Re: [TLS] Inclusion of OCB mode in TLS 1.3

Nikos Mavrogiannopoulos <nmav@redhat.com> Mon, 19 January 2015 08:11 UTC

Message-ID: <1421655057.2854.5.camel@redhat.com>
From: Nikos Mavrogiannopoulos <nmav@redhat.com>
To: Manuel Pégourié-Gonnard <mpg@polarssl.org>
Date: Mon, 19 Jan 2015 09:10:57 +0100
In-Reply-To: <54BA315A.7020804@polarssl.org>
References: <54B5501A.4070402@azet.org> <D0DA96DB.58455%paul@marvell.com> <54B58F5B.2010704@cs.tcd.ie> <54B6815A.7060102@azet.org> <CABcZeBOkabo85Hv73MM1koeGnVYDJtPHc6uwk5b1BkPDRu=RGg@mail.gmail.com> <54B9352C.70203@azet.org> <54BA315A.7020804@polarssl.org>
Content-Type: text/plain; charset="UTF-8"
Mime-Version: 1.0
Content-Transfer-Encoding: 8bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/gE792Y5a3IB9Dz3VqXSFFvoj7VE>
Cc: TLS Mailing List <tls@ietf.org>
Subject: Re: [TLS] Inclusion of OCB mode in TLS 1.3
Precedence: list

On Sat, 2015-01-17 at 10:54 +0100, Manuel Pégourié-Gonnard wrote:
> On 16/01/2015 16:58, Aaron Zauner wrote:
> > I came up with the following list of cipher-suites applicable to >= TLS 1.2:
> > 
> > (EC)DHE:
> > TLS_DHE_RSA_WITH_AES_128_OCB	
> > TLS_DHE_RSA_WITH_AES_256_OCB
> > TLS_ECDHE_RSA_WITH_AES_128_OCB
> > TLS_ECDHE_RSA_WITH_AES_256_OCB
> > TLS_ECDHE_ECDSA_WITH_AES_128_OCB
> > TLS_ECDHE_ECDSA_WITH_AES_256_OCB
> > 
> > PSK:
> > TLS_DHE_PSK_WITH_AES_128_OCB
> > TLS_DHE_PSK_WITH_AES_256_OCB	
> > TLS_ECDHE_PSK_WITH_AES_128_OCB
> > TLS_ECDHE_PSK_WITH_AES_256_OCB
> > 
> I think it would make sense to also include pure PSK (no DH) suite for very
> constrained devices that can't afford the asymetric crypto.

Plain PSK can also be used to establish an additional channel in an
existing TLS connection (which may already already be under PFS).

