Re: [kitten] I-D Action: draft-ietf-kitten-aes-cts-hmac-sha2-10.txt
Michael Jenkins <m.jenkins.364706@gmail.com> Tue, 05 July 2016 19:55 UTC
Return-Path: <m.jenkins.364706@gmail.com>
X-Original-To: kitten@ietfa.amsl.com
Delivered-To: kitten@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4E14D12D50B for <kitten@ietfa.amsl.com>; Tue, 5 Jul 2016 12:55:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.449
X-Spam-Level:
X-Spam-Status: No, score=-2.449 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0B9X-EfiQ6hU for <kitten@ietfa.amsl.com>; Tue, 5 Jul 2016 12:55:03 -0700 (PDT)
Received: from mail-lf0-x233.google.com (mail-lf0-x233.google.com [IPv6:2a00:1450:4010:c07::233]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4A6A112D583 for <kitten@ietf.org>; Tue, 5 Jul 2016 12:55:03 -0700 (PDT)
Received: by mail-lf0-x233.google.com with SMTP id l188so141602767lfe.2 for <kitten@ietf.org>; Tue, 05 Jul 2016 12:55:03 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to; bh=zs0diCQlMBWKUT0Qii7iux8jxAk6uGl0cBujvmqM+Dc=; b=rPad65A5G9aQSgp/18X2Yb/NinyJt2OJBxtp3TGJrfLuS5SF/UgdMUCezSwSFjklKq uDuY1Bsq6Yva2omae4xEshqLuW2gdLuHA+3XrIZDCLohrtIN6VIFW5cyvAS/IlHPwnRC sU+VGmE5atmlQUzIoKcRtBoxhOpPqLrbrcaB+YO1utWx+aKgZPMa6L96ZGoVEmIxgs8h IHixpr1rbs9ntxQet2hgbIy2zEVqLAxAjKf5GNmgEkTBGx5Vc4qV3IhZd8fspbEsd/6J vz1luOPW4f0AoyJiQpw1epmX5stfRTMtTjSWFqJlvKqnWgMa2P6461fCsu1GVfSRt0Zh d2KQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to; bh=zs0diCQlMBWKUT0Qii7iux8jxAk6uGl0cBujvmqM+Dc=; b=HNchGKjTo+M/yCxpM6l6W9A5FQwuQleuhGLht8CGutNJIl9CVfBpENPnlHVGUkMJuD eV5aDKhRSpR6I2rq2Cf2IKJIIKjocjDSTfmXvL8LzuxAi3DNhLE31VbvkGv4HI7rSpv6 sucM7870fMJse8yTFJ0W+QcpF5Bhn1FuJeYovyDZoLVnBXSPT7unZzTvNLrT88uDIIOB ACDis8WzzsP6/QI708I6u0gEdnPz6WOax0w+5/wMw2A11Elhx2iaDMfpv3R6ubAc67k5 TaD2z2xRMzcjmCv0Uw8Ns6fhTa74SgCcPvdsOfjI4fpbuFytXX0B7o4IzVnVFqaPjAcO lzHg==
X-Gm-Message-State: ALyK8tIxPBwreyu+vNmsxiVX9dGf+MXizPqlHM5Sjb7LBEVuCGJ5NkoqLMavf2Bxh44uHk/Cb35imodmL//WBg==
X-Received: by 10.25.84.65 with SMTP id i62mr5562775lfb.88.1467748501126; Tue, 05 Jul 2016 12:55:01 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.25.141.132 with HTTP; Tue, 5 Jul 2016 12:55:00 -0700 (PDT)
In-Reply-To: <20160705180040.22387.60767.idtracker@ietfa.amsl.com>
References: <20160705180040.22387.60767.idtracker@ietfa.amsl.com>
From: Michael Jenkins <m.jenkins.364706@gmail.com>
Date: Tue, 05 Jul 2016 15:55:00 -0400
Message-ID: <CAC2=hnesVvpTPNBxz8MCMq_UCbmecVUHCFKkQ7q7RxH+uHNpRQ@mail.gmail.com>
To: kitten@ietf.org
Content-Type: multipart/alternative; boundary="001a11411f280783bf0536e8d44e"
Archived-At: <https://mailarchive.ietf.org/arch/msg/kitten/OIstPhnQ21yhEWPD38fEqfzFtv4>
Subject: Re: [kitten] I-D Action: draft-ietf-kitten-aes-cts-hmac-sha2-10.txt
X-BeenThere: kitten@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Common Authentication Technologies - Next Generation <kitten.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/kitten>, <mailto:kitten-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/kitten/>
List-Post: <mailto:kitten@ietf.org>
List-Help: <mailto:kitten-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/kitten>, <mailto:kitten-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 05 Jul 2016 19:55:08 -0000
The new draft-ietf-kitten-aes-cts-hmac-sha2 includes changes for all of Ben's comments. As for the KDF, we looked at both simply inserting a 0x00 between the "prf" and the octet string (leaving the extra 0x00 before the length bits intact), and fixing the KDF so that the prf was computed the same way as any other KDF. So in the end we decided that the cleanest and least likely to confuse option was to fix the KDF definition in Section 3 by adding an optional context field. Mike J On Tue, Jul 5, 2016 at 2:00 PM, <internet-drafts@ietf.org> wrote: > > A New Internet-Draft is available from the on-line Internet-Drafts > directories. > This draft is a work item of the Common Authentication Technology Next > Generation of the IETF. > > Title : AES Encryption with HMAC-SHA2 for Kerberos 5 > Authors : Michael J. Jenkins > Michael A. Peck > Kelley W. Burgin > Filename : draft-ietf-kitten-aes-cts-hmac-sha2-10.txt > Pages : 17 > Date : 2016-07-05 > > Abstract: > This document specifies two encryption types and two corresponding > checksum types for Kerberos 5. The new types use AES in CTS mode > (CBC mode with ciphertext stealing) for confidentiality and HMAC with > a SHA-2 hash for integrity. > > > The IETF datatracker status page for this draft is: > https://datatracker.ietf.org/doc/draft-ietf-kitten-aes-cts-hmac-sha2/ > > There's also a htmlized version available at: > https://tools.ietf.org/html/draft-ietf-kitten-aes-cts-hmac-sha2-10 > > A diff from the previous version is available at: > https://www.ietf.org/rfcdiff?url2=draft-ietf-kitten-aes-cts-hmac-sha2-10 > > > Please note that it may take a couple of minutes from the time of > submission > until the htmlized version and diff are available at tools.ietf.org. > > Internet-Drafts are also available by anonymous FTP at: > ftp://ftp.ietf.org/internet-drafts/ > > _______________________________________________ > Kitten mailing list > Kitten@ietf.org > https://www.ietf.org/mailman/listinfo/kitten > -- Mike Jenkins mjjenki@tycho.ncsc.mil - if you want me to read it only at my desk m.jenkins.364706@gmail.com - to read everywhere 443-634-3951
- Re: [kitten] I-D Action: draft-ietf-kitten-aes-ct… Benjamin Kaduk
- Re: [kitten] I-D Action: draft-ietf-kitten-aes-ct… Greg Hudson
- Re: [kitten] I-D Action: draft-ietf-kitten-aes-ct… Luke Howard
- Re: [kitten] I-D Action: draft-ietf-kitten-aes-ct… Michael Jenkins
- [kitten] I-D Action: draft-ietf-kitten-aes-cts-hm… internet-drafts