Re: [kitten] [EXTERNAL] Re: Question about AES mode in Kerberos
Luke Howard Bentata <lukeh@padl.com> Wed, 04 January 2023 23:16 UTC
Return-Path: <lukeh@padl.com>
X-Original-To: kitten@ietfa.amsl.com
Delivered-To: kitten@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4DB0FC14F721; Wed, 4 Jan 2023 15:16:45 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.096
X-Spam-Level:
X-Spam-Status: No, score=-7.096 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=padl.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Q_MdacRu7dEW; Wed, 4 Jan 2023 15:16:40 -0800 (PST)
Received: from us.padl.com (us.padl.com [216.154.215.154]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AF049C14F6E7; Wed, 4 Jan 2023 15:16:39 -0800 (PST)
Received: from auth (localhost [127.0.0.1]) by us.padl.com (8.14.7/8.14.7) with ESMTP id 304NGY9s003660 (version=TLSv1/SSLv3 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Wed, 4 Jan 2023 23:16:37 GMT
DKIM-Filter: OpenDKIM Filter v2.11.0 us.padl.com 304NGY9s003660
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=padl.com; s=default; t=1672874198; bh=WHg1GGGl2Ew+GBoOqN1y9wHDvjn97amibwOHkYwIlWU=; h=From:Subject:Date:In-Reply-To:Cc:To:References:From; b=1mhT+dAoQH9S7jmEUeNVMT2ujBXyX5B4c5HyAXIzGkZI++4z+QymHowhxZf5n2Mu9 YIbZiJCAAWVnAyMRzNylLMH/izZ8ny1NciRpxnwj/NRtLO8LutH4soZthiLi66xNgk 3Q/dAFJxSeQMy+4SgQmrHnQO4nD7Uby9P9pBp1rbrKssNeCS6OcdJhGJHfkVopJ7Tm W8yc5Q/VmTjrOxrnoGoBhNNWOGKfwr8DqVm/7F1pxJGryIEJmALoR02R6lKMdZsE1+ EmH9NsS9c0j2k/A2moKc8jtupxRBdyQhkbNjzLC4ggsSqVegJOIIq/MjheNOP5ejEX VxPnG2nSlObvw==
From: Luke Howard Bentata <lukeh@padl.com>
Message-Id: <ADBB6924-B86B-46D9-905A-0D11252C7D44@padl.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_FC5527B9-BA64-4E40-B0D4-D4498CF9A100"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3731.200.110.1.12\))
Date: Thu, 05 Jan 2023 10:16:23 +1100
In-Reply-To: <MW4PR21MB1970DE557EECC969FA3F54EB9CF59@MW4PR21MB1970.namprd21.prod.outlook.com>
Cc: Olga Kornievskaia <aglo@umich.edu>, "kitten@ietf.org" <kitten@ietf.org>
To: "Steve Syfuhs (AP)" <Steve.Syfuhs=40microsoft.com@dmarc.ietf.org>
References: <CAN-5tyGGJXoo9RfKEGTsk8XeQDpZ--VSnO7nunzvnBBzrRB0WQ@mail.gmail.com> <558f31de-7fac-26c7-fe81-8e486968f0ef@secure-endpoints.com> <CAN-5tyGMpwTCpo9cm25RuB4n8moOoiU35PrE4HRK+Yini=Lp8A@mail.gmail.com> <912e61a5-192c-626f-0a36-7001b567c212@secure-endpoints.com> <MW4PR21MB1970A436FA5DF2E76F815DFC9CF49@MW4PR21MB1970.namprd21.prod.outlook.com> <CAN-5tyE819exSnenGGiJo1f38EfAhnO99Pv2cq2C3rjF1b-LSg@mail.gmail.com> <MW4PR21MB1970DE557EECC969FA3F54EB9CF59@MW4PR21MB1970.namprd21.prod.outlook.com>
X-Mailer: Apple Mail (2.3731.200.110.1.12)
Archived-At: <https://mailarchive.ietf.org/arch/msg/kitten/4SyOTM0EUKeS_JGtCh8YSmq0Als>
Subject: Re: [kitten] [EXTERNAL] Re: Question about AES mode in Kerberos
X-BeenThere: kitten@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Common Authentication Technologies - Next Generation <kitten.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/kitten>, <mailto:kitten-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/kitten/>
List-Post: <mailto:kitten@ietf.org>
List-Help: <mailto:kitten-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/kitten>, <mailto:kitten-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 04 Jan 2023 23:16:45 -0000
Well, SMB 3.1.1 uses AES-256-GCM and AES-256-CCM ;) https://learn.microsoft.com/en-us/windows-server/storage/file-server/smb-security > On 5 Jan 2023, at 3:49 am, Steve Syfuhs (AP) <Steve.Syfuhs=40microsoft.com@dmarc.ietf.org> wrote: > > Well, that's ultimately the question for a performance profiler to answer: does it even need offloading? > > CPU AES instructions can do CBC rather cheaply.
