[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Cfrg] Re: universal MACs

To: "D. J. Bernstein" <djb at cr.yp.to>
Subject: Re: [Cfrg] Re: universal MACs
From: "David A. McGrew" <mcgrew at cisco.com>
Date: Mon, 17 Jan 2005 07:17:05 -0800
Cc: "'cfrg at ietf.org'" <cfrg at ietf.org>
In-reply-to: <20050114065836.57336.qmail@cr.yp.to>
List-help: <mailto:cfrg-request@ietf.org?subject=help>
List-id: Crypto Forum Research Group <cfrg.ietf.org>
List-post: <mailto:cfrg@ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@ietf.org?subject=unsubscribe>
References: <151A63B4E33B4F49896AC6D1BA788A6E15C57F@EXCHVS2.louisville.stortek.com> <20040926155422.1F55F1AE84@berkshire.research.att.com> <20040926195031.59299.qmail@cr.yp.to> <B382BA62-28D7-11D9-8709-0003935495EC@cisco.com> <20041102205520.89918.qmail@cr.yp.to> <20050114065836.57336.qmail@cr.yp.to>
Sender: cfrg-bounces at ietf.org

Dan,

thanks for posting the links to the new info. It is interesting work. I encourage you to consider writing up an internet draft on this MAC and then moving it to an informational RFC if there is interest; my guess is that there will be plenty of interest. There was discussion about generating an RFC for UMAC a while back, which shows the interest in this area (there was a UMAC draft, but never an RFC, nor were test vectors published IIRC).

For others on the list: anyone else interested in implementing the MAC? It would be great to hear a 'second' on the test vectors, and it would be interesting to hear about implementation experience in other environments. In particular, it will be useful to hear how the hash performs on platforms which lack fast floating-point multiplies, but which have a decent integer-based multiply (see Section 5 of "The Poly1305-AES message-authentication code").

David

On Jan 13, 2005, at 10:58 PM, D. J. Bernstein wrote:

I wrote, a couple of months ago:

I've just posted http://cr.yp.to/papers.html#poly1305, introducing and
analyzing Poly1305-AES, a 128-bit MAC.


As a followup: The Poly1305-AES paper will appear in the Fast Software
Encryption 2005 proceedings. Today I've posted http://cr.yp.to/mac.html
with C API details, a reference implementation, and some tests.

The main piece missing from the web page at this point is my optimized implementation; stay tuned. In the meantime, I'll be happy to answer any questions that people have about security, the API, protocol use, etc.

---D. J. Bernstein, Associate Professor, Department of Mathematics,
Statistics, and Computer Science, University of Illinois at Chicago

_______________________________________________
Cfrg mailing list
Cfrg at ietf.org
https://www1.ietf.org/mailman/listinfo/cfrg


_______________________________________________
Cfrg mailing list
Cfrg at ietf.org
https://www1.ietf.org/mailman/listinfo/cfrg

Follow-Ups:
- Re: [Cfrg] Re: universal MACs
  - From: Ken Raeburn

References:
- [Cfrg] Re: [saag] Bad day at the hash function factory
  - From: Hughes, James P
- [Cfrg] Re: [saag] Bad day at the hash function factory
  - From: Steven M. Bellovin
- Re: [Cfrg] Re: [saag] Bad day at the hash function factory
  - From: D. J. Bernstein
- universal MACs [was: Re: [Cfrg] Re: [saag] Bad day at the hash function factory]
  - From: David A. McGrew
- [Cfrg] Re: universal MACs
  - From: D. J. Bernstein
- Re: [Cfrg] Re: universal MACs
  - From: D. J. Bernstein

Prev by Date: Re: [Cfrg] Re: universal MACs
Next by Date: [Cfrg] Re: universal MACs
Previous by thread: Re: [Cfrg] Re: universal MACs
Next by thread: Re: [Cfrg] Re: universal MACs
Index(es):
- Date
- Thread