Re: [TLS] I-D Action: draft-ietf-tls-ecdhe-psk-aead-00.txt

John Mattsson <john.mattsson@ericsson.com> Sun, 09 October 2016 07:04 UTC

Return-Path: <john.mattsson@ericsson.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7CCAD1294AD for <tls@ietfa.amsl.com>; Sun, 9 Oct 2016 00:04:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.221
X-Spam-Level:
X-Spam-Status: No, score=-4.221 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id odaszYH29Wsd for <tls@ietfa.amsl.com>; Sun, 9 Oct 2016 00:04:17 -0700 (PDT)
Received: from sessmg23.ericsson.net (sessmg23.ericsson.net [193.180.251.45]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 68B4612948C for <tls@ietf.org>; Sun, 9 Oct 2016 00:04:17 -0700 (PDT)
X-AuditID: c1b4fb2d-1c7ff700000009f7-f4-57f9ebefa696
Received: from ESESSHC010.ericsson.se (Unknown_Domain [153.88.183.48]) by (Symantec Mail Security) with SMTP id AA.9E.02551.FEBE9F75; Sun, 9 Oct 2016 09:04:15 +0200 (CEST)
Received: from ESESSMB307.ericsson.se ([169.254.7.51]) by ESESSHC010.ericsson.se ([153.88.183.48]) with mapi id 14.03.0319.002; Sun, 9 Oct 2016 09:04:15 +0200
From: John Mattsson <john.mattsson@ericsson.com>
To: Peter Dettman <peter.dettman@bouncycastle.org>, "tls@ietf.org" <tls@ietf.org>
Thread-Topic: [TLS] I-D Action: draft-ietf-tls-ecdhe-psk-aead-00.txt
Thread-Index: AQHR2pj1k3z3BfHf+k6el32lv2/tSKCgQdoA
Date: Sun, 9 Oct 2016 07:04:14 +0000
Message-ID: <D41FB7E3.52F68%john.mattsson@ericsson.com>
References: <20160527171935.11166.82258.idtracker@ietfa.amsl.com> <7a3597ae-92b8-23c8-b2c3-357f6fdb6792@bouncycastle.org>
In-Reply-To: <7a3597ae-92b8-23c8-b2c3-357f6fdb6792@bouncycastle.org>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/14.6.7.160722
x-originating-ip: [153.88.183.149]
Content-Type: text/plain; charset="utf-8"
Content-ID: <CCB5AF67E567CD47962329BD30B48A7D@ericsson.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFupnkeLIzCtJLcpLzFFi42KZGbHdQPf965/hBpdPaVg0fVnEZPHpfBej A5PHw1kaHkuW/GQKYIrisklJzcksSy3St0vgynh4bCJLwS/5incrFrA0ME6Q72Lk5JAQMJF4 OO8dSxcjF4eQwHpGiUWPtkM5ixglzi3/zgJSxSZgIDF3TwMbiC0iECxxp+kgmC0s4Cwx49Rt 9i5GdqC4i8RdYYgKI4nGA8fBKlgEVCR+/V7L1MXIwcErYC4xeV4oSFhIoFqi9fJ/ZhCbE6hx 4Ycv7CA2o4CYxPdTa5hAbGYBcYlbT+YzQZwpILFkz3lmCFtU4uXjf6wgtqiAnsSzz8/ZIeJK EmsPg1zPAdSrKbF+lz7EGGuJic3zWCFsRYkp3Q/BynkFBCVOznzCMoFRbBaSbbMQumch6Z6F pHsWku4FjKyrGEWLU4uLc9ONjPVSizKTi4vz8/TyUks2MQKj6eCW37o7GFe/djzEKMDBqMTD m5DzM1yINbGsuDL3EKMEB7OSCO/EZ0Ah3pTEyqrUovz4otKc1OJDjNIcLErivGYr74cLCaQn lqRmp6YWpBbBZJk4OKUaGOOUkgSFPyoudOdeEqezU9qifL2eCe/O4IkNE939k7d3/r1e/D5Y +s2DZWIf/N3MvjLE33l0T/Wc53bLWenc08oSD1j42K2Mq9zguvZb7FKjCzekuk9un/o97VHB jIj2gLUTohz8UqI8GfP9gtN93qvdZtyVIprmdkZZ32Erw6zD3dd4r7raK7EUZyQaajEXFScC AMhVDESiAgAA
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/OxnjkiPiPEjXcQShDQxqscFV7Hg>
Subject: Re: [TLS] I-D Action: draft-ietf-tls-ecdhe-psk-aead-00.txt
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 09 Oct 2016 07:04:19 -0000

