[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Cfrg] comments on AES Key Wrap with Pad

To: "Russ Housley" <housley at vigilsec.com>
Subject: Re: [Cfrg] comments on AES Key Wrap with Pad
From: "Dan Harkins" <dharkins at lounge.org>
Date: Mon, 6 Apr 2009 12:29:41 -0700 (PDT)
Cc: dworkin at nist.gov, mcgrew at cisco.com, cfrg at irtf.org
Delivered-to: cfrg at core3.amsl.com
Importance: Normal
In-reply-to: <20090406180425.15C8A9A474D at odin.smetech.net>
List-archive: <http://www.irtf.org/mail-archive/web/cfrg>
List-help: <mailto:cfrg-request@irtf.org?subject=help>
List-id: Crypto Forum Research Group <cfrg.irtf.org>
List-post: <mailto:cfrg@irtf.org>
List-subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
List-unsubscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
References: <20090328172818.1F6759A47B3 at odin.smetech.net> <B52B2A30-DEB6-41F7-ABB9-55BBC670B5F5 at cisco.com> <20090401205525.161C89A4726 at odin.smetech.net> <4366428E-4934-46CF-B210-CBC02C6FD038 at cisco.com> <20090406180425.15C8A9A474D at odin.smetech.net>
User-agent: SquirrelMail/1.4.14 [SVN]

  Hi Russ,

  This looks good. I suggest s/should not be tempted to/MUST NOT/
in the warning but it's probably fine as is.

  Thanks for addressing my comments,

  Dan.

On Mon, April 6, 2009 11:04 am, Russ Housley wrote:
> Dan & Dave:
>
> You have suggested things that should be added to the security
> considerations.  I'd prefer to back up a few hundred feet and see if
> some more general statements would be satisfactory.
>
> Key Criteria:  I'd rather use the guidance that already appears in
> NIST description for the AES Key Wrap.  That is:
>
>     The KEK must be at least as good as the keying material it is
> protecting.
>
> AEAD: I'd rather explain why an algorithm dedicated to key wrapping
> is desirable.  That is:
>
>     In the design of some high assurance cryptographic modules, it is
>     desirable to segregate cryptographic keying material from other data.
>     The use of a specific cryptographic mechanism solely for the
>     protection of cryptographic keying material can assist in this goal.
>     The AES Key Wrap and the AES Key Wrap with Pad are such mechanisms.
>     System designers should not be tempted to use these algorithms to
>     encrypt anything other than cryptographic keying material.
>
> Russ
>
>

References:
- [Cfrg] AES Key Wrap with Pad
  - From: Russ Housley
- [Cfrg] comments on AES Key Wrap with Pad
  - From: David McGrew
- Re: [Cfrg] comments on AES Key Wrap with Pad
  - From: Russ Housley
- Re: [Cfrg] comments on AES Key Wrap with Pad
  - From: David McGrew
- Re: [Cfrg] comments on AES Key Wrap with Pad
  - From: Russ Housley

Prev by Date: Re: [Cfrg] comments on AES Key Wrap with Pad
Next by Date: [Cfrg] DNSSEC considering adopting GOST R 34.10-2001 and GOST R 34.11-94
Previous by thread: Re: [Cfrg] comments on AES Key Wrap with Pad
Next by thread: [Cfrg] DNSSEC considering adopting GOST R 34.10-2001 and GOST R 34.11-94
Index(es):
- Date
- Thread