Re: [kitten] I-D Action: draft-ietf-kitten-aes-cts-hmac-sha2-10.txt
Benjamin Kaduk <kaduk@MIT.EDU> Wed, 06 July 2016 20:45 UTC
Return-Path: <kaduk@mit.edu>
X-Original-To: kitten@ietfa.amsl.com
Delivered-To: kitten@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BBC4012D67B for <kitten@ietfa.amsl.com>; Wed, 6 Jul 2016 13:45:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.627
X-Spam-Level:
X-Spam-Status: No, score=-5.627 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-1.426, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2U5ybptzFiv0 for <kitten@ietfa.amsl.com>; Wed, 6 Jul 2016 13:45:32 -0700 (PDT)
Received: from dmz-mailsec-scanner-8.mit.edu (dmz-mailsec-scanner-8.mit.edu [18.7.68.37]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5FA7A12D66E for <kitten@ietf.org>; Wed, 6 Jul 2016 13:45:32 -0700 (PDT)
X-AuditID: 12074425-867ff700000015c6-30-577d6de90ef8
Received: from mailhub-auth-4.mit.edu ( [18.7.62.39]) (using TLS with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by (Symantec Messaging Gateway) with SMTP id D5.E3.05574.AED6D775; Wed, 6 Jul 2016 16:45:30 -0400 (EDT)
Received: from outgoing.mit.edu (outgoing-auth-1.mit.edu [18.9.28.11]) by mailhub-auth-4.mit.edu (8.13.8/8.9.2) with ESMTP id u66KjTux032738; Wed, 6 Jul 2016 16:45:29 -0400
Received: from multics.mit.edu (system-low-sipb.mit.edu [18.187.2.37]) (authenticated bits=56) (User authenticated as kaduk@ATHENA.MIT.EDU) by outgoing.mit.edu (8.13.8/8.12.4) with ESMTP id u66KjQ2K030477 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Wed, 6 Jul 2016 16:45:29 -0400
Received: (from kaduk@localhost) by multics.mit.edu (8.12.9.20060308) id u66KjQ9k029660; Wed, 6 Jul 2016 16:45:26 -0400 (EDT)
Date: Wed, 06 Jul 2016 16:45:25 -0400
From: Benjamin Kaduk <kaduk@MIT.EDU>
To: Michael Jenkins <m.jenkins.364706@gmail.com>
In-Reply-To: <CAC2=hnesVvpTPNBxz8MCMq_UCbmecVUHCFKkQ7q7RxH+uHNpRQ@mail.gmail.com>
Message-ID: <alpine.GSO.1.10.1607061644040.5272@multics.mit.edu>
References: <20160705180040.22387.60767.idtracker@ietfa.amsl.com> <CAC2=hnesVvpTPNBxz8MCMq_UCbmecVUHCFKkQ7q7RxH+uHNpRQ@mail.gmail.com>
User-Agent: Alpine 1.10 (GSO 962 2008-03-14)
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset="US-ASCII"
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFnrIIsWRmVeSWpSXmKPExsUixG6nrvsqtzbc4PYdE4ujm1exWCz7dpXN gclj56y77B5LlvxkCmCK4rJJSc3JLEst0rdL4Mp4cu0Oe8EPkYqvqw+yNzB+4O9i5OSQEDCR 2PhoDWsXIxeHkEAbk8S/s/PYIJwNjBLbu+4xQTgHmSQ+L5nA0sXIAeTUS6x8wwXSzSKgJbFk 9URGEJtNQEVi5puNbCC2iICBxKJJ68BsZgFhifXnZjCD2MICfhKHtnWxgNicAoESc7t3sYPY vAIOEs/nNcNcwSixcfN1VpCEqICOxOr9U1ggigQlTs58wgIxVEti+fRtLBMYBWYhSc1CklrA yLSKUTYlt0o3NzEzpzg1Wbc4OTEvL7VI10IvN7NELzWldBMjOCRdVHcwzvnrdYhRgINRiYd3 wvPqcCHWxLLiytxDjJIcTEqivCzfgEJ8SfkplRmJxRnxRaU5qcWHGCU4mJVEeGdk14YL8aYk VlalFuXDpKQ5WJTEeRkZGBiEBNITS1KzU1MLUotgsjIcHEoSvB9ygBoFi1LTUyvSMnNKENJM HJwgw3mAhr8AqeEtLkjMLc5Mh8ifYlSUEud9CLJVACSRUZoH1wtOGbuZVF8xigO9Isw7FaSd B5hu4LpfAQ1mAhr806UaZHBJIkJKqoFxYZ0yS05UsuadrHVnOi/7CEiHvo0673plGdPDgmSr +4ZRkqFdC9jbvpvI5ljZnW1ZLr080+XW0qfCC0+1ymifWOG8Pf/EjT/PY5LqVFzEVzuxHNub VZks9nq6gpuy18MPdqlnP81YLxO6v08gPqFfNeOer2De9kW5j79r3HzY1MdYqa529ZsSS3FG oqEWc1FxIgA97b7K9AIAAA==
Archived-At: <https://mailarchive.ietf.org/arch/msg/kitten/gq9Y9gnbLbzhPipqn5x8wvu88ac>
Cc: kitten@ietf.org
Subject: Re: [kitten] I-D Action: draft-ietf-kitten-aes-cts-hmac-sha2-10.txt
