Re: [TLS] draft-sheffer-tls-bcp: DH recommendations

james hughes <> Thu, 19 September 2013 06:10 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 0B4DF21F9BA4 for <>; Wed, 18 Sep 2013 23:10:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.927
X-Spam-Status: No, score=-2.927 tagged_above=-999 required=5 tests=[AWL=2.276, BAYES_00=-2.599, MIME_QP_LONG_LINE=1.396, RCVD_IN_DNSWL_MED=-4]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id vKD14QMwUa5g for <>; Wed, 18 Sep 2013 23:10:45 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id 4793921F9B91 for <>; Wed, 18 Sep 2013 23:10:45 -0700 (PDT)
Received: from [] (unknown []) by (Oracle Communications Messaging Server 7u4-27.08( 64bit (built Aug 22 2013)) with ESMTPSA id <> for; Thu, 19 Sep 2013 06:10:41 +0000 (GMT)
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:5.10.8794, 1.0.431, 0.0.0000 definitions=2013-09-19_02:2013-09-18, 2013-09-19, 1970-01-01 signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 spamscore=0 suspectscore=0 phishscore=0 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=7.0.1-1308280000 definitions=main-1309180209
References: <>
In-reply-to: <>
MIME-version: 1.0 (1.0)
Content-transfer-encoding: quoted-printable
Content-type: text/plain; charset=us-ascii
Message-id: <>
X-Mailer: iPad Mail (11A465)
From: james hughes <>
Date: Wed, 18 Sep 2013 22:54:26 -0700
To: "" <>
Cc: "" <>
Subject: Re: [TLS] draft-sheffer-tls-bcp: DH recommendations
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 19 Sep 2013 06:10:51 -0000

> On Sep 18, 2013, at 7:47 PM, (Martin Rex) wrote:
>> I'm not a cryptographer, but I'm actually not convinced that
>> counter modes of AES are a road I want to travel.  (I'm wondering:
>> do we actually know the length of the cycles of AES in counter mode?

Hmmm, I am, and, yes, we do. It is a well known proven fact that a properly chosen IV with a symmetric block cipher is full length, in that it is 2^128 blocks (for 128 bit AES) before recycling. I have a question for you... Do you have the patience to understand what "properly chosen" really means? 

This is a serious question.

I realize that there are a lot of politics within the TLS community that "real" cryptographers are not willing to play, and I may well be one of those whom you will wash away... 

Do you really want to hear, or are your own sound bites enough?