IETF Logo Mail Archive

[lamps] draft-housley-lamps-cms-aes-mac-alg-00 Section 7

"Brockhaus, Hendrik" <hendrik.brockhaus@siemens.com> Mon, 23 November 2020 17:36 UTC

Return-Path: <hendrik.brockhaus@siemens.com>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 13FC23A097F for <spasm@ietfa.amsl.com>; Mon, 23 Nov 2020 09:36:48 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.001
X-Spam-Level:
X-Spam-Status: No, score=-0.001 tagged_above=-999 required=5 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=siemens.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xFtHmYXiJN4I for <spasm@ietfa.amsl.com>; Mon, 23 Nov 2020 09:36:47 -0800 (PST)
Received: from EUR04-HE1-obe.outbound.protection.outlook.com (mail-eopbgr70074.outbound.protection.outlook.com [40.107.7.74]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 942863A08BD for <spasm@ietf.org>; Mon, 23 Nov 2020 09:36:46 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=XU5rdl0RLepzxPZ1bmsgwTMZvB6jslE6bReb6bk5Mpyq7Jd1yAYmj5HjtgkBHDhGg/jA1E7LHZuLirnZUvvouuIJnW5XkaM9dmlt1J3mlSWsKHBbK4f3fcr0Umbzd0z7YJaHVRrWmuO4/XCEszJB9PWeiJzVildBrIY++FBP7A5BvJpPkHb4qcDs6E7gre82Auxwg7tu91ZJlyicTZs3Z3ZMHZ2GEP/pKHC67tIA4M5PKKD3R81gNqHulliL23/r4n/7tmFHiM8U+vpSaBlrzBV0/LBw4nLrA3NvTJbFK9m+eIIQij9NHjFLKi2r20S89Aakp1b1APIA4MkRdnSsXw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=UDaO+p2VOqvVsGOr0vLcDWoDPfYjErrx+XAdZ5hhIb0=; b=j4R+vRvAl/q4rqnK1NIxTYzVp823Ql6VrZUB/u791fRLDhK/YWqUAT/9AyfusRMKfoT+8kww934TleOE7eLe9PBXqXkDDdZ+WMfdCNrCKmbzFsuvMxTT7rcXDpqL3/YIl4cejLgejGjkYdhMa2I/dTt1hKVPLJM24jT9X8qwXyMKUIl6+jlnj5SGmd17ikFUgzDia2ttFlOmdZ0h88sg0K1hW7k1mxLdu+3ZQaLG/F45mbnymmhnRVbSQ25HmKG4gERR8UWeNARhD3r5Ew/kNPLf2fVSHsu15Ocu5gPfFgAwEIGIVqn4C2XMvL1+MqvTYIjLTDpZYuugVx/GtRS5Dw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=siemens.com; dmarc=pass action=none header.from=siemens.com; dkim=pass header.d=siemens.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=siemens.onmicrosoft.com; s=selector1-siemens-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=UDaO+p2VOqvVsGOr0vLcDWoDPfYjErrx+XAdZ5hhIb0=; b=I9veqrrNlF99N5E6y3WvxVfr0UBwOcwSwsCtwkWJTYCerEgzzh2XOu4F4T4bYkWyK99HyLvzWJ+0AiEnZU2oJVC9UGo2DYY+FRTabPjLCcrtz+TFRmyhmEVH8qkgHgFZzPeEEJPIEawjJjv5x57YSjILplrBg8sb2IrGYHS+IDo=
Received: from AM0PR10MB2418.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:208:dd::17) by AM9PR10MB4118.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:20b:1ff::5) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3589.21; Mon, 23 Nov 2020 17:36:44 +0000
Received: from AM0PR10MB2418.EURPRD10.PROD.OUTLOOK.COM ([fe80::99d0:2508:a9e9:3149]) by AM0PR10MB2418.EURPRD10.PROD.OUTLOOK.COM ([fe80::99d0:2508:a9e9:3149%6]) with mapi id 15.20.3564.036; Mon, 23 Nov 2020 17:36:44 +0000
From: "Brockhaus, Hendrik" <hendrik.brockhaus@siemens.com>
