IETF Logo Mail Archive

Re: [TLS] Inclusion of OCB mode in TLS 1.3

Aaron Zauner <azet@azet.org> Sat, 17 January 2015 15:11 UTC

Return-Path: <azet@azet.org>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EF01D1ACD6F for <tls@ietfa.amsl.com>; Sat, 17 Jan 2015 07:11:00 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.3
X-Spam-Level:
X-Spam-Status: No, score=-2.3 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4LlhN5c4chcj for <tls@ietfa.amsl.com>; Sat, 17 Jan 2015 07:10:59 -0800 (PST)
Received: from mail-wg0-f51.google.com (mail-wg0-f51.google.com [74.125.82.51]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E50631ACD69 for <tls@ietf.org>; Sat, 17 Jan 2015 07:10:58 -0800 (PST)
Received: by mail-wg0-f51.google.com with SMTP id l18so2992718wgh.10 for <tls@ietf.org>; Sat, 17 Jan 2015 07:10:57 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-type:content-disposition:in-reply-to :user-agent; bh=nRdW19tZS24MPv6eJbkbT79UMvhGnfh5rSw1nbsQuq4=; b=EbxWVYkRodcbS/0QETdCSP/NzF1kDLXNvl2Zsn95FO+98/zgCjFcPSSOsb9jXsJ/dN +0BoLaP/twMxmeEr5eISBNex+JHkURBD22P26nCT10G6qAAGjvyx4Ui9ZpzXoRQQw5gT vjARFbRmYhJqzqWZkBk3orDB+8Nz6JTU9I8MmZ8HkLwK9ytXo/ky4tglgYiFW7H1EExw bq+guj5JUo3WTdn8TycblQjEjMqUVw0AtFZ+ERknzhS4Gd8No9Mwc+jdbMlVyvAdxCAm kRHGQjMqLn5G1/6K8MH93B/PNy9H9nOhVYIKirOgygYEdkh0a+VcddnyZgOOfQVXj/oQ BT4w==
X-Gm-Message-State: ALoCoQncxmJrCVi8/RYF8j5iAajmTzZ8Pc+b0m4OBNU0von5Wzpjg7t5lubyo8k77jHOy9LmR7Mk
X-Received: by 10.180.83.129 with SMTP id q1mr16824291wiy.8.1421507457679; Sat, 17 Jan 2015 07:10:57 -0800 (PST)
Received: from typhoon.azet.org (chello080108032135.14.11.univie.teleweb.at. [80.108.32.135]) by mx.google.com with ESMTPSA id c10sm10093556wjy.4.2015.01.17.07.10.56 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sat, 17 Jan 2015 07:10:56 -0800 (PST)
Date: Sat, 17 Jan 2015 16:11:07 +0100
From: Aaron Zauner <azet@azet.org>
To: Manuel Pégourié-Gonnard <mpg@polarssl.org>
Message-ID: <20150117151105.GA5549@typhoon.azet.org>
References: <54B5501A.4070402@azet.org> <D0DA96DB.58455%paul@marvell.com> <54B58F5B.2010704@cs.tcd.ie> <54B6815A.7060102@azet.org> <CABcZeBOkabo85Hv73MM1koeGnVYDJtPHc6uwk5b1BkPDRu=RGg@mail.gmail.com> <54B9352C.70203@azet.org> <54BA315A.7020804@polarssl.org>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="UlVJffcvxoiEqYs2"
Content-Disposition: inline
In-Reply-To: <54BA315A.7020804@polarssl.org>
User-Agent: Mutt/1.5.23 (2014-03-12)
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/cwNb3veYHa0VZ7IxHZWTGl-pDGw>
Cc: TLS Mailing List <tls@ietf.org>
Subject: Re: [TLS] Inclusion of OCB mode in TLS 1.3
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 17 Jan 2015 15:11:01 -0000

* Manuel Pégourié-Gonnard <mpg@polarssl.org> [17/01/2015 10:54:36] wrote:
> On 16/01/2015 16:58, Aaron Zauner wrote:
> > I came up with the following list of cipher-suites applicable to >= TLS 1.2:
> > 
> > (EC)DHE:
> > TLS_DHE_RSA_WITH_AES_128_OCB	
> > TLS_DHE_RSA_WITH_AES_256_OCB
> > TLS_ECDHE_RSA_WITH_AES_128_OCB
> > TLS_ECDHE_RSA_WITH_AES_256_OCB
> > TLS_ECDHE_ECDSA_WITH_AES_128_OCB
> > TLS_ECDHE_ECDSA_WITH_AES_256_OCB
> > 
> > PSK:
> > TLS_DHE_PSK_WITH_AES_128_OCB
> > TLS_DHE_PSK_WITH_AES_256_OCB	
> > TLS_ECDHE_PSK_WITH_AES_128_OCB
> > TLS_ECDHE_PSK_WITH_AES_256_OCB
> > 
> I think it would make sense to also include pure PSK (no DH) suite for very
> constrained devices that can't afford the asymetric crypto.

Makes sense. So your suggestion is to swap or add these
ciphersuites? I have no real-world data on the usage of TLS with
pre-shared keys, nor it's deployment. I can only guess, would be
interesting to hear the opinion of embedded development people on
that subject.

Aaron

v2.23.0 | Report a Bug | By Email