IETF Logo Mail Archive

Re: [lamps] draft-housley-lamps-cms-aes-mac-alg-00 Section 7

"Brockhaus, Hendrik" <hendrik.brockhaus@siemens.com> Tue, 24 November 2020 07:12 UTC

Return-Path: <hendrik.brockhaus@siemens.com>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1EBBD3A164B for <spasm@ietfa.amsl.com>; Mon, 23 Nov 2020 23:12:37 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.001
X-Spam-Level:
X-Spam-Status: No, score=-0.001 tagged_above=-999 required=5 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=siemens.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dwyp8uRGS4r0 for <spasm@ietfa.amsl.com>; Mon, 23 Nov 2020 23:12:33 -0800 (PST)
Received: from EUR04-HE1-obe.outbound.protection.outlook.com (mail-eopbgr70080.outbound.protection.outlook.com [40.107.7.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B18823A164C for <spasm@ietf.org>; Mon, 23 Nov 2020 23:12:32 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=lrvKVc3QBRe/TdQQJgbGIwyHKC3b48Uoh16aoOTBKa1+tmsw3U7gMGExqd9WpHQKuy8lbt1BUNCraSFYvkgE03twpLr2EO5HulhcOxpk3EjjT+P8Bw1+nYcR/VIP3KbfERTzhsuDd20or3x0k9z+yF4cDVJpv9mbPmVXRRNPRj1LFMjUMkvsyTxU2s8VXVzeWLiWddtcgnEHK5LFUYkypeTNGxKI/ULrNJlMupCbCEz7SfZQPsQ7Z0I62mZs8Fk71GFMDTxF2ZfXT8C5uazPKEj53jNWH8f9/r1LAG8084M2ArZ14/nFT2+KGJMo8KhFg8DbGEROUk3Hma+FCAnAxA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Rm/FZmYwPbl/RmSh35WLBAgr8YcXu4xEwQH0QqHZ14Q=; b=jU9BkU22gdEz7mTOH2rYTD/vsQAHeqzKCYpd9XfS4td1fdVlxMzsm18OpXRduujmQ0jJXrA1cXnED7l3tpwiwTL4wWEtxT1Mm47yXrpZT/LcQSkQD5NMuC5hiDldpB04b+MF5k0XL9Bqgti63v1fXBFLIsYEP5ttKRAKWG9YGviCmdoriWJMJHPEl4VXcC0RsIOWZ3WSwJXivI1+p2bmiHwVFuF31oPKJ0rpvDTPS6ar81KxnLKlDOQ2zUpzGbHtMuRCDkgx9hk/UyN18ADWYQ9ME6q5cvgN1x1somasLX8zsnL8qAGyLLxiufUPi66734CLXJZcYbBB2JfQYttWdw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=siemens.com; dmarc=pass action=none header.from=siemens.com; dkim=pass header.d=siemens.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=siemens.onmicrosoft.com; s=selector1-siemens-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Rm/FZmYwPbl/RmSh35WLBAgr8YcXu4xEwQH0QqHZ14Q=; b=fe9VkMFDMBIK4zR8MLhRib2xv0QfGSy28WnVs2fq9aJRdx3w02rBJEupqRaU3JBgqWc0boo9Uu8KhRmtMVY8VHk4UKDdLpIWPJQrN0I89qEO2pa8k0Li0hqBbTBlwqgDo4IlEkTaeqbqzZjpftol2KG7j0NUn4vGbFqcbzjlaMY=
Received: from AM0PR10MB2418.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:208:dd::17) by AM0PR10MB3028.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:208:15b::26) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3589.25; Tue, 24 Nov 2020 07:12:29 +0000
Received: from AM0PR10MB2418.EURPRD10.PROD.OUTLOOK.COM ([fe80::99d0:2508:a9e9:3149]) by AM0PR10MB2418.EURPRD10.PROD.OUTLOOK.COM ([fe80::99d0:2508:a9e9:3149%6]) with mapi id 15.20.3564.036; Tue, 24 Nov 2020 07:12:29 +0000
From: "Brockhaus, Hendrik" <hendrik.brockhaus@siemens.com>
To: Russ Housley <housley@vigilsec.com>
CC: LAMPS <spasm@ietf.org>, "hans.aschauer@siemens.com" <hans.aschauer@siemens.com>
Thread-Topic: draft-housley-lamps-cms-aes-mac-alg-00 Section 7
Thread-Index: AdbBvjej4BNYERxwTuOWlofLGGAE3AABI6+AABuQDYA=
Date: Tue, 24 Nov 2020 07:12:29 +0000
Message-ID: <AM0PR10MB24185EE037B8BC8FC284982CFEFB0@AM0PR10MB2418.EURPRD10.PROD.OUTLOOK.COM>
References: <AM0PR10MB2418A264551A8315DFE6E968FEFC0@AM0PR10MB2418.EURPRD10.PROD.OUTLOOK.COM> <22D76412-D502-45B4-80E3-6DC80449C6A8@vigilsec.com>
In-Reply-To: <22D76412-D502-45B4-80E3-6DC80449C6A8@vigilsec.com>
Accept-Language: de-DE, en-US
Content-Language: de-DE