To: Russ Housley <housley@vigilsec.com>
CC: LAMPS <spasm@ietf.org>, "hans.aschauer@siemens.com" <hans.aschauer@siemens.com>
Thread-Topic: draft-housley-lamps-cms-aes-mac-alg-00 Section 7
Thread-Index: AdbBvjej4BNYERxwTuOWlofLGGAE3A==
Date: Mon, 23 Nov 2020 17:36:43 +0000
Message-ID: <AM0PR10MB2418A264551A8315DFE6E968FEFC0@AM0PR10MB2418.EURPRD10.PROD.OUTLOOK.COM>
Accept-Language: de-DE, en-US
Content-Language: de-DE
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_Enabled=true; MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_SetDate=2020-11-23T17:36:42Z; MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_Method=Standard; MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_Name=restricted-default; MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_SiteId=38ae3bcd-9579-4fd4-adda-b42e1495d55a; MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_ActionId=64464479-1a37-493c-85f3-7a27fb8885b4; MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_ContentBits=0
document_confidentiality: Restricted
authentication-results: vigilsec.com; dkim=none (message not signed) header.d=none;vigilsec.com; dmarc=none action=none header.from=siemens.com;
x-originating-ip: [165.225.200.171]
x-ms-publictraffictype: Email
x-ms-office365-filtering-ht: Tenant
x-ms-office365-filtering-correlation-id: b56668ac-f492-4eba-fb6e-08d88fd65854
x-ms-traffictypediagnostic: AM9PR10MB4118:
x-ld-processed: 38ae3bcd-9579-4fd4-adda-b42e1495d55a,ExtAddr
x-ms-exchange-transport-forked: True
x-microsoft-antispam-prvs: <AM9PR10MB411877200915089B3DB13C1EFEFC0@AM9PR10MB4118.EURPRD10.PROD.OUTLOOK.COM>
x-ms-oob-tlc-oobclassifiers: OLM:7691;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: J41Sep/b0/i+w9n8ydrmOoYrJBE3UrKCmMVdtzzDdXhZkNNKpySVE+358f7ltgPfqjcee7zsYhwN+3rIhLW6t9Csstz2VGnGVfleFQ3U8qLkQYqMvqz3WpjggseILcFhPqk7KF1/EPI8Wx+yMpfvAM7pV81z5OCpUfQfHb+Q2RoXdTIJHAXAzDUsZpMlBqyTxI36Ak5/akdj5nE6Q7qSwf7PfWRO6EDnFPuj9CAq91+xVvqCkExPCDZLcYU2+mZDVe+/UXUCqMQ30wdlo009THUsX8gGENhlzaqL8bGQ0H2iKdaL5qFZHMuO2jWEKZdmgv/B+cx33uEbW64PPnldxm8zsDP6SPRN5+ph3Zf4lg/++fe47G5afF6UkapXy0luGzhttgDwu38KV1+/735OwA==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:AM0PR10MB2418.EURPRD10.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(4636009)(346002)(376002)(366004)(396003)(39860400002)(136003)(55016002)(8676002)(186003)(316002)(76116006)(83380400001)(6916009)(26005)(54906003)(7696005)(2906002)(9686003)(15974865002)(71200400001)(5660300002)(107886003)(66946007)(52536014)(86362001)(66476007)(4326008)(478600001)(6506007)(33656002)(8936002)(55236004)(66446008)(66556008)(64756008); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: oScH/T9F6g/LEPNyBSWGFWAgAJiaMrc+AOZw10BWp56t/DneCIsId5TmO0y8CtsgD4dJgxkjuY9B/RYfWwxB83YtHjJ5sglFFwOylzivNf+GlT+1yh6CFxOtFIn/c1v0U6qhGOuRSjILgX99nw6kPmS3Pz1q6bEbq+t3+7QVUMGVGjXN+UnDojz0X8DguNzcXxaM5XSuvGGtRkwPSIsJpkSBDKjBP7ZygjIX50A/7kBrQSmFqYDM/WEH4I7JH7/YUbRIUv7MpEinHEiNgeoxshy5QAm2zEwMBuH+/mIzoYJl9R337BDpXI4YtWZeJj1g7P6ZbkufcGfir4tzVU/oNAXqKxzDC5jUdfFn0abVgvQN1L2FyhcW7yeupjEMDIaOhSp3zAZgUE58+01VjuSqZdd7H6qoXvaHdzMWm96KduhQW1FlYCU6NnAM0dbga2KWB/DtTKbFZTZfKo1eDIy38ZI8ifW3HCYBV12jxdOKtMhETLkae/ShcMA41CjuOwzYb76nGIoGacjaV5PvLx+DZ/b6STjcgySxtQD9g78bBvE+x6TmYD4vsqf8Z5XIpGOuhuA2nR5yrPNXoqoPB537l4nDBuBFfdL11soe6yemtQ4ujbLO0Sc9fdylFqDqGR06IKzGT+RGWETH3oqYrDMKBZDbtC2cpZz5NFBQpYDGrtmUH6KMWzJsMoFRNlik++Pu6ZTNip1MeR2blJFJG1k22V95H8N+1H+sjEGT/qACIz/axad0oFW/4WxIuSkz7yCTLEOXlsCTJPUDY/JEuD9VeftksjwbAjJ327kM0N/1A41n67UV56EjL7vCcWYldDk6MtewIb68BW0NqRbZ//HRtaBaoL6qXjwhxS8DIhmFy5NSMEvtYoWGghazIa76O7YobdiXp6MpiSjzkM6siTk9YA==
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: siemens.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: AM0PR10MB2418.EURPRD10.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: b56668ac-f492-4eba-fb6e-08d88fd65854
X-MS-Exchange-CrossTenant-originalarrivaltime: 23 Nov 2020 17:36:43.9553 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 38ae3bcd-9579-4fd4-adda-b42e1495d55a
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: 0RG6+OMrlRGne+hvwoSoDpS5OXne71W3PDJvu4mcLXAE1ytlDgVscEudAQG4wA095xl/2IozhpwQdF6x2plGOT4NTSrxa/MX2tsnwQVNsLY=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM9PR10MB4118
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/CzL8aVUjeJWOx6hlzEBa_FKFXoE>
Subject: [lamps] draft-housley-lamps-cms-aes-mac-alg-00 Section 7
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 23 Nov 2020 17:36:48 -0000

Hi Russ

As in AES-GMAC the uniqueness of the nonce is crucial,  I want to propose to add the following text in Section 7 right before the last paragraph.
"Implementations must generate nonce values which must be unique for a given message-authentication key. Repeating a nonce value only once allows an attacker to generate valid AES-GMAC authentication codes for arbitrary messages, which results in no security of the authentication code (see [GCM], Appendix A)."

May be it is also of value to add this in Section 5 of draft-housley-lamps-crmf-update-algs as well.

Hendrik


Hendrik Brockhaus
Siemens AG
T RDA CST SEA-DE
mailto:hendrik.brockhaus@siemens.com

www.siemens.com

Siemens Aktiengesellschaft: Chairman of the Supervisory Board: Jim Hagemann Snabe; Managing Board: Joe Kaeser, Chairman, President and Chief Executive Officer; Roland Busch, Klaus Helmrich, Cedrik Neike, Matthias Rebellius, Ralf P. Thomas, Judith Wiese; Registered offices: Berlin and Munich, Germany; Commercial registries: Berlin-Charlottenburg, HRB 12300, Munich, HRB 6684; WEEE-Reg.-No. DE 23691322

v2.23.0 | Report a Bug | By Email