Re: [TLS] I-D Action: draft-ietf-tls-ecdhe-psk-aead-00.txt
John Mattsson <john.mattsson@ericsson.com> Sun, 09 October 2016 07:04 UTC
Return-Path: <john.mattsson@ericsson.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7CCAD1294AD for <tls@ietfa.amsl.com>; Sun, 9 Oct 2016 00:04:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.221
X-Spam-Level:
X-Spam-Status: No, score=-4.221 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id odaszYH29Wsd for <tls@ietfa.amsl.com>; Sun, 9 Oct 2016 00:04:17 -0700 (PDT)
Received: from sessmg23.ericsson.net (sessmg23.ericsson.net [193.180.251.45]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 68B4612948C for <tls@ietf.org>; Sun, 9 Oct 2016 00:04:17 -0700 (PDT)
X-AuditID: c1b4fb2d-1c7ff700000009f7-f4-57f9ebefa696
Received: from ESESSHC010.ericsson.se (Unknown_Domain [153.88.183.48]) by (Symantec Mail Security) with SMTP id AA.9E.02551.FEBE9F75; Sun, 9 Oct 2016 09:04:15 +0200 (CEST)
Received: from ESESSMB307.ericsson.se ([169.254.7.51]) by ESESSHC010.ericsson.se ([153.88.183.48]) with mapi id 14.03.0319.002; Sun, 9 Oct 2016 09:04:15 +0200
From: John Mattsson <john.mattsson@ericsson.com>
To: Peter Dettman <peter.dettman@bouncycastle.org>, "tls@ietf.org" <tls@ietf.org>
Thread-Topic: [TLS] I-D Action: draft-ietf-tls-ecdhe-psk-aead-00.txt
Thread-Index: AQHR2pj1k3z3BfHf+k6el32lv2/tSKCgQdoA
Date: Sun, 09 Oct 2016 07:04:14 +0000
Message-ID: <D41FB7E3.52F68%john.mattsson@ericsson.com>
References: <20160527171935.11166.82258.idtracker@ietfa.amsl.com> <7a3597ae-92b8-23c8-b2c3-357f6fdb6792@bouncycastle.org>
In-Reply-To: <7a3597ae-92b8-23c8-b2c3-357f6fdb6792@bouncycastle.org>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/14.6.7.160722
x-originating-ip: [153.88.183.149]
Content-Type: text/plain; charset="utf-8"
Content-ID: <CCB5AF67E567CD47962329BD30B48A7D@ericsson.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFupnkeLIzCtJLcpLzFFi42KZGbHdQPf965/hBpdPaVg0fVnEZPHpfBej A5PHw1kaHkuW/GQKYIrisklJzcksSy3St0vgynh4bCJLwS/5incrFrA0ME6Q72Lk5JAQMJF4 OO8dSxcjF4eQwHpGiUWPtkM5ixglzi3/zgJSxSZgIDF3TwMbiC0iECxxp+kgmC0s4Cwx49Rt 9i5GdqC4i8RdYYgKI4nGA8fBKlgEVCR+/V7L1MXIwcErYC4xeV4oSFhIoFqi9fJ/ZhCbE6hx 4Ycv7CA2o4CYxPdTa5hAbGYBcYlbT+YzQZwpILFkz3lmCFtU4uXjf6wgtqiAnsSzz8/ZIeJK EmsPg1zPAdSrKbF+lz7EGGuJic3zWCFsRYkp3Q/BynkFBCVOznzCMoFRbBaSbbMQumch6Z6F pHsWku4FjKyrGEWLU4uLc9ONjPVSizKTi4vz8/TyUks2MQKj6eCW37o7GFe/djzEKMDBqMTD m5DzM1yINbGsuDL3EKMEB7OSCO/EZ0Ah3pTEyqrUovz4otKc1OJDjNIcLErivGYr74cLCaQn lqRmp6YWpBbBZJk4OKUaGOOUkgSFPyoudOdeEqezU9qifL2eCe/O4IkNE939k7d3/r1e/D5Y +s2DZWIf/N3MvjLE33l0T/Wc53bLWenc08oSD1j42K2Mq9zguvZb7FKjCzekuk9un/o97VHB jIj2gLUTohz8UqI8GfP9gtN93qvdZtyVIprmdkZZ32Erw6zD3dd4r7raK7EUZyQaajEXFScC AMhVDESiAgAA
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/OxnjkiPiPEjXcQShDQxqscFV7Hg>
Subject: Re: [TLS] I-D Action: draft-ietf-tls-ecdhe-psk-aead-00.txt
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 09 Oct 2016 07:04:19 -0000
Hi Peter, Yes, it should end with ...SHA384. We will fix this in the next update. (Related question from Martin Thompson can be found in [0]) Cheers, John [0] https://www.ietf.org/mail-archive/web/tls/current/msg21517.html On 10/07/16 12:51, "TLS on behalf of Peter Dettman" <tls-bounces@ietf.org on behalf of peter.dettman@bouncycastle.org> wrote: >Hi, >I've just implemented these ciphersuites in BouncyCastle TLS, and have a >couple of questions: > >In Section 3., should > > TLS_ECDHE_PSK_WITH_AES_256_CCM_8_SHA256 = {0xTBD,0xTBD}; > >end with ...SHA384 