Hi, > I am referring to symmetric key encryption, signature, mode of > operations for constructing AEAD, and MAC. > (as you pointed out, we already have alternatives for public key encryption) > > Do you agree with the necessity of alternative algorithms?
I appreciate your concerns here, but I can only agree with it to some degree, and inclusion in this version of the BCP is probably not a good idea. Maybe adding a subsection on alternative algorithms in case of a crypto break-through (e.g. on AES) is an option, but even here I am skeptical. Adding equivalent alternatives in the BCP without that understanding would be agains the intention of the BCP, IMO. As for the algorithms, I have some doubts: > [Rationale] > symmetric key encryption: > * Camellia > - have different design policy (Feistel Structure) from AES > (SPN Structure) > - is implemented in OpenSSL 1.0.2, GnuTLS 3.3.5, NSS 3.15.1 and so on. Is it implemented in IE? Is it supported by Chrome? If the answer to one of these questions is No, it should not be included in the BCP. Same goes for Seed. I have no data here - anyone? > singnature: > * ECDSA > - is based on ECDLP (the security of RSA is based on > integer factring.) > - is implemented in OpenSSL 1.0.2, GnuTLS 3.3.5, NSS 3.15.1 and so on. Same questions. > mode of operations: - [CCM] I see no reason to include this here - support seems to be lacking. > MAC: - > * There is only HMAC as alternative algorithm and > And there is HMAC-SHA-3 as candidate of alternative hash function. Same reason here. Ralph -- Ralph Holz I8 - Network Architectures and Services Technische Universität München http://www.net.in.tum.de/de/mitarbeiter/holz/ Phone +49.89.289.18043 PGP: A805 D19C E23E 6BBB E0C4 86DC 520E 0C83 69B0 03EF _______________________________________________ Uta mailing list [email protected] https://www.ietf.org/mailman/listinfo/uta
