IETF Logo Mail Archive

Re: [kitten] I-D Action: draft-ietf-kitten-aes-cts-hmac-sha2-10.txt

Luke Howard <lukeh@padl.com> Tue, 05 July 2016 23:55 UTC

Return-Path: <lukeh@padl.com>
X-Original-To: kitten@ietfa.amsl.com
Delivered-To: kitten@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7F6DA12B00D for <kitten@ietfa.amsl.com>; Tue, 5 Jul 2016 16:55:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.327
X-Spam-Level:
X-Spam-Status: No, score=-3.327 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RP_MATCHES_RCVD=-1.426, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IJsBhd3Vig4N for <kitten@ietfa.amsl.com>; Tue, 5 Jul 2016 16:55:56 -0700 (PDT)
Received: from us.padl.com (us.padl.com [216.154.215.154]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4D18212B02F for <kitten@ietf.org>; Tue, 5 Jul 2016 16:55:56 -0700 (PDT)
Received: by us.padl.com with ESMTP id u65Ntp5B019749; Tue, 5 Jul 2016 19:55:53 -0400
Content-Type: multipart/alternative; boundary="Apple-Mail=_2BE4811A-95C2-4A3D-A71C-8B56B237B657"
Mime-Version: 1.0 (Mac OS X Mail 9.3 \(3124\))
From: Luke Howard <lukeh@padl.com>
In-Reply-To: <CAC2=hnesVvpTPNBxz8MCMq_UCbmecVUHCFKkQ7q7RxH+uHNpRQ@mail.gmail.com>
Date: Wed, 06 Jul 2016 09:55:50 +1000
Message-Id: <27A0CA43-3608-4CB0-88B6-F4B9F6021510@padl.com>
References: <20160705180040.22387.60767.idtracker@ietfa.amsl.com> <CAC2=hnesVvpTPNBxz8MCMq_UCbmecVUHCFKkQ7q7RxH+uHNpRQ@mail.gmail.com>
To: Michael Jenkins <m.jenkins.364706@gmail.com>
X-Mailer: Apple Mail (2.3124)
Archived-At: <https://mailarchive.ietf.org/arch/msg/kitten/umMb-FINqtxTHKrKn-tzVvvmYsc>
Cc: "kitten@ietf.org" <kitten@ietf.org>
Subject: Re: [kitten] I-D Action: draft-ietf-kitten-aes-cts-hmac-sha2-10.txt
X-BeenThere: kitten@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Common Authentication Technologies - Next Generation <kitten.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/kitten>, <mailto:kitten-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/kitten/>
List-Post: <mailto:kitten@ietf.org>
List-Help: <mailto:kitten-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/kitten>, <mailto:kitten-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 05 Jul 2016 23:55:58 -0000

Updated aes-cts-hmac-sha2 branch of Heimdal.

> On 6 Jul 2016, at 5:55 AM, Michael Jenkins <m.jenkins.364706@gmail.com> wrote:
> 
> The new draft-ietf-kitten-aes-cts-hmac-sha2 includes changes for all of Ben's comments. As for the KDF, we looked at both simply inserting a 0x00 between the "prf" and the octet string (leaving the extra 0x00 before the length bits intact), and fixing the KDF so that the prf was computed the same way as any other KDF. So in the end we decided that the cleanest and least likely to confuse option was to fix the KDF definition in Section 3 by adding an optional context field.
> 
> Mike J
> 
> On Tue, Jul 5, 2016 at 2:00 PM, <internet-drafts@ietf.org <mailto:internet-drafts@ietf.org>> wrote:
> 
> A New Internet-Draft is available from the on-line Internet-Drafts directories.
> This draft is a work item of the Common Authentication Technology Next Generation of the IETF.
> 
>         Title           : AES Encryption with HMAC-SHA2 for Kerberos 5
>         Authors         : Michael J. Jenkins
>                           Michael A. Peck
>                           Kelley W. Burgin
>         Filename        : draft-ietf-kitten-aes-cts-hmac-sha2-10.txt
>         Pages           : 17
>         Date            : 2016-07-05
> 
> Abstract:
>    This document specifies two encryption types and two corresponding
>    checksum types for Kerberos 5.  The new types use AES in CTS mode
>    (CBC mode with ciphertext stealing) for confidentiality and HMAC with
>    a SHA-2 hash for integrity.
> 
> 
> The IETF datatracker status page for this draft is:
> https://datatracker.ietf.org/doc/draft-ietf-kitten-aes-cts-hmac-sha2/ <https://datatracker.ietf.org/doc/draft-ietf-kitten-aes-cts-hmac-sha2/>
> 
> There's also a htmlized version available at:
> https://tools.ietf.org/html/draft-ietf-kitten-aes-cts-hmac-sha2-10 <https://tools.ietf.org/html/draft-ietf-kitten-aes-cts-hmac-sha2-10>
> 
> A diff from the previous version is available at:
> https://www.ietf.org/rfcdiff?url2=draft-ietf-kitten-aes-cts-hmac-sha2-10 <https://www.ietf.org/rfcdiff?url2=draft-ietf-kitten-aes-cts-hmac-sha2-10>
> 
> 
> Please note that it may take a couple of minutes from the time of submission
> until the htmlized version and diff are available at tools.ietf.org <http://tools.ietf.org/>.
> 
> Internet-Drafts are also available by anonymous FTP at:
> ftp://ftp.ietf.org/internet-drafts/ <ftp://ftp.ietf.org/internet-drafts/>
> 
> _______________________________________________
> Kitten mailing list
> Kitten@ietf.org <mailto:Kitten@ietf.org>
> https://www.ietf.org/mailman/listinfo/kitten <https://www.ietf.org/mailman/listinfo/kitten>
> 
> 
> 
> -- 
> Mike Jenkins
> mjjenki@tycho.ncsc.mil <mailto:mjjenki@tycho.ncsc.mil> - if you want me to read it only at my desk
> m.jenkins.364706@gmail.com <mailto:m.jenkins.364706@gmail.com> - to read everywhere
> 443-634-3951 <tel:443-634-3951>_______________________________________________
> Kitten mailing list
> Kitten@ietf.org
> https://www.ietf.org/mailman/listinfo/kitten

--
www.lukehoward.com
soundcloud.com/lukehoward

v2.23.0 | Report a Bug | By Email