Re: [TLS] I-D Action: draft-ietf-tls-ecdhe-psk-aead-00.txt
Peter Dettman <peter.dettman@bouncycastle.org> Sun, 10 July 2016 10:51 UTC
Return-Path: <peter.dettman@bouncycastle.org>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8ECD512D0FB for <tls@ietfa.amsl.com>; Sun, 10 Jul 2016 03:51:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lo_i6SvKEAmO for <tls@ietfa.amsl.com>; Sun, 10 Jul 2016 03:51:22 -0700 (PDT)
Received: from tauceti.org.au (mail.tauceti.org.au [203.32.61.25]) by ietfa.amsl.com (Postfix) with ESMTP id F04F012D0F9 for <tls@ietf.org>; Sun, 10 Jul 2016 03:51:21 -0700 (PDT)
X-Default-Received-SPF: pass (skip=loggedin (res=PASS)) x-ip-name=ppp-49-237-162-110.revip6.asianet.co.th;
To: tls@ietf.org
References: <20160527171935.11166.82258.idtracker@ietfa.amsl.com>
From: Peter Dettman <peter.dettman@bouncycastle.org>
Message-ID: <7a3597ae-92b8-23c8-b2c3-357f6fdb6792@bouncycastle.org>
Date: Sun, 10 Jul 2016 17:51:06 +0700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:45.0) Gecko/20100101 Thunderbird/45.1.1
MIME-Version: 1.0
In-Reply-To: <20160527171935.11166.82258.idtracker@ietfa.amsl.com>
Content-Type: text/plain; charset="windows-1252"
Content-Transfer-Encoding: 8bit
X-Authenticated-User: peter.dettman@bouncycastle.org
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/onEkdgH30eZgWs8v5Rp-CUqCHds>
Subject: Re: [TLS] I-D Action: draft-ietf-tls-ecdhe-psk-aead-00.txt
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 10 Jul 2016 10:51:24 -0000
Hi,
I've just implemented these ciphersuites in BouncyCastle TLS, and have a
couple of questions:
In Section 3., should
TLS_ECDHE_PSK_WITH_AES_256_CCM_8_SHA256 = {0xTBD,0xTBD};
end with ...SHA384 instead?
For the AES-256 cipher suites, the TLS PRF with SHA-384 as the hash
function SHALL be used and Clients and Servers MUST NOT negotiate
curves of less than 384 bits.
requires SHA384 as the PRF, and I don't know what else SHA256 could
refer to for an AEAD ciphersuite.
I'm also curious whether there is a precedent in other RFCs for an
explicit minimum curve bits, or perhaps a de facto implementer's rule?
Regards,
Pete Dettman
On 28/05/2016 12:19 AM, internet-drafts@ietf.org wrote:
>
> A New Internet-Draft is available from the on-line Internet-Drafts directories.
> This draft is a work item of the Transport Layer Security of the IETF.
>
> Title : ECDHE_PSK with AES-GCM and AES-CCM Cipher Suites for Transport Layer Security (TLS)
> Authors : John Mattsson
> Daniel Migault
> Filename : draft-ietf-tls-ecdhe-psk-aead-00.txt
> Pages : 7
> Date : 2016-05-27
>
> Abstract:
> This document defines several new cipher suites for the Transport
> Layer Security (TLS) protocol. The cipher suites are all based on
> the Ephemeral Elliptic Curve Diffie-Hellman with Pre-Shared Key
> (ECDHE_PSK) key exchange together with the Authenticated Encryption
> with Associated Data (AEAD) algorithms AES-GCM and AES-CCM. PSK
> provides light and efficient authentication, ECDHE provides perfect
> forward secrecy, and AES-GCM and AES-CCM provides encryption and
> integrity protection.
>
>
> The IETF datatracker status page for this draft is:
> https://datatracker.ietf.org/doc/draft-ietf-tls-ecdhe-psk-aead/
>
> There's also a htmlized version available at:
> https://tools.ietf.org/html/draft-ietf-tls-ecdhe-psk-aead-00
>
>
> Please note that it may take a couple of minutes from the time of submission
> until the htmlized version and diff are available at tools.ietf.org.
>
> Internet-Drafts are also available by anonymous FTP at:
> ftp://ftp.ietf.org/internet-drafts/
>
> _______________________________________________
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls
>
- Re: [TLS] I-D Action: draft-ietf-tls-ecdhe-psk-ae… Sean Turner
- Re: [TLS] I-D Action: draft-ietf-tls-ecdhe-psk-ae… Sean Turner
- Re: [TLS] I-D Action: draft-ietf-tls-ecdhe-psk-ae… g_e_montenegro
- Re: [TLS] I-D Action: draft-ietf-tls-ecdhe-psk-ae… g_e_montenegro
- Re: [TLS] I-D Action: draft-ietf-tls-ecdhe-psk-ae… Dan Harkins
- [TLS] I-D Action: draft-ietf-tls-ecdhe-psk-aead-0… internet-drafts
- Re: [TLS] I-D Action: draft-ietf-tls-ecdhe-psk-ae… Peter Dettman
- Re: [TLS] I-D Action: draft-ietf-tls-ecdhe-psk-ae… John Mattsson
- Re: [TLS] I-D Action: draft-ietf-tls-ecdhe-psk-ae… John Mattsson
- Re: [TLS] I-D Action: draft-ietf-tls-ecdhe-psk-ae… Daniel Migault
- Re: [TLS] I-D Action: draft-ietf-tls-ecdhe-psk-ae… Daniel Migault
- Re: [TLS] I-D Action: draft-ietf-tls-ecdhe-psk-ae… Daniel Migault
- Re: [TLS] I-D Action: draft-ietf-tls-ecdhe-psk-ae… Martin Thomson
- Re: [TLS] I-D Action: draft-ietf-tls-ecdhe-psk-ae… Nikos Mavrogiannopoulos
- Re: [TLS] I-D Action: draft-ietf-tls-ecdhe-psk-ae… Daniel Migault
- Re: [TLS] I-D Action: draft-ietf-tls-ecdhe-psk-ae… Nikos Mavrogiannopoulos
- Re: [TLS] I-D Action: draft-ietf-tls-ecdhe-psk-ae… Daniel Migault
- Re: [TLS] I-D Action: draft-ietf-tls-ecdhe-psk-ae… Martin Thomson
- Re: [TLS] I-D Action: draft-ietf-tls-ecdhe-psk-ae… Daniel Migault