Have you looked at the algorithm in RFC 6476? While the discussion is CMS-specific, the algorithm could be used with another syntax.
Russ On Nov 12, 2012, at 1:55 PM, Mike Jones wrote: > As background, if there was a version of this spec that did not assume that > the parameters would be concatenated together in a specific way, but left > them as independent inputs and outputs, as AES GCM and AES CTR do, it would > be a better match for JOSE’s use case. > > -- Mike > > From: [email protected] [mailto:[email protected]] On Behalf Of David > McGrew (mcgrew) > Sent: Monday, November 12, 2012 10:21 AM > To: [email protected]; [email protected] > Subject: [Cfrg] Authenticated Encryption with AES-CBC and HMAC-SHA, version 01 > > Hi, > > There is a new version of "Authenticated Encryption with AES-CBC and > HMAC-SHA", and I would appreciate your review. It is online at > <https://datatracker.ietf.org/doc/draft-mcgrew-aead-aes-cbc-hmac-sha2/?include_text=1> > The diff between the current and the previous version is available at > <http://www.ietf.org/rfcdiff?url2=draft-mcgrew-aead-aes-cbc-hmac-sha2-01> > > This draft has been proposed for use in the JOSE WG > <http://datatracker.ietf.org/wg/jose/> , where its adoption would allow the > working group to omit "raw" unauthenticated encryption, e.g. AES-CBC, and > only include authenticated encryption. Thus I am asking for your help in > making > > John Foley generated test cases that correspond to the current version of the > draft, but I didn't include these in the draft because I did not yet get > confirmation from a second independent implementation. With hope, there > will not be any need for any normative changes, and I will include these > after I get confirmation. > > Thanks, > > David > _______________________________________________ > Cfrg mailing list > [email protected] > http://www.irtf.org/mailman/listinfo/cfrg
_______________________________________________ jose mailing list [email protected] https://www.ietf.org/mailman/listinfo/jose