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_Enabled=true; MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_SetDate=2020-11-24T07:12:28Z; MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_Method=Standard; MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_Name=restricted-default; MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_SiteId=38ae3bcd-9579-4fd4-adda-b42e1495d55a; MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_ActionId=88cc81ec-ac70-43eb-b071-0559236eb7e0; MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_ContentBits=0
document_confidentiality: Restricted
authentication-results: vigilsec.com; dkim=none (message not signed) header.d=none;vigilsec.com; dmarc=none action=none header.from=siemens.com;
x-originating-ip: [77.9.5.44]
x-ms-publictraffictype: Email
x-ms-office365-filtering-ht: Tenant
x-ms-office365-filtering-correlation-id: 8720fc2f-33d4-47d9-7d81-08d890484e49
x-ms-traffictypediagnostic: AM0PR10MB3028:
x-ld-processed: 38ae3bcd-9579-4fd4-adda-b42e1495d55a,ExtAddr
x-ms-exchange-transport-forked: True
x-microsoft-antispam-prvs: <AM0PR10MB3028BA755F7BB306016AD222FEFB0@AM0PR10MB3028.EURPRD10.PROD.OUTLOOK.COM>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: S3tqJjc6uorGxMPVpPEsgu7bBVmeNAyCBvyUY3AKzm7epfezgKbqfNBKZH1RGylfzeQQHeLmJX3nKbA6oKpZFBK2LhKjrTthdLmQPJxtCQAKE+I6a0USJ1lobRe8rIgxGnNZO7jJfP16oiAK1ngDJB0+28alhIZ/BgipzUpN68vSmOvFGI4XG/ZRKauBKblitfihX47YLamxCrrl8PSkgdSUMDIo1ICHokn1KyOyeqhtpNfFuaD7E4Uq0rBsryT7Hk28gk5uxV2vEPfpsYSUwmqNH01FQ6VPAiEN66CeMkIoyn7U637dsVkTbSsGQcEmGW7osxrPPdLae5z8OvyqCgFTeEbp3lwXTee+h3hAxr6jZ+v6/Z5yGHzDzp6+B2P9VxoLxRA7YfEiYZYeyMa66w==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:AM0PR10MB2418.EURPRD10.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(4636009)(396003)(136003)(366004)(346002)(39860400002)(376002)(76116006)(66946007)(64756008)(7696005)(478600001)(316002)(66556008)(54906003)(86362001)(66446008)(4326008)(6916009)(66476007)(8936002)(966005)(26005)(53546011)(6506007)(2906002)(186003)(5660300002)(52536014)(83380400001)(8676002)(9686003)(71200400001)(33656002)(55016002)(107886003); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: aMMcPNl1/8AT+LDEqg04lQXRcxt5fmk3VZvkWcfUNPPhFEDI2c3WspCZ5+Lo3KJ+l04r9+fnWak+Np3cH/1iCwdmoxKDBJkqelaZXCLfH2AFOzSC6Jrog1BJJwXiAW7YYIteyd+vZwblp4jT0hPoHO278R86YUuOUSENBM6262KayHOGqIGfkQyTLPL1JH5r19rP13+JvN0rJ4gQaa8yol5DcE2HdISaS09p5HRmlzMhspHkBoKYhBYAKKjetl4+UEZSADis19y8ap0q7bvlOThrU2RBpTRI5Cdb6yBcd5Fk+8m7jZK9xzz/+mARzacYtzGqUx6TirtnLj84f0vH0HJULfnHdfl4ltH6BeEg692chYu8lgFqzEDAn18kdin+JzqK4ip4JbS/Qja218WOQOcUlSfwuFFCJ2zq/dHmCB+cfcZFbZ/HoNM6gnv0GVAH7gXGCcSKDri0szxhW8T2dbyVho1bJwNrWvzT3DihyO/uFzBZNsOYo5S6iTZdlnIIshUGvBOunu+xuTDGIBniyKEU9/xMb/3Z/7xR1hz5Ik9WJ67s+EhwQjsr5sz4H92gd/upsqovcFqWcJsPpnttewhQijWgPaG3NiSAT4gXyjG4LW3EfkTnMDLvOhFok6HrMSESS7KFfIFnI8Qf6BTeHzlTZ1wKpiKxiRynzXIvY2R/MX1SbN7IH/L17UC7vtz8jXSomjr4LkP1hIHOTr79za0uMznixpk1V1uNuC3isSqVpqxOPrw10OKmiF813rJNTsJB8lxmAFfNdXBFXA4LCeMHTE+BwSGs1HKMJmpwnfTIK9uzsHy/zUL1XYzGqfXXE3/auNcwx8x9oa8eCBmal0qNBo2E3kBoNXL9f+bkOy52F4CC0eZAg63GkVFp9ug9iNf7R2lhT7B3JMNlNs5kGg==
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: siemens.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: AM0PR10MB2418.EURPRD10.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: 8720fc2f-33d4-47d9-7d81-08d890484e49
X-MS-Exchange-CrossTenant-originalarrivaltime: 24 Nov 2020 07:12:29.7419 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 38ae3bcd-9579-4fd4-adda-b42e1495d55a
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: wZPHHMtyYe2KrslVJWAHRHOlxjNdrP3++Zo1I8TIcIgfapJT7nekyJ/GOwEQkR7NRwtjclTkGMKLVieT93I5Xx/bdOiZKdWCzjsHUSubHDE=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM0PR10MB3028
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/nxc1fgDNddJOL9TxQ-IRvhuLmSs>
Subject: Re: [lamps] draft-housley-lamps-cms-aes-mac-alg-00 Section 7
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 24 Nov 2020 07:12:37 -0000