instead? > > For the AES-256 cipher suites, the TLS PRF with SHA-384 as the hash > function SHALL be used and Clients and Servers MUST NOT negotiate > curves of less than 384 bits. > >requires SHA384 as the PRF, and I don't know what else SHA256 could >refer to for an AEAD ciphersuite. > >I'm also curious whether there is a precedent in other RFCs for an >explicit minimum curve bits, or perhaps a de facto implementer's rule? > >Regards, >Pete Dettman > >On 28/05/2016 12:19 AM, internet-drafts@ietf.org wrote: >> >> A New Internet-Draft is available from the on-line Internet-Drafts >>directories. >> This draft is a work item of the Transport Layer Security of the IETF. >> >> Title : ECDHE_PSK with AES-GCM and AES-CCM Cipher >>Suites for Transport Layer Security (TLS) >> Authors : John Mattsson >> Daniel Migault >> Filename : draft-ietf-tls-ecdhe-psk-aead-00.txt >> Pages : 7 >> Date : 2016-05-27 >> >> Abstract: >> This document defines several new cipher suites for the Transport >> Layer Security (TLS) protocol. The cipher suites are all based on >> the Ephemeral Elliptic Curve Diffie-Hellman with Pre-Shared Key >> (ECDHE_PSK) key exchange together with the Authenticated Encryption >> with Associated Data (AEAD) algorithms AES-GCM and AES-CCM. PSK >> provides light and efficient authentication, ECDHE provides perfect >> forward secrecy, and AES-GCM and AES-CCM provides encryption and >> integrity protection. >> >> >> The IETF datatracker status page for this draft is: >> https://datatracker.ietf.org/doc/draft-ietf-tls-ecdhe-psk-aead/ >> >> There's also a htmlized version available at: >> https://tools.ietf.org/html/draft-ietf-tls-ecdhe-psk-aead-00 >> >> >> Please note that it may take a couple of minutes from the time of >>submission >> until the htmlized version and diff are available at tools.ietf.org. >> >> Internet-Drafts are also available by anonymous FTP at: >> ftp://ftp.ietf.org/internet-drafts/ >> >> _______________________________________________ >> TLS mailing list >> TLS@ietf.org >> https://www.ietf.org/mailman/listinfo/tls >> > >_______________________________________________ >TLS mailing list >TLS@ietf.org >https://www.ietf.org/mailman/listinfo/tls
- Re: [TLS] I-D Action: draft-ietf-tls-ecdhe-psk-ae… Sean Turner
- Re: [TLS] I-D Action: draft-ietf-tls-ecdhe-psk-ae… Sean Turner
- Re: [TLS] I-D Action: draft-ietf-tls-ecdhe-psk-ae… g_e_montenegro
- Re: [TLS] I-D Action: draft-ietf-tls-ecdhe-psk-ae… g_e_montenegro
- Re: [TLS] I-D Action: draft-ietf-tls-ecdhe-psk-ae… Dan Harkins
- [TLS] I-D Action: draft-ietf-tls-ecdhe-psk-aead-0… internet-drafts
- Re: [TLS] I-D Action: draft-ietf-tls-ecdhe-psk-ae… Peter Dettman
- Re: [TLS] I-D Action: draft-ietf-tls-ecdhe-psk-ae… John Mattsson
- Re: [TLS] I-D Action: draft-ietf-tls-ecdhe-psk-ae… John Mattsson
- Re: [TLS] I-D Action: draft-ietf-tls-ecdhe-psk-ae… Daniel Migault
- Re: [TLS] I-D Action: draft-ietf-tls-ecdhe-psk-ae… Daniel Migault
- Re: [TLS] I-D Action: draft-ietf-tls-ecdhe-psk-ae… Daniel Migault
- Re: [TLS] I-D Action: draft-ietf-tls-ecdhe-psk-ae… Martin Thomson
- Re: [TLS] I-D Action: draft-ietf-tls-ecdhe-psk-ae… Nikos Mavrogiannopoulos
- Re: [TLS] I-D Action: draft-ietf-tls-ecdhe-psk-ae… Daniel Migault
- Re: [TLS] I-D Action: draft-ietf-tls-ecdhe-psk-ae… Nikos Mavrogiannopoulos
- Re: [TLS] I-D Action: draft-ietf-tls-ecdhe-psk-ae… Daniel Migault
- Re: [TLS] I-D Action: draft-ietf-tls-ecdhe-psk-ae… Martin Thomson
- Re: [TLS] I-D Action: draft-ietf-tls-ecdhe-psk-ae… Daniel Migault