- [kitten] Question about AES mode in Kerberos Olga Kornievskaia
- Re: [kitten] Question about AES mode in Kerberos Jeffrey Altman
- Re: [kitten] Question about AES mode in Kerberos Olga Kornievskaia
- Re: [kitten] Question about AES mode in Kerberos Jeffrey Altman
- Re: [kitten] [EXTERNAL] Re: Question about AES mo… Steve Syfuhs (AP)
- Re: [kitten] Question about AES mode in Kerberos Luke Howard
- Re: [kitten] [EXTERNAL] Re: Question about AES mo… Paul Miller (NT)
- Re: [kitten] [EXTERNAL] Re: Question about AES mo… Olga Kornievskaia
- Re: [kitten] [EXTERNAL] Re: Question about AES mo… Steve Syfuhs (AP)
- Re: [kitten] [EXTERNAL] Re: Question about AES mo… Luke Howard Bentata
- Re: [kitten] Question about AES mode in Kerberos Luke Howard Bentata
- Re: [kitten] [EXTERNAL] Re: Question about AES mo… Steve Syfuhs (AP)
- Re: [kitten] [EXTERNAL] Re: Question about AES mo… Luke Howard Bentata
- Re: [kitten] [EXTERNAL] Re: Question about AES mo… Luke Howard
- Re: [kitten] [EXTERNAL] Re: Question about AES mo… Luke Howard Bentata
- Re: [kitten] [EXTERNAL] Re: Question about AES mo… Ken Hornstein
- Re: [kitten] Question about AES mode in Kerberos Olga Kornievskaia
- Re: [kitten] [EXTERNAL] Re: Question about AES mo… Luke Howard Bentata
- Re: [kitten] Question about AES mode in Kerberos Luke Howard Bentata
- Re: [kitten] Question about AES mode in Kerberos Greg Hudson
- Re: [kitten] Question about AES mode in Kerberos Luke Howard Bentata
- Re: [kitten] Question about AES mode in Kerberos Luke Howard Bentata
- Re: [kitten] Question about AES mode in Kerberos Luke Howard
- Re: [kitten] Question about AES mode in Kerberos Olga Kornievskaia
- Re: [kitten] Question about AES mode in Kerberos Luke Howard Bentata
- Re: [kitten] Question about AES mode in Kerberos Greg Hudson
- Re: [kitten] Question about AES mode in Kerberos Luke Howard
- Re: [kitten] Question about AES mode in Kerberos Olga Kornievskaia
- Re: [kitten] Question about AES mode in Kerberos Olga Kornievskaia
- Re: [kitten] Question about AES mode in Kerberos Luke Howard Bentata
- Re: [kitten] Question about AES mode in Kerberos Nico Williams
- Re: [kitten] Question about AES mode in Kerberos Nico Williams
- Re: [kitten] [EXTERNAL] Re: Question about AES mo… Steve Syfuhs (AP)
- Re: [kitten] [EXTERNAL] Re: Question about AES mo… Nico Williams
- Re: [kitten] [EXTERNAL] Re: Question about AES mo… Nico Williams
- Re: [kitten] [EXTERNAL] Re: Question about AES mo… Nico Williams
- Re: [kitten] [EXTERNAL] Re: Question about AES mo… Nico Williams
- Re: [kitten] Question about AES mode in Kerberos Nico Williams
- Re: [kitten] Question about AES mode in Kerberos Nico Williams
- Re: [kitten] Question about AES mode in Kerberos Luke Howard
- Re: [kitten] Question about AES mode in Kerberos Luke Howard
- Re: [kitten] Question about AES mode in Kerberos Olga Kornievskaia
- Re: [kitten] Question about AES mode in Kerberos Luke Howard Bentata