Re: [Teep] Use of AES-CTR in TEEP?
Dave Thaler <dthaler@microsoft.com> Tue, 10 October 2023 17:41 UTC
Return-Path: <dthaler@microsoft.com>
X-Original-To: teep@ietfa.amsl.com
Delivered-To: teep@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A222EC1519B3; Tue, 10 Oct 2023 10:41:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.111
X-Spam-Level:
X-Spam-Status: No, score=-7.111 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Y6ryW22OFfYD; Tue, 10 Oct 2023 10:41:03 -0700 (PDT)
Received: from DM5PR00CU002.outbound.protection.outlook.com (mail-centralusazon11021024.outbound.protection.outlook.com [52.101.62.24]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2741CC15152C; Tue, 10 Oct 2023 10:41:03 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=fchD7F4Swn1w0ff30mX3kzpMXBBzpXM4VRg6wh8ImA/rP4VbTyng4AxUQDoTGhj5WOPbOYS2N4i1ceVJFOgjU+BqHCfYJsjMjpBFiDyz/AOUV3c+xFclqfzjCx8nY1vxn+9y1Juqn6KgXWNH9bg+nloGHRyWOdnIOgCNtIjLC4q3l5TnfDPCqNH9j/stuAPavGc02pnQ6mnQiweUYQnTiJi8ilQ/DpJj9VtsdUqE31ISMQgtzCWBoeJ1v2gEKctiEKP/49izDhHIyyW2Gj7Q42AKXwGEi/NmCYz4NUsD1LhzgBPB5zSlIzQwPR2wGLy2pOJDZtZz+XGFKNn5ctp+iw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=2L8qBGTWJvhpWCpcpQRsIZi90Ejs5oY//AMUDeZVpPw=; b=BWuzeMd/cHv8e5kWDiALpnwFMaczz7ajF/jlms6UMau6uBovGAHEL0AmMESROwI8HdSN3tKzmKb+pvvfsKMCBWc0MqqllcKA0M6RNYSumkAnpkktb+Azg4d7FwtRD1dSFhfqyT9WuXRINBVomcXJURw6vgchdXsynLS/G6J5W4dWakKwejPLas9h3QA3e2iuuTTtoZj5ognY/pF5Rj3Wy2vPOPdbWYMmtlspaJ8j7JmyXrTs7lXSTjQvYFEPVI/++KjtBbMxx2+xvNntgVPZM4AgpHOCdVnussMIuK2NhXrteh7svU0kQ9fJAT0132DkgqHkh/Fjfj6oc1AGna5skw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=microsoft.com; dmarc=pass action=none header.from=microsoft.com; dkim=pass header.d=microsoft.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=2L8qBGTWJvhpWCpcpQRsIZi90Ejs5oY//AMUDeZVpPw=; b=MDPEm5ckxHZx7B33ToekGl6rSoxSXkHobdV9HggSWKAM38W6EU65FYWeXIeg6dvb9orMfUDt2qfBtuvGiW1mmgVFjeQIeukTlcMDVoK7xVGCsNB7oEOgPQU+MJLzzF2D8G6/WYS58vONj3yli2oWJeHtvcUwMO0OLcB91OmX/HQ=
Received: from PH7PR21MB3878.namprd21.prod.outlook.com (2603:10b6:510:243::22) by CY5PR21MB3687.namprd21.prod.outlook.com (2603:10b6:930:2b::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6907.2; Tue, 10 Oct 2023 17:41:00 +0000
Received: from PH7PR21MB3878.namprd21.prod.outlook.com ([fe80::a9ea:70b4:adf3:9b08]) by PH7PR21MB3878.namprd21.prod.outlook.com ([fe80::a9ea:70b4:adf3:9b08%4]) with mapi id 15.20.6886.016; Tue, 10 Oct 2023 17:41:00 +0000
From: Dave Thaler <dthaler@microsoft.com>
To: "hannes.tschofenig@gmx.net" <hannes.tschofenig@gmx.net>, "teep@ietf.org" <teep@ietf.org>, "suit@ietf.org" <suit@ietf.org>
Thread-Topic: [Teep] Use of AES-CTR in TEEP?
