IETF Logo Mail Archive

Re: [Ntp] WGLC for draft-ietf-ntp-mac

Harlan Stenn <stenn@nwtime.org> Thu, 01 March 2018 12:57 UTC

Return-Path: <stenn@nwtime.org>
X-Original-To: ntp@ietfa.amsl.com
Delivered-To: ntp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A117512E8CC for <ntp@ietfa.amsl.com>; Thu, 1 Mar 2018 04:57:18 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Me2jeyPc_eOO for <ntp@ietfa.amsl.com>; Thu, 1 Mar 2018 04:57:14 -0800 (PST)
Received: from chessie.everett.org (chessie.everett.org [IPv6:2001:470:1:205::234]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 198B8129C59 for <ntp@ietf.org>; Thu, 1 Mar 2018 04:57:14 -0800 (PST)
Received: from hms-mbp11.pfcs.com (96-41-166-181.dhcp.mdfd.or.charter.com [96.41.166.181]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by chessie.everett.org (Postfix) with ESMTPSA id A9A9AB843; Thu, 1 Mar 2018 12:57:13 +0000 (UTC)
To: ntp@ietf.org
References: <CF57EAFE-31F0-4ADD-A209-1802DB6CA643@isoc.org> <20180227230925.GJ33838@mvangund-retina.ddns.asig.cisco.com> <E1er18d-00029p-Li@stenn.ntp.org> <CAJm83bBVoYrYpEe+BHsUiRCzeR+C5Ui3G9MH1myHj8i7=GWU-A@mail.gmail.com>
From: Harlan Stenn <stenn@nwtime.org>
Message-ID: <c56584e2-3ef1-6eef-2517-d113c1bd6190@nwtime.org>
Date: Thu, 01 Mar 2018 04:57:13 -0800
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:52.0) Gecko/20100101 Thunderbird/52.6.0
MIME-Version: 1.0
In-Reply-To: <CAJm83bBVoYrYpEe+BHsUiRCzeR+C5Ui3G9MH1myHj8i7=GWU-A@mail.gmail.com>
Content-Type: text/plain; charset="utf-8"
Content-Language: en-US
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/ntp/warWnIXUyXWldKET8WQB-iQaacU>
Subject: Re: [Ntp] WGLC for draft-ietf-ntp-mac
X-BeenThere: ntp@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: <ntp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ntp>, <mailto:ntp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ntp/>
List-Post: <mailto:ntp@ietf.org>
List-Help: <mailto:ntp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ntp>, <mailto:ntp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 01 Mar 2018 12:57:22 -0000


On 2/28/18 5:51 AM, Daniel Franke wrote:
> The block size of AES is 128 bits, regardless of whether a 128- or 256-bit
> key is used, and therefore the output of AES-CMAC is always 128 bits.
> 160-bit digests are already supported by RFC7822, but there's no way to
> make AES-CMAC produce one.

OK, thanks - this is what I get for reading things in a hurry.

Is this even an issue then?  The reference implementation has long
supported any digest algorithm provided by the crypto libraries it was
linked with.

OK, it is an issue in that AES-CMAC is not a digest that is provided by
OpenSSL - we have to do use a wrapper to get the signature.

H
--
> On Feb 28, 2018 7:47 AM, "Harlan Stenn" <stenn@ntp.org> wrote:
> 
>> Most everybody seems to think that 160 bits of digest is all that will
>> ever be needed.
>>
>> I'm perfectly happy making sure longer digests are supported.
>> -- Harlan Stenn <stenn@ntp.org>
>> http://networktimefoundation.org - be a member!
>>
>> _______________________________________________
>> ntp mailing list
>> ntp@ietf.org
>> https://www.ietf.org/mailman/listinfo/ntp
>>
> 
> 
> 
> _______________________________________________
> ntp mailing list
> ntp@ietf.org
> https://www.ietf.org/mailman/listinfo/ntp
> 

-- 
Harlan Stenn <stenn@nwtime.org>
http://networktimefoundation.org - be a member!

v2.23.0 | Report a Bug | By Email