Re: [Emu] Review of draft-ietf-emu-eap-gpsk-08 (1st round of comments)

To: "Charles Clancy" <clancy at cs.umd.edu>
Subject: Re: [Emu] Review of draft-ietf-emu-eap-gpsk-08 (1st round of comments)
From: "Dan Harkins" <dharkins at lounge.org>
Date: Fri, 27 Jun 2008 12:45:33 -0700 (PDT)
Cc: Hannes Tschofenig <hannes.tschofenig at gmx.net>, emu at ietf.org
Delivered-to: ietfarch-emu-web-archive at core3.amsl.com
Delivered-to: emu at core3.amsl.com
Importance: Normal
In-reply-to: <486501B9.1060601@cs.umd.edu>
List-archive: <http://www.ietf.org/pipermail/emu>
List-help: <mailto:emu-request@ietf.org?subject=help>
List-id: "EAP Methods Update \(EMU\)" <emu.ietf.org>
List-post: <mailto:emu@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/emu>, <mailto:emu-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/emu>, <mailto:emu-request@ietf.org?subject=unsubscribe>
References: <47E95784.8060407@cs.umd.edu> <486501B9.1060601@cs.umd.edu>
Sender: emu-bounces at ietf.org
User-agent: SquirrelMail/1.4.14 [SVN]

  Hi Charles,

On Fri, June 27, 2008 8:05 am, Charles Clancy wrote:
[snip]
>> S6 and elsewhere: Several places in the document assume that KS (key
>> size of the ciphersuite) is always the same as the MAC output length.
>> This would make it difficult to define ciphersuites based on
>> e.g. AES-CMAC-256. If this restriction is intentional (and WG is happy
>> with it), at the very least it needs to be emphasized much more.
>
> I'm not sure what AES-CMAC-256 means.  RFC 4493 defines CMAC
> specifically for 128 length AES, so if you wanted to something involving
> 256, you'd need to define exactly what AES-CMAC-256 was, and I imagine
> it would have a 256-bit input and a 256-bit output.  Regardless, I added
> a statement in the key derivation section saying the input and output
> lengths of your ciphersuite must be equal.

  CMAC is defined in NIST SP 800-38B and section D.3 deals with the
instance of CMAC-AES-256 (with test vectors!). It takes a 256-bit key
and, like all AES-based MACs, produces a 128-bit digest.

  regards,

  Dan.



_______________________________________________
Emu mailing list
Emu at ietf.org
https://www.ietf.org/mailman/listinfo/emu

References:
- Re: [Emu] Review of draft-ietf-emu-eap-gpsk-08 (1st round of comments)
  - From: Charles Clancy

Prev by Date: [Emu] I-D Action:draft-ietf-emu-eap-gpsk-09.txt
Next by Date: Re: [Emu] I-D Action:draft-ietf-emu-eap-gpsk-09.txt
Previous by thread: Re: [Emu] Review of draft-ietf-emu-eap-gpsk-08 (1st round of comments)
Next by thread: Re: [Emu] Review of draft-ietf-emu-eap-gpsk-08 (1st round of comments)
Index(es):
- Date
- Thread

Re: [Emu] Review of draft-ietf-emu-eap-gpsk-08 (1st round of comments)

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.