Thread-Index: Adn4ckgIvxtwnCseTReGWgz3PV4GiACS5uoAAAFKB8AAHePIgAAZhdug
Date: Tue, 10 Oct 2023 17:41:00 +0000
Message-ID: <PH7PR21MB3878C1969D2493B0FAF140D9A3CDA@PH7PR21MB3878.namprd21.prod.outlook.com>
References: <PH7PR21MB3878F05953BAF6113F429396A3C9A@PH7PR21MB3878.namprd21.prod.outlook.com> <488eb665-30fc-4be9-832d-0ccc8409db36@gmx.net> <PH7PR21MB387889BB6C524006BD889B07A3CEA@PH7PR21MB3878.namprd21.prod.outlook.com> <02e701d9fb3a$9bf15660$d3d40320$@gmx.net>
In-Reply-To: <02e701d9fb3a$9bf15660$d3d40320$@gmx.net>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_ActionId=32d6509c-94d8-4b5d-96f9-703fa420e643; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_ContentBits=0; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Enabled=true; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Method=Standard; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Name=Internal; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SetDate=2023-10-10T17:39:18Z; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SiteId=72f988bf-86f1-41af-91ab-2d7cd011db47;
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=microsoft.com;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: PH7PR21MB3878:EE_|CY5PR21MB3687:EE_
x-ms-office365-filtering-correlation-id: e87ef291-46a7-4ed5-394f-08dbc9b81143
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: xn+2A8h87yfGhkPjCflsCZ66WpgPG2f8crw3/3gbFkvYP+WyRRK6kqSnjdiUEy5rElUnaf1HJCyMnnUTzMvUccOsB6Ipu7Z3hInM3iPPL81S0uh7vO4wLNT1oP7PCGt6dVh3yiSm8HsCkax1Ll5i9a87AJqn4Gg9bC9i8K/NBax970rrCUYXzgOdGiUmNowQKyfGUR6DqAdhC1Mh1lXCmblTw+sfq6ycsOAqxJfQai7QxVa2tdtCN3pnB9YFiGrLg4DmgnuTVDVntkXRifsD4iqm9QbK0I587tYojReA7MiQq4d1bLF9ZcoGxt9w9KdDEBIAKZCxrpvL0JZ3W8v5pRd2lJkBHA8hmyVWqdcopISG+MJwFfaMlhjey4Ax+nfxudSBoarIPEtcQ2vyeMs9If3fgB1thtZUfKAO9QUd+RHf84oz+CNu6STYKXp1XSFDbCOxktGlye465MvjTwxWbia3yh9hnxSF/4Rewp0bshTUF0BCwlKzmAGOd2/sbZWTfiKF/68J7CNh5Cb4UCsliv1ilTYyDt+54LCQYBtPIGpMho9Qx558jJLsH62XtXWmZNbz9QPnj/lwkdQIEVwQp8dfViRZg1eo51mSuWXylLs1AFf57u6ixEcG0vgkJKyn2GmO83JFyrWQ1JQTslWoRul8TtmjWit0AI6jR67DS5M=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:PH7PR21MB3878.namprd21.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230031)(39860400002)(396003)(346002)(366004)(136003)(376002)(230922051799003)(451199024)(64100799003)(1800799009)(186009)(122000001)(82960400001)(38070700005)(86362001)(82950400001)(38100700002)(33656002)(9686003)(71200400001)(55016003)(7696005)(5660300002)(2906002)(4744005)(10290500003)(478600001)(52536014)(41300700001)(6506007)(64756008)(316002)(8990500004)(66476007)(8936002)(66946007)(8676002)(66556008)(76116006)(66446008)(110136005)(26005); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: DhG32t+/N0B144gpHRWSuY7qLYDVTl3zOa9b/IX30v1xMc/O0iBMH/IdB1GkPKWsNIH5MvNEnwx14ZlbCjCy3/7bwl3fKk1OsvAdihkhkDi+Gpy6SR1RzBltFmj4MsTjtQWIGxXVgaabzqTkiZ73q08pCO3z8bs3ceprQtW7vIAIEhbvWeVT9YJpI6bORuhhkMaEGV2SejNDVgNBEi32YCzxbYTJZImtyPxGx+7p9oF8jAhjzPE1jBke3nsWOO56yX3sdMJG6nhpF+87oyE2Ll0kxhdqwJrHL9MFQTGMZAYk0TH3C481FtENeVE5yocl3O/UqsA2NxEbf9UCLNgcuD0VrN3LNyuXcN/6KnEDttiroTPJPvudF1sXR266bwqnTzboXWnp8Bh7A5a8JwYKWYAq6Tbq65vsXPRtSWs1hH1HD2gciUgCJN82OTZNeu+KMxxkHV8cD3uYz3tciwJiMoysOxZieyOKcfeflh3co+5JAlt4xryvJ+0SE2HI5dyV+IyJ4kOIhza5RUjk3qrH1c7hQ7kyzoSMIY1ibe1