regards,
Nikos

[TLS] Inclusion of OCB mode in TLS 1.3 Aaron Zauner
Re: [TLS] Inclusion of OCB mode in TLS 1.3 Martin Thomson
Re: [TLS] Inclusion of OCB mode in TLS 1.3 Salz, Rich
Re: [TLS] Inclusion of OCB mode in TLS 1.3 Aaron Zauner
Re: [TLS] Inclusion of OCB mode in TLS 1.3 Aaron Zauner
Re: [TLS] Inclusion of OCB mode in TLS 1.3 Russ Housley
Re: [TLS] Inclusion of OCB mode in TLS 1.3 Aaron Zauner
Re: [TLS] Inclusion of OCB mode in TLS 1.3 Watson Ladd
Re: [TLS] Inclusion of OCB mode in TLS 1.3 Matt Caswell
Re: [TLS] Inclusion of OCB mode in TLS 1.3 Matt Caswell
Re: [TLS] Inclusion of OCB mode in TLS 1.3 Salz, Rich
Re: [TLS] Inclusion of OCB mode in TLS 1.3 Aaron Zauner
Re: [TLS] Inclusion of OCB mode in TLS 1.3 Matt Caswell
Re: [TLS] Inclusion of OCB mode in TLS 1.3 Aaron Zauner
Re: [TLS] Inclusion of OCB mode in TLS 1.3 Paul Lambert
Re: [TLS] Inclusion of OCB mode in TLS 1.3 Stephen Farrell
Re: [TLS] Inclusion of OCB mode in TLS 1.3 Viktor Dukhovni
Re: [TLS] Inclusion of OCB mode in TLS 1.3 Blumenthal, Uri - 0558 - MITLL
Re: [TLS] Inclusion of OCB mode in TLS 1.3 Brian Smith
Re: [TLS] Inclusion of OCB mode in TLS 1.3 Jacob Appelbaum
Re: [TLS] Inclusion of OCB mode in TLS 1.3 Joachim Strömbergson
Re: [TLS] Inclusion of OCB mode in TLS 1.3 Aaron Zauner
Re: [TLS] Inclusion of OCB mode in TLS 1.3 Aaron Zauner
Re: [TLS] Inclusion of OCB mode in TLS 1.3 Salz, Rich
Re: [TLS] Inclusion of OCB mode in TLS 1.3 Aaron Zauner
Re: [TLS] Inclusion of OCB mode in TLS 1.3 Nikos Mavrogiannopoulos
Re: [TLS] Inclusion of OCB mode in TLS 1.3 Aaron Zauner
Re: [TLS] Inclusion of OCB mode in TLS 1.3 Nikos Mavrogiannopoulos
Re: [TLS] Inclusion of OCB mode in TLS 1.3 Aaron Zauner
Re: [TLS] Inclusion of OCB mode in TLS 1.3 Eric Rescorla
Re: [TLS] Inclusion of OCB mode in TLS 1.3 Aaron Zauner
Re: [TLS] Inclusion of OCB mode in TLS 1.3 Aaron Zauner
[TLS] Inclusion of OCB mode in TLS 1.3 Phillip Rogaway
Re: [TLS] Inclusion of OCB mode in TLS 1.3 Manuel Pégourié-Gonnard
Re: [TLS] Inclusion of OCB mode in TLS 1.3 Aaron Zauner
Re: [TLS] Inclusion of OCB mode in TLS 1.3 Peter Gutmann
Re: [TLS] Inclusion of OCB mode in TLS 1.3 Blumenthal, Uri - 0558 - MITLL
Re: [TLS] Inclusion of OCB mode in TLS 1.3 Alex Elsayed
Re: [TLS] Inclusion of OCB mode in TLS 1.3 Aaron Zauner
Re: [TLS] Inclusion of OCB mode in TLS 1.3 Nikos Mavrogiannopoulos
Re: [TLS] Inclusion of OCB mode in TLS 1.3 Nikos Mavrogiannopoulos
Re: [TLS] Inclusion of OCB mode in TLS 1.3 Aaron Zauner
Re: [TLS] Inclusion of OCB mode in TLS 1.3 Aaron Zauner
Re: [TLS] Inclusion of OCB mode in TLS 1.3 Nikos Mavrogiannopoulos
Re: [TLS] Inclusion of OCB mode in TLS 1.3 Jack Lloyd
Re: [TLS] Inclusion of OCB mode in TLS 1.3 Aaron Zauner
Re: [TLS] Inclusion of OCB mode in TLS 1.3 Aaron Zauner
Re: [TLS] Inclusion of OCB mode in TLS 1.3 Martin Thomson
Re: [TLS] Inclusion of OCB mode in TLS 1.3 Aaron Zauner
Re: [TLS] Inclusion of OCB mode in TLS 1.3 Martin Thomson
Re: [TLS] Inclusion of OCB mode in TLS 1.3 Aaron Zauner
Re: [TLS] Inclusion of OCB mode in TLS 1.3 Aaron Zauner
Re: [TLS] Inclusion of OCB mode in TLS 1.3 Eric Rescorla
Re: [TLS] Inclusion of OCB mode in TLS 1.3 Salz, Rich
Re: [TLS] Inclusion of OCB mode in TLS 1.3 Watson Ladd
Re: [TLS] Inclusion of OCB mode in TLS 1.3 Salz, Rich
Re: [TLS] Inclusion of OCB mode in TLS 1.3 Nico Williams
Re: [TLS] Inclusion of OCB mode in TLS 1.3 Henrik Grubbström
Re: [TLS] Inclusion of OCB mode in TLS 1.3 Nico Williams
Re: [TLS] Inclusion of OCB mode in TLS 1.3 Nico Williams
Re: [TLS] Inclusion of OCB mode in TLS 1.3 Aaron Zauner
Re: [TLS] Inclusion of OCB mode in TLS 1.3 Salz, Rich
Re: [TLS] Inclusion of OCB mode in TLS 1.3 Nico Williams
Re: [TLS] Inclusion of OCB mode in TLS 1.3 Dmitry Belyavsky
Re: [TLS] Inclusion of OCB mode in TLS 1.3 Aaron Zauner
Re: [TLS] Inclusion of OCB mode in TLS 1.3 Jack Lloyd
Re: [TLS] Inclusion of OCB mode in TLS 1.3 Aaron Zauner
[TLS] GOST in TLS (Re: Inclusion of OCB mode in T… Martin Rex
Re: [TLS] GOST in TLS (Re: Inclusion of OCB mode … Dmitry Belyavsky
Re: [TLS] GOST in TLS (Re: Inclusion of OCB mode … Martin Rex
Re: [TLS] Inclusion of OCB mode in TLS 1.3 Peter Gutmann
Re: [TLS] Inclusion of OCB mode in TLS 1.3 Nikos Mavrogiannopoulos
Re: [TLS] Inclusion of OCB mode in TLS 1.3 Aaron Zauner
Re: [TLS] Inclusion of OCB mode in TLS 1.3 Aaron Zauner
Re: [TLS] Inclusion of OCB mode in TLS 1.3 Nikos Mavrogiannopoulos
Re: [TLS] Inclusion of OCB mode in TLS 1.3 Aaron Zauner
[TLS] PSK [was: Re: Inclusion of OCB mode in TLS … Daniel Kahn Gillmor
Re: [TLS] Inclusion of OCB mode in TLS 1.3 Peter Gutmann
Re: [TLS] Inclusion of OCB mode in TLS 1.3 Jack Lloyd
Re: [TLS] Inclusion of OCB mode in TLS 1.3 Aaron Zauner
Re: [TLS] Inclusion of OCB mode in TLS 1.3 Aaron Zauner
Re: [TLS] Inclusion of OCB mode in TLS 1.3 Peter Gutmann
Re: [TLS] Inclusion of OCB mode in TLS 1.3 Jack Lloyd
Re: [TLS] Inclusion of OCB mode in TLS 1.3 Roland Zink
Re: [TLS] Inclusion of OCB mode in TLS 1.3 Aaron Zauner