[Cfrg] Truncation of tag for ChaCha/Poly1305
"Jim Schaad" <ietf@augustcellars.com> Fri, 07 August 2015 18:13 UTC
Return-Path: <ietf@augustcellars.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 121B71A8712 for <cfrg@ietfa.amsl.com>; Fri, 7 Aug 2015 11:13:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.2
X-Spam-Level:
X-Spam-Status: No, score=-1.2 tagged_above=-999 required=5 tests=[BAYES_05=-0.5, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id c5VwvXYyLbvP for <cfrg@ietfa.amsl.com>; Fri, 7 Aug 2015 11:13:49 -0700 (PDT)
Received: from smtp1.pacifier.net (smtp1.pacifier.net [64.255.237.171]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E8B6A1A86F6 for <cfrg@irtf.org>; Fri, 7 Aug 2015 11:13:48 -0700 (PDT)
Received: from hebrews (c-24-21-96-37.hsd1.or.comcast.net [24.21.96.37]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) (Authenticated sender: jimsch@nwlink.com) by smtp1.pacifier.net (Postfix) with ESMTPSA id 592AB2CA32 for <cfrg@irtf.org>; Fri, 7 Aug 2015 11:13:48 -0700 (PDT)
From: Jim Schaad <ietf@augustcellars.com>
To: cfrg@irtf.org
Date: Fri, 07 Aug 2015 11:14:11 -0700
Message-ID: <0a4101d0d13c$dc891a40$959b4ec0$@augustcellars.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Outlook 15.0
Content-Language: en-us
Thread-Index: AdDRPInad3I/pRS7T1G5ZArc9WhFfw==
Archived-At: <http://mailarchive.ietf.org/arch/msg/cfrg/c4UvjpPrABxDYZrJODfr99VJMck>
Subject: [Cfrg] Truncation of tag for ChaCha/Poly1305
X-BeenThere: cfrg@mail.ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.mail.ietf.org>
List-Unsubscribe: <https://mail.ietf.org/mailman/options/cfrg>, <mailto:cfrg-request@mail.ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@mail.ietf.org>
List-Help: <mailto:cfrg-request@mail.ietf.org?subject=help>
List-Subscribe: <https://mail.ietf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@mail.ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 07 Aug 2015 18:13:50 -0000
I was looking at this algorithm for inclusion in a document that I am working on and I came up with the following question. Are there any security considerations that are involved with truncating the tag? I expect the standard warning that the odds of forgery are related to the length of the tag. My question is are there any other issues that I am missing. I did not see anything in RFC7539 about truncating the tag. Jim
- [Cfrg] Truncation of tag for ChaCha/Poly1305 Jim Schaad
- Re: [Cfrg] Truncation of tag for ChaCha/Poly1305 Ilari Liusvaara
- Re: [Cfrg] Truncation of tag for ChaCha/Poly1305 Taylor R Campbell