Re: [TLS] Consensus for AEAD IV

Michael StJohns <> Sun, 26 April 2015 18:00 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id 6FEDB1ACAD4 for <>; Sun, 26 Apr 2015 11:00:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: 0.101
X-Spam-Status: No, score=0.101 tagged_above=-999 required=5 tests=[BAYES_50=0.8, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id uAQ_i3fs0dtM for <>; Sun, 26 Apr 2015 11:00:51 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 739C61AC443 for <>; Sun, 26 Apr 2015 11:00:51 -0700 (PDT)
Received: by vnbg190 with SMTP id g190so9340866vnb.12 for <>; Sun, 26 Apr 2015 11:00:50 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20130820; h=x-gm-message-state:message-id:date:from:user-agent:mime-version:to :cc:subject:references:in-reply-to:content-type; bh=hObKgwCiJRftNyiwatwdO7v81JhqIq8tfha9KFCBFQw=; b=JEVA04NM3EcnxKzP88PhRUkLgqutqAoJ25yXx65dpnSFtTSEsNrsVEIF05SaHTV9S5 Lheg8NHfnQ8YJlzUdhP1GjSfNxM8cZzDjxgwxKy0iDf8c8wk1g4+6WuX5KJsbkNgDGNr z9yBWvXcYnsrQckbx0onRVV8Ldv0ta4XqW2BZ9tyoHczq+CdGgyD2Z7MYEffqCyc/6O7 Vc52NXQlvjci2zOe/pzebYsmLdrxh40w1W7AfSmOS712IQZIVGbR9mM13V12xoNgEEDD f4l2B6F9wKL8IBgJoKNjfLAkEYP2akmYDssnrSV+QJcd9/xcgcmxUDQdd0L5Y7JwNfgn g7UA==
X-Gm-Message-State: ALoCoQlhL9B4qlgIl8VqJ0vB2ucYICThWSU2YhvbrwqxGStFNW2alj+jXHIpK6/owir7kWZBWyvK
X-Received: by with SMTP id yk10mr18920129vdb.76.1430071250507; Sun, 26 Apr 2015 11:00:50 -0700 (PDT)
Received: from ?IPv6:2601:a:2a00:84:cae:d6cf:19b5:13bc? ([2601:a:2a00:84:cae:d6cf:19b5:13bc]) by with ESMTPSA id ug16sm19416111vdb.14.2015. (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sun, 26 Apr 2015 11:00:49 -0700 (PDT)
Message-ID: <>
Date: Sun, 26 Apr 2015 14:00:48 -0400
From: Michael StJohns <>
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:31.0) Gecko/20100101 Thunderbird/31.6.0
MIME-Version: 1.0
To: Yoav Nir <>
References: <> <> <> <> <>
In-Reply-To: <>
Content-Type: multipart/alternative; boundary="------------030207000909070506070906"
Archived-At: <>
Subject: Re: [TLS] Consensus for AEAD IV
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Sun, 26 Apr 2015 18:00:53 -0000

On 4/25/2015 11:47 PM, Yoav Nir wrote:
>> On Apr 26, 2015, at 6:21 AM, Michael StJohns < 
>> <>> wrote:
>> On 4/24/2015 4:44 PM, Joseph Salowey wrote:
>>> On Fri, Apr 24, 2015 at 1:00 PM, Martin Thomson 
>>> < <>> wrote:
>>>     On 24 April 2015 at 10:10, Joseph Salowey <
>>>     <>> wrote:
>>>     > The general consensus on the list seems to prefer to derive
>>>     "IV" and use it
>>>     > to make the AEAD nonce less predictable. Most folks seemed to
>>>     be OK with
>>>     > this approach.    In Dallas, there was significant support for
>>>     using the
>>>     > derived "IV" as a per session XOR mask for the counter.  If
>>>     you have
>>>     > objections to this approach please respond on the list by May
>>>     1, 2015 .
>>>     You aren't being particularly precise about the process here.
>>>     I believe that these were the two options that were most debated:
>>>     a)  nonce = zeroes(N_MIN) XOR counter
>>>     b)  nonce = HKDF(...., N_MIN) XOR counter
>>>     Did you mean the latter option?
>>> [Joe] Yes, the later where the quantity XORed with the counter is 
>>> derived during the handshake.
>> In general, APIs for hardware (and software) encryption are set up as 
>> init, multiple updates and finalize.  The arguments to init are 
>> generally a handle pointing to the key, a selection of the encryption 
>> mode and the initialization parameters specific to that mode.  The 
>> initialization parameters generally include material for the IV 
>> (obviously not used in ECB), and other mode specific items.  For CCM, 
>> most implementations use the block formatting function described in 
>> appendix A of the NIST spec and that function uses as input to the 
>> initialization a "nonce" as well as information about the length of 
>> the AAD.
>> All of the Init data is non-secret information (note that I said 
>> handle to key, and not key above - the handle is non-secret, the key 
>> material is secret) and must be shared implicitly or explicitly 
>> between sender and receiver.
>> All of that is a long way of saying that making the nonce be some 
>> sort of output of the HKDF is probably a bad idea as the general use 
>> for a KDF is to produce secret key material.
>> A zero session nonce combined with the message sequence number to 
>> form unique per-key value is acceptable cryptographically - at least 
>> for GCM and CCM.    (and that's really the same thing as 0 XOR 
>> counter as far as I can tell).
>> A randomly generated session nonce concatenated with the message 
>> sequence number to produce a message nonce is acceptable 
>> cryptographically and provides no less protection than generating a 
>> long session nonce and xor'ing the sequence number in to produce the 
>> message nonce.
>> AFAICT b) provides no additional security over a).   The security of 
>> CCM and GCM is NOT dependent on the secrecy of the IV/Nonce/sequence 
>> number, only in its uniqueness for a given key, and (b) appears to be 
>> trying to make the IV secret.
>> Doing (b) will make it difficult to implement TLS using generic HSM 
>> functions as there will probably need to be some way of piping the 
>> secret output of HKDF to be the per message IV.
> I don’t see why. Make the 128- or 256-bit key one part of the keying 
> material, and the 96-bit quantity another part of the keying material. 
> A single handle references a structure containing both.

So what you're suggesting is requiring each cipher mode that uses TLS 
have both the generic - pass in the IV etc - and the TLS specific - pass 
in a handle to material that has to be retained within the HSM and 
managed in some way to make sure that you delete when your done?

Seriously - no.

You're actually going to make it impossible to use TLS1.3 with generic 
hardware modules.

> Now you pass the encryption function the handle, the data to be 
> encrypted (and protected) and a message counter. The function 
> (hardware or software) converts the counter into a nonce by XOR-ing 
> with the quantity, and proceeds from there. There is no reason not to 
> treat the 96-bit quantity as anything but secret.

There is no reason to treat the 96 bit quantity as secret and no one 
else does.

TLS should use generic interfaces rather than inventing stuff that can't.

> Doesn’t this solve you API issue?


> Yoav