[TLS] Confirming Consensus on supporting only AEAD ciphers

"Joseph Salowey (jsalowey)" <jsalowey@cisco.com> Wed, 26 March 2014 18:43 UTC

Return-Path: <jsalowey@cisco.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BF08D1A0392 for <tls@ietfa.amsl.com>; Wed, 26 Mar 2014 11:43:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.511
X-Spam-Level:
X-Spam-Status: No, score=-14.511 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vZVSoOxFyAvD for <tls@ietfa.amsl.com>; Wed, 26 Mar 2014 11:43:09 -0700 (PDT)
Received: from rcdn-iport-3.cisco.com (rcdn-iport-3.cisco.com [173.37.86.74]) by ietfa.amsl.com (Postfix) with ESMTP id 32E611A038B for <tls@ietf.org>; Wed, 26 Mar 2014 11:43:09 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=759; q=dns/txt; s=iport; t=1395859388; x=1397068988; h=from:to:subject:date:message-id:content-id: content-transfer-encoding:mime-version; bh=DR8MT6rroQOBauPG1uRoRmJZ5pvIgmWVYNXZ53+MT+I=; b=arJUMqSiC9THl+axGKdvTTgMzQnV4pnzGI3OoquEus57E/meYyObmwj5 6ZDmJULCnXffgS62L33F+gh+hxuR+qdZjZzxgOWpJkn/Z3D5xlMpJd9nr Y6yWk3XoE2egiEcFxtxQLB8577VCVXRNoGKVL+pze/NPB8ThKJkThcvg6 U=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AnsFABEfM1OtJXG9/2dsb2JhbABZgwaBEsQSFnSCLDpRAT5CJwSIDJ8ZsWwXkhyBFASYTZIzgy6CKw
X-IronPort-AV: E=Sophos;i="4.97,737,1389744000"; d="scan'208";a="313111695"
Received: from rcdn-core2-2.cisco.com ([173.37.113.189]) by rcdn-iport-3.cisco.com with ESMTP; 26 Mar 2014 18:43:07 +0000
Received: from xhc-aln-x15.cisco.com (xhc-aln-x15.cisco.com [173.36.12.89]) by rcdn-core2-2.cisco.com (8.14.5/8.14.5) with ESMTP id s2QIh7xF005881 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL) for <tls@ietf.org>; Wed, 26 Mar 2014 18:43:07 GMT
Received: from xmb-rcd-x09.cisco.com ([169.254.9.247]) by xhc-aln-x15.cisco.com ([173.36.12.89]) with mapi id 14.03.0123.003; Wed, 26 Mar 2014 13:43:07 -0500
From: "Joseph Salowey (jsalowey)" <jsalowey@cisco.com>
To: "<tls@ietf.org>" <tls@ietf.org>
Thread-Topic: Confirming Consensus on supporting only AEAD ciphers
Thread-Index: AQHPSSM6qiIeFUDRHUase0LCUT6SLg==
Date: Wed, 26 Mar 2014 18:43:07 +0000
Message-ID: <86E69268-DC0A-43E7-8CF5-0DAE39FD4FD5@cisco.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.33.248.91]
Content-Type: text/plain; charset="us-ascii"
Content-ID: <05669CBBCB757E4AAD5FD12C16C133CF@emea.cisco.com>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/uOg9coqQJrtnuhaHO2ne96nlX84
Subject: [TLS] Confirming Consensus on supporting only AEAD ciphers
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 26 Mar 2014 18:43:11 -0000

TLS has supported a number of different cipher types for protecting the record layer.   In TLS 1.3 these include Stream Cipher, CBC Block Cipher and AEAD Cipher.  The construction of the CBC mode within TLS has been shown to be flawed and stream ciphers are not generally applicable to DTLS. Using a single mechanism for cryptographic transforms would make security analysis easier.   AEAD ciphers can be constructed from stream ciphers and block ciphers and are defined as protocol independent transforms.  The consensus in the room at IETF-89 was to only support AEAD ciphers in TLS 1.3. If you have concerns about this decision please respond on the TLS list by April 11, 2014.

Thanks,

Joe
[Speaking for the TLS chairs]