Re: [TLS] consensus on adopting draft-mcgrew-tls-aes-ccm and draft-mcgrew-tls-aes-ccm-ecc

"Dan Harkins" <dharkins@lounge.org> Thu, 01 December 2011 20:02 UTC

Return-Path: <dharkins@lounge.org>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1F7DC11E80EF for <tls@ietfa.amsl.com>; Thu, 1 Dec 2011 12:02:20 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.265
X-Spam-Level:
X-Spam-Status: No, score=-6.265 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, IP_NOT_FRIENDLY=0.334, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id T44PfqqGW4dz for <tls@ietfa.amsl.com>; Thu, 1 Dec 2011 12:02:19 -0800 (PST)
Received: from colo.trepanning.net (colo.trepanning.net [69.55.226.174]) by ietfa.amsl.com (Postfix) with ESMTP id 5DC7E11E8147 for <tls@ietf.org>; Thu, 1 Dec 2011 12:01:27 -0800 (PST)
Received: from www.trepanning.net (localhost [127.0.0.1]) by colo.trepanning.net (Postfix) with ESMTP id EDCAC20054; Thu, 1 Dec 2011 12:01:26 -0800 (PST)
Received: from 216.31.249.246 (SquirrelMail authenticated user dharkins@lounge.org) by www.trepanning.net with HTTP; Thu, 1 Dec 2011 12:01:27 -0800 (PST)
Message-ID: <418f9612c158e2e611ca393bc07a4d41.squirrel@www.trepanning.net>
In-Reply-To: <107EC16E-ACCD-4DC7-A4F1-1EA5434C154C@cisco.com>
References: <107EC16E-ACCD-4DC7-A4F1-1EA5434C154C@cisco.com>
Date: Thu, 01 Dec 2011 12:01:27 -0800
From: Dan Harkins <dharkins@lounge.org>
To: Joe Salowey <jsalowey@cisco.com>
User-Agent: SquirrelMail/1.4.14 [SVN]
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 8bit
X-Priority: 3 (Normal)
Importance: Normal
Cc: tls@ietf.org
Subject: Re: [TLS] consensus on adopting draft-mcgrew-tls-aes-ccm and draft-mcgrew-tls-aes-ccm-ecc
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 01 Dec 2011 20:02:20 -0000

On Wed, November 30, 2011 1:34 pm, Joe Salowey wrote:
> The chairs would like to see if there is consensus in the TLS working
> group to adopt draft-mcgrew-tls-aes-ccm and draft-mcgrew-tls-aes-ccm-ecc
> as working group items.  These drafts define AES-CCM cipher suites for
> TLS.  The Zigbee smart energy group has interest in these drafts.   These
> drafts only deal with a AES-CCM and not with Zigbee's AES-CCM* which is a
> super set of AES-CCM.  The authors are requesting standards track for
> these ciphers.  Please note that there is an IPR declaration listed for
> draft-mcgrew-tls-aes-ccm-ecc available here:
> https://datatracker.ietf.org/ipr/1443/.  This declaration has been updated
> from previous declarations.   Please respond to the following by December
> 14, 2011 :
>
> - Do you object to taking these drafts on as working group items? (Please
> state the reason for you objection)

  No.

> - Would you contribute time to review and provide text for the documents
> when needed?

  Yes.

> - Do you object to standards track status for these documents?(Please
> state the reason for you objection)

  I have a mild objection. There is no point in doing CCM. GCM is faster,
if you're gonna implement an AEAD scheme implement GCM. If you really want
a 2-pass AEAD scheme you can use RFC 5297 and you get misuse-resistance
for free (basically the security of the mode does not collapse if you
reuse a nonce/counter). The only group I know pushing CCM is actually
pushing CCM* and, as you note, this isn't CCM*.

  Dan.