JjPunfltbFLo14bwCDVnjH7XLKLcFczUF30RiAKkSSQKjQdi1avfk+dG28rJ2Kh8nl26v5X9oDaPqCw8x+SNiTPxJ+8a+9+hjjVSxRt1Ir7FLRJGpvBLAtPOOywxXEHdT+sVvbRtaeYcHz/yJLEWEm3CM82azJ3oXnipqT+4T5Gl+V6EzUFP7id2jS4KJebXGBXqLG+KHzUHDbu9Kpn4aVh+ZFhoxlKeTPtL6jtfkCo1Y2f1mudYwg4WECRAZ59TvX0PCxJAHrAPqWxb9wXjrYx9vVIq7mIOLHBX81WaRya5uR1Sd0f4i/PfjVyGIlXU115MyTDw3WTYbWLtBFjurIyZ8lxT2MQh4XZUngBxvkhcGdmwpn4ibN3sYVufL64efv8L+I7vlUx6O1eQvFJXt+sEPW9ODrNsiy0lfflHLsHMqooqE350XMghak6wNFVl/LRfXQ1l6+ABlMq1Q8yKggFodLq8Q2XqkIQqplhZVtjaKDuqydM8xVP/ly+vHj+s18h3dO45WAEAQHTV+42QevQVvbjjUFMKBnVUdavIEfmrH2Dn7i9O1tb2AH4C2W3rGvGUnTVcz6x8BYsaho7wEfBkv8y/o5I/Qx+4E9KnaZ2I2/E8gIQro5uotPSkqZbQKkgREvrwcY02WjZLU77+X2hg6ENqT9rqcaS3RVquYhs8SCLMv7OJW/rUo3iY8wLXFHaNKADgD9L7ILrl5dje7ZRsTVLAj1eMfwHB6S55Z/B+Yv/hyMwmO4yPsgyx4wTIPWiWgwoZKNJNF9DyD5kEWTatfoNO1C0Keo6T3LxMSiySHJEPQ9+NP/IswW6Fb/BmFTZ87lCM0r/cj68mnSzvlsXCVSmazxdIFdJ4ZoBFaMrOvjTl5l9bgRiYPqqyptJxq4qPXSP61hSpVER9Bji5M0v7IF9+s2b8L9tDahogFNPdXRKkipEyDtbQ/tJT8bwanLF9ZGBvCViblt8hydHGZo+gx3viL+vBGHR0jGA3ARSBPSvQYBF1PkzQ30wm0XrZFJcDOhNLJ7SkFQUWGRArmqCvdraMumrNavE2KlHJjHTJJsg==
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: PH7PR21MB3878.namprd21.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: e87ef291-46a7-4ed5-394f-08dbc9b81143
X-MS-Exchange-CrossTenant-originalarrivaltime: 10 Oct 2023 17:41:00.3446 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: 3MAsCp59ly5/TnOCzb+YRyxtbqDP7vIfbjmMrIOU0oGqFrKT62DUG8Pk38/gwQ/+7gCmG9ccuAajr1je7olpQrK0vDdckQ6wXtBMYko79eE=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY5PR21MB3687
Archived-At: <https://mailarchive.ietf.org/arch/msg/teep/YjAChxKNFn1nKou8TEmfoisaF6Y>
Subject: Re: [Teep] Use of AES-CTR in TEEP?
X-BeenThere: teep@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: A Protocol for Dynamic Trusted Execution Environment Enablement <teep.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/teep>, <mailto:teep-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/teep/>
List-Post: <mailto:teep@ietf.org>
List-Help: <mailto:teep-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/teep>, <mailto:teep-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 10 Oct 2023 17:41:04 -0000
Hannes wrote, regarding draft-suit-mti:: > I would like to have a new profile added that defines suit-sha256-es256-ecdh- > a128gcm for use with TEEP. > This should be the default profile for use in TEEP. > > This adds new requirements to constrained IoT devices. Constrained IoT > devices should use one of the other 5 profiles already defined. Did I read that right, you want new requirements for _constrained_ devices? Your last two sentences seem to contradict each other, so either there's a typo or I'm not understanding. Dave
- [Teep] Use of AES-CTR in TEEP? Dave Thaler
- Re: [Teep] Use of AES-CTR in TEEP? Hannes Tschofenig
- Re: [Teep] Use of AES-CTR in TEEP? Dave Thaler
- Re: [Teep] Use of AES-CTR in TEEP? hannes.tschofenig
- Re: [Teep] Use of AES-CTR in TEEP? Dave Thaler
- Re: [Teep] Use of AES-CTR in TEEP? hannes.tschofenig
- Re: [Teep] Use of AES-CTR in TEEP? Dave Thaler
- Re: [Teep] Use of AES-CTR in TEEP? Tschofenig, Hannes
- Re: [Teep] [Suit] Use of AES-CTR in TEEP? dthaler1968
- Re: [Teep] [Suit] Use of AES-CTR in TEEP? Hannes Tschofenig