X-BeenThere: kitten@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Common Authentication Technologies - Next Generation <kitten.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/kitten>, <mailto:kitten-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/kitten/>
List-Post: <mailto:kitten@ietf.org>
List-Help: <mailto:kitten-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/kitten>, <mailto:kitten-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 06 Jul 2016 20:45:35 -0000
The changes look good, thanks for putting them together so quickly. Also thanks to Luke and Greg for updating implementations and re-verifying test vectors. -Ben On Tue, 5 Jul 2016, Michael Jenkins wrote: > The new draft-ietf-kitten-aes-cts-hmac-sha2 includes changes for all of > Ben's comments. As for the KDF, we looked at both simply inserting a 0x00 > between the "prf" and the octet string (leaving the extra 0x00 before the > length bits intact), and fixing the KDF so that the prf was computed the > same way as any other KDF. So in the end we decided that the cleanest and > least likely to confuse option was to fix the KDF definition in Section 3 > by adding an optional context field. > > Mike J > > On Tue, Jul 5, 2016 at 2:00 PM, <internet-drafts@ietf.org> wrote: > > > > > A New Internet-Draft is available from the on-line Internet-Drafts > > directories. > > This draft is a work item of the Common Authentication Technology Next > > Generation of the IETF. > > > > Title : AES Encryption with HMAC-SHA2 for Kerberos 5 > > Authors : Michael J. Jenkins > > Michael A. Peck > > Kelley W. Burgin > > Filename : draft-ietf-kitten-aes-cts-hmac-sha2-10.txt > > Pages : 17 > > Date : 2016-07-05 > > > > Abstract: > > This document specifies two encryption types and two corresponding > > checksum types for Kerberos 5. The new types use AES in CTS mode > > (CBC mode with ciphertext stealing) for confidentiality and HMAC with > > a SHA-2 hash for integrity. > > > > > > The IETF datatracker status page for this draft is: > > https://datatracker.ietf.org/doc/draft-ietf-kitten-aes-cts-hmac-sha2/ > > > > There's also a htmlized version available at: > > https://tools.ietf.org/html/draft-ietf-kitten-aes-cts-hmac-sha2-10 > > > > A diff from the previous version is available at: > > https://www.ietf.org/rfcdiff?url2=draft-ietf-kitten-aes-cts-hmac-sha2-10 > > > > > > Please note that it may take a couple of minutes from the time of > > submission > > until the htmlized version and diff are available at tools.ietf.org. > > > > Internet-Drafts are also available by anonymous FTP at: > > ftp://ftp.ietf.org/internet-drafts/ > > > > _______________________________________________ > > Kitten mailing list > > Kitten@ietf.org > > https://www.ietf.org/mailman/listinfo/kitten > > > > > > -- > Mike Jenkins > mjjenki@tycho.ncsc.mil - if you want me to read it only at my desk > m.jenkins.364706@gmail.com - to read everywhere > 443-634-3951 >
- Re: [kitten] I-D Action: draft-ietf-kitten-aes-ct… Benjamin Kaduk
- Re: [kitten] I-D Action: draft-ietf-kitten-aes-ct… Greg Hudson
- Re: [kitten] I-D Action: draft-ietf-kitten-aes-ct… Luke Howard
- Re: [kitten] I-D Action: draft-ietf-kitten-aes-ct… Michael Jenkins
- [kitten] I-D Action: draft-ietf-kitten-aes-cts-hm… internet-drafts