Re: [IPsec] Please review draft-ietf-ipsecme-chacha20-poly1305

2015-04-28 Thread Michael Richardson
Yoav Nir ynir.i...@gmail.com wrote: Is this diagram correct: some comment on the accuracy of my diagram would be appreciated :-) I think that the IANA considerations of ipsecme-chacha20-poly1305 should say something like, According to cfrg-chacha20, Poly-1305 is not

Re: [IPsec] Please review draft-ietf-ipsecme-chacha20-poly1305

2015-04-28 Thread Yoav Nir
On Apr 28, 2015, at 4:09 PM, Michael Richardson mcr+i...@sandelman.ca wrote: Yoav Nir ynir.i...@gmail.com wrote: Is this diagram correct: some comment on the accuracy of my diagram would be appreciated :-) I’ll get to that later. I think that the IANA considerations of

Re: [IPsec] Please review draft-ietf-ipsecme-chacha20-poly1305

2015-04-27 Thread Yoav Nir
On Apr 27, 2015, at 6:25 PM, Michael Richardson mcr+i...@sandelman.ca wrote: I read draft-ietf-ipsecme-chacha20-poly1305 on Friday last, and then found that I needed to further review draft-nir-cfrg-chacha20-poly1305-06 to better understand the questions in para 2 of the security

Re: [IPsec] Please review draft-ietf-ipsecme-chacha20-poly1305

2015-04-23 Thread Tero Kivinen
Valery Smyslov writes: I thought so as well. In the meantime, the TLS working group is discussing the same thing for TLS 1.3, and they are proposing to get rid of the salt (or IV) for AES-GCM as well as ChaCha20. http://www.ietf.org/mail-archive/web/tls/current/msg15884.html AFAIK

Re: [IPsec] Please review draft-ietf-ipsecme-chacha20-poly1305

2015-04-22 Thread Valery Smyslov
Hi Yoav, Hi, Valery. Thanks for the review. See my reply inline. Technical issues. 1. For the question raised in the draft: TBD: do we want an extra 32 bits as salt for the nonce like in GCM, or keep the salt (=SenderID) at zero? I prefer to follow GCM-like approach, i.e. to take

Re: [IPsec] Please review draft-ietf-ipsecme-chacha20-poly1305

2015-04-21 Thread Yoav Nir
Hi, Valery. Thanks for the review. See my reply inline. On Apr 21, 2015, at 7:19 PM, Valery Smyslov sva...@gmail.com wrote: Hi, this is my review of draft-ietf-ipsecme-chacha20-poly1305-02. I think that the draft is in a good shape. A few issues need to be resolved. Technical

Re: [IPsec] Please review draft-ietf-ipsecme-chacha20-poly1305

2015-04-21 Thread Valery Smyslov
Hi, this is my review of draft-ietf-ipsecme-chacha20-poly1305-02. I think that the draft is in a good shape. A few issues need to be resolved. Technical issues. 1. For the question raised in the draft: TBD: do we want an extra 32 bits as salt for the nonce like in GCM, or keep the

[IPsec] Please review draft-ietf-ipsecme-chacha20-poly1305

2015-03-30 Thread Paul Hoffman
Greetings. We have a new short draft in the WG, and would like to get reviews soon so we can move it into WG Last Call in about two weeks. We are not in a rush, but we also don't need to delay this too much. We have five committed reviewers, but it would very useful if we had a few more. If