Re: [TLS] Should CCM_8 CSs be Recommended?
Russ Housley <housley@vigilsec.com> Wed, 04 October 2017 13:56 UTC
Return-Path: <housley@vigilsec.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 82903126B6E for <tls@ietfa.amsl.com>; Wed, 4 Oct 2017 06:56:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CunN6MMJOYbU for <tls@ietfa.amsl.com>; Wed, 4 Oct 2017 06:56:57 -0700 (PDT)
Received: from mail.smeinc.net (mail.smeinc.net [209.135.209.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1C6111241F3 for <tls@ietf.org>; Wed, 4 Oct 2017 06:56:57 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mail.smeinc.net (Postfix) with ESMTP id 7F37A3005AD for <tls@ietf.org>; Wed, 4 Oct 2017 09:56:56 -0400 (EDT)
X-Virus-Scanned: amavisd-new at mail.smeinc.net
Received: from mail.smeinc.net ([127.0.0.1]) by localhost (mail.smeinc.net [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id 9C7zH-xG9o1P for <tls@ietf.org>; Wed, 4 Oct 2017 09:56:54 -0400 (EDT)
Received: from [10.5.245.234] (wsip-98-172-24-238.dc.dc.cox.net [98.172.24.238]) by mail.smeinc.net (Postfix) with ESMTPSA id A09B3300563; Wed, 4 Oct 2017 09:56:54 -0400 (EDT)
From: Russ Housley <housley@vigilsec.com>
Message-Id: <2926B125-E1C5-4784-9048-FDDE068AB892@vigilsec.com>
Content-Type: multipart/signed; boundary="Apple-Mail=_BBE30700-ABAD-4D66-BCEF-39B0B5D15909"; protocol="application/pgp-signature"; micalg="pgp-sha1"
Mime-Version: 1.0 (Mac OS X Mail 10.3 \(3273\))
Date: Wed, 04 Oct 2017 09:56:51 -0400
In-Reply-To: <64D6B075-F0E9-47BD-85CE-055E777F4931@gmail.com>
Cc: IETF TLS <tls@ietf.org>
To: Yoav Nir <ynir.ietf@gmail.com>
References: <CA26DC83-9524-4CDA-910A-7FDCBF73F849@sn3rd.com> <CABcZeBM=BnwGKydcWaaCTgqCvJA6Yc-ejz-q_BtsvCNO1JHWSg@mail.gmail.com> <AACDE608-F8EE-4C5C-82C2-03AAF1C32BDA@gmail.com> <A0249DE0-2F0C-44EE-B13A-A5AFEF26A82C@vigilsec.com> <64D6B075-F0E9-47BD-85CE-055E777F4931@gmail.com>
X-Mailer: Apple Mail (2.3273)
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/-CU_9eauuBIQxGhUIZZT50Q6wYg>
Subject: Re: [TLS] Should CCM_8 CSs be Recommended?
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 04 Oct 2017 13:56:58 -0000
> On Oct 4, 2017, at 9:48 AM, Yoav Nir <ynir.ietf@gmail.com> wrote: > > >> On 4 Oct 2017, at 16:29, Russ Housley <housley@vigilsec.com <mailto:housley@vigilsec.com>> wrote: >> >> >>> On Oct 4, 2017, at 3:30 AM, Yoav Nir <ynir.ietf@gmail.com <mailto:ynir.ietf@gmail.com>> wrote: >>> >>> (IoT) - This requirement is for interoperability with IoT. Only >>> 128-bit keys are at the given level. >> If the IoT environment is willing to accept lower integrity protection in order to save a few bits on the wire/ether, I do not see why the specification also forces them from using a larger key size. > > Maybe to save a few cycles in addition to the few bits? They claimed that the one AEAD cipher they needed was AES_CCM_8 with a 128-bit key, because that was all that their hardware supports. > > What we are saying is that if you want your (in that case IPsec, but it’s no different for TLS) to work with IoT devices, you need that AEAD cipher. Right, but is there any reason to restrict CCM_8 to 128-bit keys in the IANA registry entry? I can't see one. Russ
- [TLS] Should CCM_8 CSs be Recommended? Sean Turner
- Re: [TLS] Should CCM_8 CSs be Recommended? Jim Schaad
- Re: [TLS] Should CCM_8 CSs be Recommended? Eric Rescorla
- Re: [TLS] Should CCM_8 CSs be Recommended? Yoav Nir
- Re: [TLS] Should CCM_8 CSs be Recommended? Salz, Rich
- Re: [TLS] Should CCM_8 CSs be Recommended? Russ Housley
- Re: [TLS] Should CCM_8 CSs be Recommended? Yoav Nir
- Re: [TLS] Should CCM_8 CSs be Recommended? Russ Housley
- Re: [TLS] Should CCM_8 CSs be Recommended? Don Sturek
- Re: [TLS] Should CCM_8 CSs be Recommended? Joseph Salowey
- Re: [TLS] Should CCM_8 CSs be Recommended? Andrei Popov
- Re: [TLS] Should CCM_8 CSs be Recommended? Salz, Rich
- Re: [TLS] Should CCM_8 CSs be Recommended? Sean Turner
- Re: [TLS] Should CCM_8 CSs be Recommended? Sean Turner
- Re: [TLS] Should CCM_8 CSs be Recommended? Robert Cragie
- Re: [TLS] Should CCM_8 CSs be Recommended? Sean Turner
- Re: [TLS] Should CCM_8 CSs be Recommended? Eric Rescorla
- Re: [TLS] Should CCM_8 CSs be Recommended? Hannes Tschofenig
- Re: [TLS] Should CCM_8 CSs be Recommended? Benjamin Kaduk