[Gen-art] Gen-ART LC review of draft-gutmann-cms-hmac-enc-05
Alexey Melnikov <alexey.melnikov@isode.com> Fri, 08 July 2011 20:24 UTC
Return-Path: <alexey.melnikov@isode.com>
X-Original-To: gen-art@ietfa.amsl.com
Delivered-To: gen-art@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1573D21F8D07; Fri, 8 Jul 2011 13:24:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.599
X-Spam-Level:
X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZJOId5sdfyeF; Fri, 8 Jul 2011 13:24:01 -0700 (PDT)
Received: from rufus.isode.com (rufus.isode.com [62.3.217.251]) by ietfa.amsl.com (Postfix) with ESMTP id C3AC221F8CE8; Fri, 8 Jul 2011 13:24:00 -0700 (PDT)
Received: from [188.28.19.130] (188.28.19.130.threembb.co.uk [188.28.19.130]) by rufus.isode.com (submission channel) via TCP with ESMTPA id <ThdnWwB=gLW5@rufus.isode.com>; Fri, 8 Jul 2011 21:23:57 +0100
Message-ID: <4E17672C.1050005@isode.com>
Date: Fri, 08 Jul 2011 21:23:08 +0100
From: Alexey Melnikov <alexey.melnikov@isode.com>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.12) Gecko/20050915
X-Accept-Language: en-us, en
To: draft-gutmann-cms-hmac-enc.all@tools.ietf.org
MIME-Version: 1.0
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Cc: gen-art@ietf.org, iesg@ietf.org
Subject: [Gen-art] Gen-ART LC review of draft-gutmann-cms-hmac-enc-05
X-BeenThere: gen-art@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "GEN-ART: General Area Review Team" <gen-art.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/gen-art>, <mailto:gen-art-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/gen-art>
List-Post: <mailto:gen-art@ietf.org>
List-Help: <mailto:gen-art-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 08 Jul 2011 20:24:05 -0000
I am the assigned Gen-ART reviewer for this draft. For background on
Gen-ART, please see the FAQ at
<http://wiki.tools.ietf.org/area/gen/trac/wiki/GenArtfaq>.
Please resolve these comments along with any other Last Call comments
you may receive.
Document: draft-gutmann-cms-hmac-enc-05
Reviewer: Alexey Melnikov
Review Date: 2011-07-08
IETF LC End Date: 2011-07-20
IESG Telechat date: 2011-08-11
Summary: This draft is almost ready for publication as a standard track
RFC.
Major issues: none
Minor issues:
3. CMS Encrypt-and-Authenticate Overview
Conventional CMS encryption uses a content encryption key (CEK) to
encrypt a message payload. Authenticated encryption requires two
keys, one for encryption and a second one for authentication. Like
other mechanisms that use authenticated encryption, this document
employs a pseudorandom function (PRF) to convert a single block of
keying material into the two keys required for encryption and
authentication. This converts the standard CMS encryption operation:
KEK( CEK ) || CEK( data )
It would be good to expand KEK on the first use.
Also, it would have been nice to specify all parameters here and below,
so that it is clear where MAC-K and CEK-K are used.
into:
KEK( master_secret ) || MAC( CEK( data ) )
where the MAC and encryption keys are derived from the master_secret
via:
MAC-K := PRF( master_secret, "authentication" );
CEK-K := PRF( master_secret, "encryption" );
4.2. Rationale
Using a fixed-length key rather than making it a user-selectable
parameter is done for the same reason as AES' quantised key lengths:
there's no benefit to allowing, say, 137-bit keys over basic 128- and
256-bit lengths, it adds unnecessary complexity, and if the lengths
are user-defined then there'll always be someone who wants keys that
go up to 12.
Excuse my ignorance, but what does "go up to 12" (and "go to 11"
elsewhere) mean?
Nits/editorial comments: none
(id-nits reports one Downref, but it was called out in the IETF LC
announcement)
- [Gen-art] Gen-ART LC review of draft-gutmann-cms-… Alexey Melnikov