Re: [jose] [Cfrg] Authenticated Encryption with AES-CBC and HMAC-SHA, version 01

Mon, 19 Nov 2012 17:49:01 -0800 

Thanks for the pointer, Russ.  This is a useful point of reference in several 
regards.

                                                                -- Mike

From: Russ Housley [mailto:[email protected]]
Sent: Sunday, November 18, 2012 4:45 AM
To: Mike Jones
Cc: IRTF CFRG; [email protected]
Subject: Re: [Cfrg] Authenticated Encryption with AES-CBC and HMAC-SHA, version 
01

Have you looked at the algorithm in RFC 6476?  While the discussion is 
CMS-specific, the algorithm could be used with another syntax.

Russ


On Nov 12, 2012, at 1:55 PM, Mike Jones wrote:


As background, if there was a version of this spec that did not assume that the 
parameters would be concatenated together in a specific way, but left them as 
independent inputs and outputs, as AES GCM and AES CTR do, it would be a better 
match for JOSE's use case.

                                                            -- Mike

From: [email protected]<mailto:[email protected]> 
[mailto:[email protected]] On Behalf Of David McGrew (mcgrew)
Sent: Monday, November 12, 2012 10:21 AM
To: [email protected]<mailto:[email protected]>; [email protected]<mailto:[email protected]>
Subject: [Cfrg] Authenticated Encryption with AES-CBC and HMAC-SHA, version 01

Hi,

There is a new version of "Authenticated Encryption with AES-CBC and HMAC-SHA", 
and I would appreciate your review.   It is online at 
<https://datatracker.ietf.org/doc/draft-mcgrew-aead-aes-cbc-hmac-sha2/?include_text=1><https://datatracker.ietf.org/doc/draft-mcgrew-aead-aes-cbc-hmac-sha2/?include_text=1%3e>
   The diff between the current and the previous version is available at 
<http://www.ietf.org/rfcdiff?url2=draft-mcgrew-aead-aes-cbc-hmac-sha2-01><http://www.ietf.org/rfcdiff?url2=draft-mcgrew-aead-aes-cbc-hmac-sha2-01%3e>

This draft has been proposed for use in the JOSE WG 
<http://datatracker.ietf.org/wg/jose/><http://datatracker.ietf.org/wg/jose/%3e> 
, where its adoption would allow the working group to omit "raw" 
unauthenticated encryption, e.g. AES-CBC, and only include authenticated 
encryption.   Thus I am asking for your help in making

John Foley generated test cases that correspond to the current version of the 
draft, but I didn't include these in the draft because I did not yet get 
confirmation from a second independent implementation.   With hope, there will 
not be any need for any normative changes, and I will include these after I get 
confirmation.

Thanks,

David
_______________________________________________
Cfrg mailing list
[email protected]<mailto:[email protected]>
http://www.irtf.org/mailman/listinfo/cfrg


_______________________________________________
jose mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/jose

Reply via email to