Hi Peter,

Yes, it should end with ...SHA384. We will fix this in the next update.
(Related question from Martin Thompson can be found in [0])

Cheers,
John

[0] https://www.ietf.org/mail-archive/web/tls/current/msg21517.html



On 10/07/16 12:51, "TLS on behalf of Peter Dettman" <tls-bounces@ietf.org
on behalf of peter.dettman@bouncycastle.org>; wrote:

>Hi,
>I've just implemented these ciphersuites in BouncyCastle TLS, and have a
>couple of questions:
>
>In Section 3., should
>
>   TLS_ECDHE_PSK_WITH_AES_256_CCM_8_SHA256 = {0xTBD,0xTBD};
>
>end with ...SHA384 instead?
>
>   For the AES-256 cipher suites, the TLS PRF with SHA-384 as the hash
>   function SHALL be used and Clients and Servers MUST NOT negotiate
>   curves of less than 384 bits.
>
>requires SHA384 as the PRF, and I don't know what else SHA256 could
>refer to for an AEAD ciphersuite.
>
>I'm also curious whether there is a precedent in other RFCs for an
>explicit minimum curve bits, or perhaps a de facto implementer's rule?
>
>Regards,
>Pete Dettman
>
>On 28/05/2016 12:19 AM, internet-drafts@ietf.org wrote:
>> 
>> A New Internet-Draft is available from the on-line Internet-Drafts
>>directories.
>> This draft is a work item of the Transport Layer Security of the IETF.
>> 
>>         Title           : ECDHE_PSK with AES-GCM and AES-CCM Cipher
>>Suites for Transport Layer Security (TLS)
>>         Authors         : John Mattsson
>>                           Daniel Migault
>> 	Filename        : draft-ietf-tls-ecdhe-psk-aead-00.txt
>> 	Pages           : 7
>> 	Date            : 2016-05-27
>> 
>> Abstract:
>>    This document defines several new cipher suites for the Transport
>>    Layer Security (TLS) protocol.  The cipher suites are all based on
>>    the Ephemeral Elliptic Curve Diffie-Hellman with Pre-Shared Key
>>    (ECDHE_PSK) key exchange together with the Authenticated Encryption
>>    with Associated Data (AEAD) algorithms AES-GCM and AES-CCM.  PSK
>>    provides light and efficient authentication, ECDHE provides perfect
>>    forward secrecy, and AES-GCM and AES-CCM provides encryption and
>>    integrity protection.
>> 
>> 
>> The IETF datatracker status page for this draft is:
>> https://datatracker.ietf.org/doc/draft-ietf-tls-ecdhe-psk-aead/
>> 
>> There's also a htmlized version available at:
>> https://tools.ietf.org/html/draft-ietf-tls-ecdhe-psk-aead-00
>> 
>> 
>> Please note that it may take a couple of minutes from the time of
>>submission
>> until the htmlized version and diff are available at tools.ietf.org.
>> 
>> Internet-Drafts are also available by anonymous FTP at:
>> ftp://ftp.ietf.org/internet-drafts/
>> 
>> _______________________________________________
>> TLS mailing list
>> TLS@ietf.org
>> https://www.ietf.org/mailman/listinfo/tls
>> 
>
>_______________________________________________
>TLS mailing list
>TLS@ietf.org
>https://www.ietf.org/mailman/listinfo/tls