IETF Logo Mail Archive

Re: [kitten] WGLC on draft-ietf-kitten-aes-cts-hmac-sha2-06

Jeffrey Altman <jaltman@secure-endpoints.com> Mon, 20 April 2015 15:15 UTC

Return-Path: <prvs=1552b90a4b=jaltman@secure-endpoints.com>
X-Original-To: kitten@ietfa.amsl.com
Delivered-To: kitten@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 78A0A1B2ED3 for <kitten@ietfa.amsl.com>; Mon, 20 Apr 2015 08:15:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.101
X-Spam-Level:
X-Spam-Status: No, score=-0.101 tagged_above=-999 required=5 tests=[BAYES_40=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ifpm4UTAvZ5O for <kitten@ietfa.amsl.com>; Mon, 20 Apr 2015 08:15:43 -0700 (PDT)
Received: from sequoia-grove.secure-endpoints.com (sequoia-grove.ad.secure-endpoints.com [208.125.0.235]) (using TLSv1.2 with cipher AES128-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8EEAD1B2ECF for <kitten@ietf.org>; Mon, 20 Apr 2015 08:15:32 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=secure-endpoints.com; s=MDaemon; t=1429542910; x=1430147710; q=dns/txt; h=VBR-Info:Message-ID:Date:From:Organization: User-Agent:MIME-Version:To:CC:Subject:References:In-Reply-To: OpenPGP:Content-Type; bh=ojiAC7Yt//5d6jXC2ivjBcEykmbhh7DdmB+kFwM tjsQ=; b=ivaF1NIeRnL0+Xk02sQxUucslO30PJkXhVTWkJn2UkRQgjk50Zlr0g6 KdHr16bUQhfwnj2CyKXZ3o2BEEn6YmcJSlRI0UGWHkJWGowqTWlqbFIhy5eMeSb9 1AFUSHa8EqM129N1Fl2/fcCON87QXV6LckRI/Xb5+10REQW3EDGs=
X-MDAV-Result: clean
X-MDAV-Processed: sequoia-grove.secure-endpoints.com, Mon, 20 Apr 2015 11:15:10 -0400
X-Spam-Processed: sequoia-grove.secure-endpoints.com, Mon, 20 Apr 2015 11:15:10 -0400
Received: from [x.x.x.x] by secure-endpoints.com (Cipher TLSv1:AES-SHA:128) (MDaemon PRO v15.0.0) with ESMTPSA id md50000859311.msg for <kitten@ietf.org>; Mon, 20 Apr 2015 11:15:09 -0400
VBR-Info: md=secure-endpoints.com; mc=all; mv=vbr.emailcertification.org;
X-MDArrival-Date: Mon, 20 Apr 2015 11:15:09 -0400
X-Authenticated-Sender: jaltman@secure-endpoints.com
X-Return-Path: prvs=1552b90a4b=jaltman@secure-endpoints.com
X-Envelope-From: jaltman@secure-endpoints.com
X-MDaemon-Deliver-To: kitten@ietf.org
Message-ID: <553517F8.5060108@secure-endpoints.com>
Date: Mon, 20 Apr 2015 11:15:04 -0400
From: Jeffrey Altman <jaltman@secure-endpoints.com>
Organization: Secure Endpoints Inc.
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:31.0) Gecko/20100101 Thunderbird/31.6.0
MIME-Version: 1.0
To: Benjamin Kaduk <kaduk@MIT.EDU>, kitten@ietf.org
References: <alpine.GSO.1.10.1503301227280.22210@multics.mit.edu> <alpine.GSO.1.10.1504171407190.22210@multics.mit.edu>
In-Reply-To: <alpine.GSO.1.10.1504171407190.22210@multics.mit.edu>
OpenPGP: id=FA444AF197F449B24CF3E699F77A735592B69A04; url=http://pgp.mit.edu
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg="sha1"; boundary="------------ms000407040009050909060005"
Archived-At: <http://mailarchive.ietf.org/arch/msg/kitten/G3VKWA3wC2my1DcgrYBLHflfsdk>
Subject: Re: [kitten] WGLC on draft-ietf-kitten-aes-cts-hmac-sha2-06
X-BeenThere: kitten@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Common Authentication Technologies - Next Generation <kitten.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/kitten>, <mailto:kitten-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/kitten/>
List-Post: <mailto:kitten@ietf.org>
List-Help: <mailto:kitten-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/kitten>, <mailto:kitten-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 20 Apr 2015 15:15:44 -0000

On 4/17/2015 5:23 PM, Benjamin Kaduk wrote:
> We got a number of comments and questions in this last call.  I will try
> to summarize them and the response to them, below.  Please let me know if
> I have missed something or inaccurately represented someone's statements.


> * Jeff A. asked if we have independent cryptographic review
> 
> Nico and I claim that we are using well-understood building blocks in
> well-understood ways, and no additional review is needed.  Jeff A. has not
> had a chance to reply to these claims yet.

I am happy with the current level of review activity.

> 
> * Jeff A. cares strongly about interoperability and test vector
> verification.
> 
> Greg and Weijun have published python and java code respectively, which
> verify the test vectors, but are not quite enough for interoperability
> testing (?).  The authors had java and python implementations to verify
> the test vectors, which are not (?) published.  I claim this is sufficient
> for now, and Jeff A. has not had a chance to reply yet.

I care enough about interoperability that I have agreed to fund an
implementation for Heimdal.  I would like to see someone commit to a
second implementation.

> * Michael plans to update the draft in response to comments, and expand
> the test vectors.
> 
> There is much rejoicing.

Thank you.

> =======================================================
> 
> That seems to leave us with the following action items:
> 
> For the document editor:
> * remove truncation from the PRF output and use the natural hash output
> length
> * remove the use of random-to-key() and discussion of constant values from
> section 3
> * add an output length argument to KDF-HMAC-SHA2() and adjust text
> accordingly
> * update test vectors to include base keys and key usage values for all
> test cases
> * reword the text discussing aes256 with 192-bit keys
> 
> For Jeffrey Altman:
> * comment about the status of the crypto review and the interoperability
> testing in light of other comments that have come in on those points.

Done.

v2.23.0 | Report a Bug | By Email