Hi David, Do you know if NIST is planning on producing a block cipher based method for key derivation? It would be nice to get away with only AES. One approach would be to keep the AES-CBC cipher AES only and let implementations that are concerned about FIPS 140 have the choice of implementing the SHA-256 cipher.
Thanks, Joe > -----Original Message----- > From: David McGrew (mcgrew) > Sent: Thursday, October 12, 2006 5:09 AM > To: Joseph Salowey (jsalowey) > Cc: emu@ietf.org > Subject: Re: [Emu] GPSK Open Issues - mandatory ciphersuites > > Hi Joe, > > a ciphersuite consisting of AES-CBC and AES-CMAC seems > reasonable, but we should strive to make sure that the method > that derives keys for these algorithms is FIPS-140 approved, > so that a module implementing all three methods can be > validated. The KDFs defined in draft-dang-nistkdf-01.txt > meet this requirement, but would require that a hash function > like SHA-256 be present. Still, this seems like a decent way > to go because at least it keeps SHA-256 out of the data- > processing path, and the alternate ciphersuite that you > mention has it there. > > David > > On Oct 3, 2006, at 3:04 PM, Joseph Salowey ((jsalowey)) wrote: > > > Here is my suggestion for resolving the ciphersuite issue: > > > > We need to define a small set (preferably one, maybe two) > of mandatory > > to implement ciphersuites for GPSK. The mandatory to > implement ciphers > > should exercise the features of GPSK. This would suggest that it > > should be a block cipher based ciphersuite. It seems a reasonable > > choice is AES-CBC with AES-CMAC. This makes use of a single base > > algorithm using relatively simple modes of operation. > > > > The HMAC-SHA256 ciphersuite should also be described, but is not > > mandatory to implement. > > > > Does this seem reasonable? Any objections? > > > > Thanks, > > > > Joe > > > > _______________________________________________ > > Emu mailing list > > Emu@ietf.org > > https://www1.ietf.org/mailman/listinfo/emu > > _______________________________________________ Emu mailing list Emu@ietf.org https://www1.ietf.org/mailman/listinfo/emu
