Hi All, Forgive me if this has been discussed and I missed it. But, to improve quantum resistance should the draft recommend AES-256 over AES-128? I realize that the RFC 4493 construction specifically uses AES-128, but is there any barrier to using AES-256?
Similarly, the draft says that the "MAC tag SHOULD be 128 bits long" but doesn't describe any situations where the MAC tag would be another length. Given that a tags that are not an integer multiple of 32-bit words violate RFC 5905 and it appears that MAC tags that are not 128-bits in length also violate RFC 5905. (In practice ntp.org's ntpd handles MAC tags up to 160-bits in length gracefully, but RFC 5905 appears to restrict MAC tag length to 128-bits.) If there are situations where the MAC tags MAY be a length other than 128-bits, it would probably be useful to articulate the criteria for acceptable MAC tag lengths. Cheers, Matt On Wed, Aug 09, 2017 at 04:53:43AM +0000, Karen O'Donoghue wrote: > Folks, > > This begins a three week working group last call (WGLC) for "Message > Authentication Code for the Network Time Protocol" > https://datatracker.ietf.org/doc/draft-ietf-ntp-mac/ > > Please review and provide comments to the mailing list by no later than 31 > August 2017. Earlier comments and discussion would be appreciated. Please > note that the chairs will be using this WGLC to determine consensus to move > this document forward to the IESG. > > Also, as a reminder, we have migrated the working group mailing list to IETF > infrastructure. Please respond to [email protected]<mailto:[email protected]>. > > Regards, > Karen and Dieter > _______________________________________________ > ntp mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/ntp -- Matthew Van Gundy, Technical Leader Advanced Security Initiatives Group Cisco Systems, Inc.
signature.asc
Description: PGP signature
_______________________________________________ TICTOC mailing list [email protected] https://www.ietf.org/mailman/listinfo/tictoc
