf.org" <kitten@ietf.org>
Thread-Topic: [kitten] I-D Action: draft-ietf-kitten-aes-cts-hmac-sha2-03.txt
Thread-Index: AQHPlgxyGHeCy5BqJE6NR5iOV7LZfJuSjYgAgAIfAYA=
Date: Mon, 07 Jul 2014 14:03:57 +0000
Message-ID: <CFE01F83.10E1B%mpeck@mitre.org>
References: <20140702154337.23812.83936.idtracker@ietfa.amsl.com> <alpine.GSO.1.10.1407052139080.17412@multics.mit.edu>
In-Reply-To: <alpine.GSO.1.10.1407052139080.17412@multics.mit.edu>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/14.4.1.140326
x-originating-ip: [172.31.33.175]
Content-Type: text/plain; charset="us-ascii"
Content-ID: <99349540A195794B94B4E5B8613989A4@imc.mitre.org>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: http://mailarchive.ietf.org/arch/msg/kitten/1xSg-G_xKsomYC5iaiGjbV62Yzk
Subject: Re: [kitten] I-D Action: draft-ietf-kitten-aes-cts-hmac-sha2-03.txt
X-BeenThere: kitten@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Common Authentication Technologies - Next Generation <kitten.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/kitten>, <mailto:kitten-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/kitten/>
List-Post: <mailto:kitten@ietf.org>
List-Help: <mailto:kitten-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/kitten>, <mailto:kitten-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 07 Jul 2014 14:04:02 -0000
Ben, Thanks for reviewing the changes. I put together test vectors this morning for deriving Kp from the base-key and for the pseudo-random function invocations. I can add the following text to Appendix A (Test Vectors) once Internet-Draft submission reopens. If you'd like to verify these I certainly wouldn't mind. Sample results for key derivation: ---------------------------------- enctype aes128-cts-hmac-sha256-128: 128-bit base-key: 37 05 D9 60 80 C1 77 28 A0 E8 00 EA B6 E0 D2 3C Kc value for key usage 2 (constant = 0x0000000299): B3 1A 01 8A 48 F5 47 76 F4 03 E9 A3 96 32 5D C3 Ke value for key usage 2 (constant = 0x00000002AA): 9B 19 7D D1 E8 C5 60 9D 6E 67 C3 E3 7C 62 C7 2E Ki value for key usage 2 (constant = 0x0000000255): 9F DA 0E 56 AB 2D 85 E1 56 9A 68 86 96 C2 6A 6C Kp value (constant = 0x707266): 9C 66 77 98 08 4F 16 82 1E 77 15 DD 5A A6 EB 71 enctype aes256-cts-hmac-sha384-192: 256-bit base-key: 6D 40 4D 37 FA F7 9F 9D F0 D3 35 68 D3 20 66 98 00 EB 48 36 47 2E A8 A0 26 D1 6B 71 82 46 0C 52 Kc value for key usage 2 (constant = 0x0000000299): EF 57 18 BE 86 CC 84 96 3D 8B BB 50 31 E9 F5 C4 BA 41 F2 8F AF 69 E7 3D Ke value for key usage 2 (constant = 0x00000002AA): 56 AB 22 BE E6 3D 82 D7 BC 52 27 F6 77 3F 8E A7 A5 EB 1C 82 51 60 C3 83 12 98 0C 44 2E 5C 7E 49 Ki value for key usage 2 (constant = 0x0000000255): 69 B1 65 14 E3 CD 8E 56 B8 20 10 D5 C7 30 12 B6 22 C4 D0 0F FC 23 ED 1F Kp value (constant = 0x707266): 5D 63 0D B7 EF DE 37 DE 9C 92 03 C5 2B D9 6C 77 31 BE 1C 5B DD 50 DC 75 44 D9 60 AF F3 CC 23 04 Sample pseudo-random function (PRF) invocations: ----------------------------------------- PRF input octet-string: "test" (0x74657374) enctype aes128-cts-hmac-sha256-128: Kp value: 9C 66 77 98 08 4F 16 82 1E 77 15 DD 5A A6 EB 71 PRF output: 3A CA 18 6C C1 26 56 76 5C FE B1 D2 2D 1C B1 36 enctype aes256-cts-hmac-sha384-192: Kp value: 5D 63 0D B7 EF DE 37 DE 9C 92 03 C5 2B D9 6C 77 31 BE 1C 5B DD 50 DC 75 44 D9 60 AF F3 CC 23 04 PRF output: 01 72 03 F2 90 CD 16 6C D6 B2 BB 4F 18 7D 16 23 6B 9A 4E D7 66 19 D8 11 6C 64 06 A3 37 E7 F9 08 On 7/5/14, 9:40 PM, "Benjamin Kaduk" <kaduk@MIT.EDU> wrote: >On Wed, 2 Jul 2014, internet-drafts@ietf.org wrote: > >> >> A New Internet-Draft is available from the on-line Internet-Drafts >>directories. >> This draft is a work item of the Common Authentication Technology Next >>Generation Working Group of the IETF. >> >> Title : AES Encryption with HMAC-SHA2 for Kerberos 5 >> Authors : Michael J. Jenkins >> Michael A. Peck >> Kelley W. Burgin >> Filename : draft-ietf-kitten-aes-cts-hmac-sha2-03.txt >> Pages : 15 >> Date : 2014-07-02 >> >> Abstract: >> This document specifies two encryption types and two corresponding >> checksum types for Kerberos 5. The new types use AES in CTS mode >> (CBC mode with ciphertext stealing) for confidentiality and HMAC with >> a SHA-2 hash for integrity. >> >> >> The IETF datatracker status page for this draft is: >> https://datatracker.ietf.org/doc/draft-ietf-kitten-aes-cts-hmac-sha2/ >> >> There's also a htmlized version available at: >> http://tools.ietf.org/html/draft-ietf-kitten-aes-cts-hmac-sha2-03 >> >> A diff from the previous version is available at: >> http://www.ietf.org/rfcdiff?url2=draft-ietf-kitten-aes-cts-hmac-sha2-03 > >The text changes look good to me; thanks. > >I would still like to have pseudo-random test vectors (though I do not >think I will insist on it). I may try to find time to generate some. > >-Ben > >_______________________________________________ >Kitten mailing list >Kitten@ietf.org >https://www.ietf.org/mailman/listinfo/kitten
- [kitten] I-D Action: draft-ietf-kitten-aes-cts-hm… internet-drafts
- Re: [kitten] I-D Action: draft-ietf-kitten-aes-ct… Benjamin Kaduk
- Re: [kitten] I-D Action: draft-ietf-kitten-aes-ct… Peck, Michael A
- Re: [kitten] I-D Action: draft-ietf-kitten-aes-ct… Benjamin Kaduk
- Re: [kitten] I-D Action: draft-ietf-kitten-aes-ct… Peck, Michael A