Re: [TLS] draft-sheffer-tls-bcp: DH recommendations

james hughes <hughejp@mac.com> Thu, 19 September 2013 06:10 UTC

Return-Path: <hughejp@mac.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0B4DF21F9BA4 for <tls@ietfa.amsl.com>; Wed, 18 Sep 2013 23:10:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.927
X-Spam-Level:
X-Spam-Status: No, score=-2.927 tagged_above=-999 required=5 tests=[AWL=2.276, BAYES_00=-2.599, MIME_QP_LONG_LINE=1.396, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vKD14QMwUa5g for <tls@ietfa.amsl.com>; Wed, 18 Sep 2013 23:10:45 -0700 (PDT)
Received: from nk11p03mm-asmtp001.mac.com (nk11p03mm-asmtpout001.mac.com [17.158.232.236]) by ietfa.amsl.com (Postfix) with ESMTP id 4793921F9B91 for <tls@ietf.org>; Wed, 18 Sep 2013 23:10:45 -0700 (PDT)
Received: from [10.0.1.3] (unknown [184.69.15.210]) by nk11p03mm-asmtp001.mac.com (Oracle Communications Messaging Server 7u4-27.08(7.0.4.27.7) 64bit (built Aug 22 2013)) with ESMTPSA id <0MTC00A8ZZTSC8A0@nk11p03mm-asmtp001.mac.com> for tls@ietf.org; Thu, 19 Sep 2013 06:10:41 +0000 (GMT)
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:5.10.8794, 1.0.431, 0.0.0000 definitions=2013-09-19_02:2013-09-18, 2013-09-19, 1970-01-01 signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 spamscore=0 suspectscore=0 phishscore=0 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=7.0.1-1308280000 definitions=main-1309180209
References: <20130919024703.3222C1A983@ld9781.wdf.sap.corp>
In-reply-to: <20130919024703.3222C1A983@ld9781.wdf.sap.corp>
MIME-version: 1.0 (1.0)
Content-transfer-encoding: quoted-printable
Content-type: text/plain; charset="us-ascii"
Message-id: <2AC3F10D-21A9-400E-9A5C-7281F1FB9537@mac.com>
X-Mailer: iPad Mail (11A465)
From: james hughes <hughejp@mac.com>
Date: Wed, 18 Sep 2013 22:54:26 -0700
To: "mrex@sap.com" <mrex@sap.com>
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] draft-sheffer-tls-bcp: DH recommendations
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 19 Sep 2013 06:10:51 -0000

> On Sep 18, 2013, at 7:47 PM, mrex@sap.com (Martin Rex) wrote:
>> 
>> I'm not a cryptographer, but I'm actually not convinced that
>> counter modes of AES are a road I want to travel.  (I'm wondering:
>> do we actually know the length of the cycles of AES in counter mode?

Hmmm, I am, and, yes, we do. It is a well known proven fact that a properly chosen IV with a symmetric block cipher is full length, in that it is 2^128 blocks (for 128 bit AES) before recycling. I have a question for you... Do you have the patience to understand what "properly chosen" really means? 

This is a serious question.

I realize that there are a lot of politics within the TLS community that "real" cryptographers are not willing to play, and I may well be one of those whom you will wash away... 

Do you really want to hear, or are your own sound bites enough?