Re: [TLS] WG interest in draft-chudov-cryptopro-cptls-02.txt
"Gregory S. Chudov" <chudov@cryptopro.ru> Tue, 29 November 2005 17:50 UTC
Received: from localhost.cnri.reston.va.us ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1Eh9cK-0000d5-CB; Tue, 29 Nov 2005 12:50:12 -0500
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1Eh9cI-0000ZS-P9 for tls@megatron.ietf.org; Tue, 29 Nov 2005 12:50:10 -0500
Received: from ietf-mx.ietf.org (ietf-mx [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id MAA11563 for <tls@ietf.org>; Tue, 29 Nov 2005 12:49:25 -0500 (EST)
Received: from mx2.cryptopro.ru ([213.59.158.218]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1Eh9wP-0005HA-7r for tls@ietf.org; Tue, 29 Nov 2005 13:10:58 -0500
Received: from fandra2k ([192.168.68.6]) by mx2.cryptopro.ru with Microsoft SMTPSVC(6.0.3790.1830); Tue, 29 Nov 2005 20:52:30 +0300
Message-ID: <055101c5f50d$ab2b78a0$0644a8c0@cp.ru>
From: "Gregory S. Chudov" <chudov@cryptopro.ru>
To: Dmitry Belyavsky <beldmit@cryptocom.ru>, tls@ietf.org
References: <20051128190250.C9E7622244D@laser.networkresonance.com><7.0.0.10.2.20051128144717.02c1fc78@vigilsec.com> <Pine.LNX.4.62.0511291734070.23219@manul.lan.cryptocom.ru>
Subject: Re: [TLS] WG interest in draft-chudov-cryptopro-cptls-02.txt
Date: Tue, 29 Nov 2005 20:52:30 +0300
MIME-Version: 1.0
Content-Type: text/plain; format="flowed"; charset="ISO-8859-1"; reply-type="original"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.3790.1830
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.1830
X-OriginalArrivalTime: 29 Nov 2005 17:52:30.0578 (UTC) FILETIME=[AB367520:01C5F50D]
X-Spam-Score: 0.0 (/)
X-Scan-Signature: f607d15ccc2bc4eaf3ade8ffa8af02a0
Content-Transfer-Encoding: 7bit
Cc:
X-BeenThere: tls@lists.ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.lists.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/tls>
List-Post: <mailto:tls@lists.ietf.org>
List-Help: <mailto:tls-request@lists.ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=subscribe>
Sender: tls-bounces@lists.ietf.org
Errors-To: tls-bounces@lists.ietf.org
Greetings. I agree that it could be useful to add a paragraph, containing the reasoning for this. IMIT_GOST28147 is not an HMAC, it is basicly a form of GOST28147 cipher. To be robust to attacks based on timing and EMI analysis, one symmetric key should not be used for large quantities of plaintext, so the key meshing algorithm from draft-popov-cryptopro-cpalgs-04.txt is applied. This "abberation" can be rephrased in a following way: MACed_data[seq_num] is MACed, using the cipher state, produced by processing the previous record. Good luck! ----- Original Message ----- From: "Dmitry Belyavsky" <beldmit@cryptocom.ru> To: "Russ Housley" <housley@vigilsec.com> Cc: <tls@ietf.org> Sent: Tuesday, November 29, 2005 5:40 PM Subject: Re: [TLS] WG interest in draft-chudov-cryptopro-cptls-02.txt > Greetings! > ... > > What can you say about section 3.3 of draft-chudov-cryptopro-cptls-02.txt? > It describes a non-reasoned aberration from RFC 2246: > > ==================== > For all four cipher suites, the use of MAC is slighttly different > from the one, described in section 6.2.3.1 of [TLS]. In [TLS], MAC > is calculated from the following data: > > MACed_data[seq_num] = seq_num + > TLSCompressed.type + > TLSCompressed.version + > TLSCompressed.length + > TLSCompressed.fragment; > > These cipher suites use the same input for first record, but for each > next record the input from all previous records is concatenated: > > MACed_data[0] + ... + MACed_data[n] > ==================== > > > -- > SY, Dmitry Belyavsky (ICQ UIN 11116575) > > > _______________________________________________ > TLS mailing list > TLS@lists.ietf.org > https://www1.ietf.org/mailman/listinfo/tls > _______________________________________________ TLS mailing list TLS@lists.ietf.org https://www1.ietf.org/mailman/listinfo/tls
- [TLS] WG interest in draft-chudov-cryptopro-cptls… Eric Rescorla
- Re: [TLS] WG interest in draft-chudov-cryptopro-c… Russ Housley
- Re: [TLS] WG interest in draft-chudov-cryptopro-c… Dmitry Belyavsky
- Re: [TLS] WG interest in draft-chudov-cryptopro-c… Gregory S. Chudov
- Re: [TLS] WG interest in draft-chudov-cryptopro-c… Dmitry Belyavsky
- Re: [TLS] WG interest in draft-chudov-cryptopro-c… Nikos Mavrogiannopoulos
- Re: [TLS] WG interest in draft-chudov-cryptopro-c… Dmitry Belyavsky
- [TLS] Difference between TLS and SSL Ali Fessi
- Re: [TLS] WG interest in draft-chudov-cryptopro-c… Gregory S. Chudov