The goal was to make the consequences more explicit.
Hendrik

> Von: Russ Housley <housley@vigilsec.com>
> Gesendet: Montag, 23. November 2020 19:02
> 
> Section 3.1 says: Within the scope of any content-authentication key, the
> nonce value MUST be unique.
> 
> I agree that the Security Considerations should also talk about the
> consequences of reusing a nonce value.
> 
> Russ
> 
> 
> > On Nov 23, 2020, at 12:36 PM, Brockhaus, Hendrik
> <hendrik.brockhaus@siemens.com> wrote:
> >
> > Hi Russ
> >
> > As in AES-GMAC the uniqueness of the nonce is crucial,  I want to propose
> to add the following text in Section 7 right before the last paragraph.
> > "Implementations must generate nonce values which must be unique for a
> given message-authentication key. Repeating a nonce value only once allows
> an attacker to generate valid AES-GMAC authentication codes for arbitrary
> messages, which results in no security of the authentication code (see [GCM],
> Appendix A)."
> >
> > May be it is also of value to add this in Section 5 of draft-housley-lamps-
> crmf-update-algs as well.
> >
> > Hendrik
> >
> >
> > Hendrik Brockhaus
> > Siemens AG
> > T RDA CST SEA-DE
> > mailto:hendrik.brockhaus@siemens.com
> >
> > http://www.siemens.com/
> >
> > Siemens Aktiengesellschaft: Chairman of the Supervisory Board: Jim
> Hagemann Snabe; Managing Board: Joe Kaeser, Chairman, President and Chief
> Executive Officer; Roland Busch, Klaus Helmrich, Cedrik Neike, Matthias
> Rebellius, Ralf P. Thomas, Judith Wiese; Registered offices: Berlin and Munich,
> Germany; Commercial registries: Berlin-Charlottenburg, HRB 12300, Munich,
> HRB 6684; WEEE-Reg.-No. DE 23691322

v2.23.0 | Report a Bug | By Email