At the expense of generating some confusion, here is my take on this:
The objection is to having to carry multiple integrity checksums in
GPSK, if we used the combined mode *and* an integrity algorithm.
I think CCM is fine for instance, the only catch is that we need to
make sure and define AAD for CCM carefully to include appropriate
data into the integrity checksum calculation. So, once we define CCM
as the mode, we shouldn't need AES-CMAC-128 if encryption is being used.
I would suggest using CCM and specifying the use of it fully so it
can be used without misunderstandings. If you want me to put some
time into writing that up, let me know.
cheers,
Lakshminath
At 10:55 PM 8/20/2006, Hannes Tschofenig wrote:
Hi all,
the current version of the document
http://tools.ietf.org/wg/emu/draft-clancy-emu-eap-shared-secret-01.txt
still supports AES-EAX:
+-----------+----+-------------+---------------+--------------------+
| CSuite/ | KS | Encryption | Integrity | Key Derivation |
| Specifier | | | | Function |
+-----------+----+-------------+---------------+--------------------+
| 0x000001 | 16 | AES-EAX-128 | AES-CMAC-128 | GKDF-128 |
+-----------+----+-------------+---------------+--------------------+
At the IETF#66 EMU meeting AES CCM was suggested.
Later, it got the impression that AES-CBC was more appreciated.
Should we update the draft with AES-CBC?
Ciao
Hannes
_______________________________________________
Emu mailing list
Emu@ietf.org
https://www1.ietf.org/mailman/listinfo/emu
_______________________________________________
Emu mailing list
Emu@ietf.org
https://www1.ietf.org/mailman/listinfo/emu