[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Cfrg] AES Key Wrap with Pad

To: "Russ Housley" <housley at vigilsec.com>
Subject: Re: [Cfrg] AES Key Wrap with Pad
From: "Dan Harkins" <dharkins at lounge.org>
Date: Sat, 28 Mar 2009 11:50:14 -0700 (PDT)
Cc: cfrg at irtf.org
Delivered-to: cfrg at core3.amsl.com
Importance: Normal
In-reply-to: <20090328172818.1F6759A47B3 at odin.smetech.net>
List-archive: <http://www.irtf.org/mail-archive/web/cfrg>
List-help: <mailto:cfrg-request@irtf.org?subject=help>
List-id: Crypto Forum Research Group <cfrg.irtf.org>
List-post: <mailto:cfrg@irtf.org>
List-subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
List-unsubscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
References: <20090328172818.1F6759A47B3 at odin.smetech.net>
User-agent: SquirrelMail/1.4.14 [SVN]

  Hi Russ,

  This draft addresses a shortcoming in AES Key Wrap (RFC 3394) but I
still have to ask "why?"

  Using this new version of AES Key Wrap will require a new code point
and if that's the case why not just use AES-SIV (RFC 5297)? It allows
for wrapping of arbitrarily-sized keys (which is the enhancement your
new I-D adds to AES Key Wrap) but also has the ability to accept
associated data.

  A key wrapping algorithm that accepts associated data is valuable to
protocols which need to distribute wrapped keys. They can bind the
message containing the key to the wrapping and/or include shared state
to prevent against cut-and-paste attacks. And itt obviates the need to
do an additional HMAC-foo over the entire message.

  While this I-D provides an improvement on AES Key Wrap, it seems to
me that it's putting a turbo-charger on a Volkswagon Bug when you could
drive a Ferrari instead.

  regards,

  Dan.

On Sat, March 28, 2009 10:28 am, Russ Housley wrote:
> http://www.ietf.org/internet-drafts/draft-housley-aes-key-wrap-with-pad-02.txt
>
> I want to make sure that the CFRG is aware of this document.
>
> Russ
>
> _______________________________________________
> Cfrg mailing list
> Cfrg at irtf.org
> http://www.irtf.org/mailman/listinfo/cfrg
>

References:
- [Cfrg] AES Key Wrap with Pad
  - From: Russ Housley

Prev by Date: [Cfrg] AES Key Wrap with Pad
Next by Date: Re: [Cfrg] AES Key Wrap with Pad
Previous by thread: [Cfrg] AES Key Wrap with Pad
Next by thread: Re: [Cfrg] AES Key Wrap with Pad
Index(es):
- Date
- Thread