IETF Logo Mail Archive

Re: [TLS] Should CCM_8 CSs be Recommended?

Yoav Nir <ynir.ietf@gmail.com> Wed, 04 October 2017 13:49 UTC

Return-Path: <ynir.ietf@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A9C48132697 for <tls@ietfa.amsl.com>; Wed, 4 Oct 2017 06:49:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.698
X-Spam-Level:
X-Spam-Status: No, score=-2.698 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id itw5IMPXgpS6 for <tls@ietfa.amsl.com>; Wed, 4 Oct 2017 06:49:04 -0700 (PDT)
Received: from mail-wm0-x22e.google.com (mail-wm0-x22e.google.com [IPv6:2a00:1450:400c:c09::22e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AE6EE132199 for <tls@ietf.org>; Wed, 4 Oct 2017 06:49:03 -0700 (PDT)
Received: by mail-wm0-x22e.google.com with SMTP id i82so20866593wmd.3 for <tls@ietf.org>; Wed, 04 Oct 2017 06:49:03 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:message-id:mime-version:subject:date:in-reply-to:cc:to :references; bh=XZmHD2T9UQV64MyXPODR7hzHpy6CL4rXHp9NJoLN9qY=; b=thXQHbASUaoRsqPDL4/aFbOneEIzaA9XfcogSPb/Or01v8BYEtdaeOxMXDN7v1bt+W tufANwY0/Yf4AIAP7rXiuAdjJWITXs2/L81i3y0feFGfWnwyorHxX4CeA5uk5O3HoMri lu81dTnTHTwotVi6hxHrHePVsPyrqMqMx31Y1Aj8Lh9K5Us4BX2lL9FV5n+XvnYMl8R1 g5d3dqjIEOUaCF+2+6aA4+e+GO/E54LUhl/PWJ5Yoijw6zQZm3bgGtAjMUaq1hoTfWkW 0Vf1OJcM/Lz6y/Hfjl1IFDxKJgHFMafAef5J/FclHjC86R2NoV5+z+2RP1rz6bMoimv5 RPoQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:message-id:mime-version:subject:date :in-reply-to:cc:to:references; bh=XZmHD2T9UQV64MyXPODR7hzHpy6CL4rXHp9NJoLN9qY=; b=MYCe4VzLRNYcb60nIPjEXapkLjILQjmgsj+GndNmZxXTdQ0O5yMTRRMk7bhkaRlBrJ oj8UikepgEMImcG5iMYV09S7T36S+hDEb4eaBeBTztnQyHrSGmcf9FWXhgl0jH+PCacX qgC5ovdxb6+L69bLZv5Amo4/cjGK9mLQm4W8HEWSgKTsWfKSIvGWVh4gk7oDhvXOI6zS gNzbXvf0+wGwDR2vpzQB2oInvam61PgBtJBmSZd14kz5Hr8DVPah98iY2YwiIrba4E6J f9A2uxvl66lRuLDm/7VoMf3cEPNks+IcP/Khf1ltpeg/ccHNeABd9ZZBvHCUzUPyDI5y o9mA==
X-Gm-Message-State: AMCzsaUW4I3g+Bi5Ae40nICFsQG/S3I2kuKZiZpV6zxcU8SZD/cSI293 GHsHSJ0bsUqo1uuT8mIDBvCNjAsM
X-Google-Smtp-Source: AOwi7QB7n8iGtZOnSh5RVCjAy60QMVmf6DjJBCBo410nexPMZL4gUoimur3Maaasx2XAJoVZCiufCA==
X-Received: by 10.80.135.228 with SMTP id 33mr6805536edz.210.1507124942265; Wed, 04 Oct 2017 06:49:02 -0700 (PDT)
Received: from [192.168.1.18] ([46.120.57.147]) by smtp.gmail.com with ESMTPSA id w20sm12150398edl.2.2017.10.04.06.49.00 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 04 Oct 2017 06:49:01 -0700 (PDT)
From: Yoav Nir <ynir.ietf@gmail.com>
Message-Id: <64D6B075-F0E9-47BD-85CE-055E777F4931@gmail.com>
Content-Type: multipart/signed; boundary="Apple-Mail=_17B56CCE-5C8C-4767-ACFE-126E64860E48"; protocol="application/pgp-signature"; micalg="pgp-sha512"
Mime-Version: 1.0 (Mac OS X Mail 10.3 \(3273\))
Date: Wed, 04 Oct 2017 16:48:59 +0300
In-Reply-To: <A0249DE0-2F0C-44EE-B13A-A5AFEF26A82C@vigilsec.com>
Cc: IETF TLS <tls@ietf.org>
To: Russ Housley <housley@vigilsec.com>
References: <CA26DC83-9524-4CDA-910A-7FDCBF73F849@sn3rd.com> <CABcZeBM=BnwGKydcWaaCTgqCvJA6Yc-ejz-q_BtsvCNO1JHWSg@mail.gmail.com> <AACDE608-F8EE-4C5C-82C2-03AAF1C32BDA@gmail.com> <A0249DE0-2F0C-44EE-B13A-A5AFEF26A82C@vigilsec.com>
X-Mailer: Apple Mail (2.3273)
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/kqFaRVpfl47_PRIiHCILEVrl440>
Subject: Re: [TLS] Should CCM_8 CSs be Recommended?
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 04 Oct 2017 13:49:06 -0000

> On 4 Oct 2017, at 16:29, Russ Housley <housley@vigilsec.com> wrote:
> 
> 
>> On Oct 4, 2017, at 3:30 AM, Yoav Nir <ynir.ietf@gmail.com <mailto:ynir.ietf@gmail.com>> wrote:
>> 
>>    (IoT) - This requirement is for interoperability with IoT.  Only
>>    128-bit keys are at the given level.
> If the IoT environment is willing to accept lower integrity protection in order to save a few bits on the wire/ether, I do not see why the specification also forces them from using a larger key size.
> 
> Russ
> 

Maybe to save a few cycles in addition to the few bits?  They claimed that the one AEAD cipher they needed was AES_CCM_8 with a 128-bit key, because that was all that their hardware supports.

What we are saying is that if you want your (in that case IPsec, but it’s no different for TLS) to work with IoT devices, you need that AEAD cipher.

Yoav

v2.23.0 | Report a Bug | By Email