IETF Logo Mail Archive

Re: [openpgp] Proposal to include AEAD OCB mode to 4880bis

Peter Gutmann <pgut001@cs.auckland.ac.nz> Fri, 27 October 2017 08:46 UTC

Return-Path: <pgut001@cs.auckland.ac.nz>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DC0C7138103 for <openpgp@ietfa.amsl.com>; Fri, 27 Oct 2017 01:46:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.2
X-Spam-Level:
X-Spam-Status: No, score=-4.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_MED=-2.3] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=auckland.ac.nz
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rxQ7uqG3UM3V for <openpgp@ietfa.amsl.com>; Fri, 27 Oct 2017 01:46:16 -0700 (PDT)
Received: from mx4.auckland.ac.nz (mx4.auckland.ac.nz [130.216.125.248]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6B443138726 for <openpgp@ietf.org>; Fri, 27 Oct 2017 01:46:16 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=auckland.ac.nz; i=@auckland.ac.nz; q=dns/txt; s=mail; t=1509093976; x=1540629976; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=LIX0CtGmDEPSRXkOL4wr2SlqaLHUWJFkG6ujlmXbIdA=; b=dfvt9zSuslF5PlSgz4hPiJ8IIf19aPvFTUiyCUX9PBHDgeNhAPpiLUJV QsypO0WA0T04Epw5Lg/7a5Tc1SGL1Ic25kOo6a+1nf/ksvwp4Gbtgp76E Y/iKtd4jFz3AXSvTMTZ2AA3mVBLJSotU+gHMdX74Cwcaw3Gxin6wE5ya5 u9lEqyW8L/LHCXhnoDqFmvlOVn7AdvbDT7S9kP44mzxAonHnia5ndrfVv zTUM4DjezaxAxMRLSxMeeAWIbamcpvaeJgNwBJKPPra9kxV8cRhrMG0d5 KINxMJEDjfrhF1j/P/LroCV/QcaDJR9KTSMQBQfGRIT8rvO+vMGx4t2Ub A==;
X-IronPort-AV: E=Sophos;i="5.44,304,1505736000"; d="scan'208";a="192229545"
X-Ironport-HAT: MAIL-SERVERS - $RELAYED
X-Ironport-Source: 10.6.2.8 - Outgoing - Outgoing
Received: from exchangemx.uoa.auckland.ac.nz (HELO uxcn13-ogg-e.UoA.auckland.ac.nz) ([10.6.2.8]) by mx4-int.auckland.ac.nz with ESMTP/TLS/AES256-SHA; 27 Oct 2017 21:46:14 +1300
Received: from uxcn13-ogg-d.UoA.auckland.ac.nz (10.6.2.5) by uxcn13-ogg-e.UoA.auckland.ac.nz (10.6.2.28) with Microsoft SMTP Server (TLS) id 15.0.1263.5; Fri, 27 Oct 2017 21:46:14 +1300
Received: from uxcn13-ogg-d.UoA.auckland.ac.nz ([10.6.2.25]) by uxcn13-ogg-d.UoA.auckland.ac.nz ([10.6.2.25]) with mapi id 15.00.1263.000; Fri, 27 Oct 2017 21:46:14 +1300
From: Peter Gutmann <pgut001@cs.auckland.ac.nz>
To: Werner Koch <wk@gnupg.org>, Paul Wouters <paul@nohats.ca>
CC: Ronald Tse <tse@ribose.com>, "openpgp@ietf.org" <openpgp@ietf.org>
Thread-Topic: [openpgp] Proposal to include AEAD OCB mode to 4880bis
Thread-Index: AQHTTXH5w45VH0tw2ky7nHf16p0Us6L1We9k//8uWgCAAXdPgIABY7ExgAABjzs=
Date: Fri, 27 Oct 2017 08:46:13 +0000
Message-ID: <1509093954061.51049@cs.auckland.ac.nz>
References: <D0505748-E376-4CF9-8906-9AD77838FB23@ribose.com> <1508981649515.71466@cs.auckland.ac.nz> <07C9EFDF-C8C2-4433-A9F9-DC3D7AFD5499@ribose.com> <6AC83857-62D9-45DF-9DAE-928CF0E45A96@nohats.ca>, <87she556tv.fsf@wheatstone.g10code.de>
In-Reply-To: <87she556tv.fsf@wheatstone.g10code.de>
Accept-Language: en-NZ, en-GB, en-US
Content-Language: en-NZ
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [130.216.158.4]
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/sj70dSrNmKGtPR1IMlv-zNn6NZY>
Subject: Re: [openpgp] Proposal to include AEAD OCB mode to 4880bis
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 27 Oct 2017 08:46:19 -0000

Werner Koch <wk@gnupg.org> writes:

>rfc2440 and rfc4880 both included IDEA as a SHOULD algorithm despite that
>IDEA was patent encumbered.  Also RSA was patent encumbered when 2440 was
>published and nevertheless a SHOULD algorithm.

They were there because there wasn't much choice.  PGP 2.0 used IDEA and RSA,
so it had to be kept around for future versions, although it was only a
SHOULD, not a MUST.  With OCB in contrast you're introducing a new patent-
encumbered algorithm for no obvious reason.

If you really want the protection that OCB offers then encrypt-then-MAC is a
totally unencumbered way of doing the same thing.  It's been in S/MIME for
years.

Peter.

v2.23.0 | Report a Bug | By Email