Yoav Nir ynir.i...@gmail.com wrote:
Second issue is about UI advice. Some implementations (yes, mine is
included) allow the user to configure encryption algorithm, MAC
algorithm, and D-H group. There is no setting for PRF since such UIs
date back to IKEv1. The PRF is usually
Here's the reason that we do use the 32-bit salt value for GCM - to prevent
batching attacks.
Consider the case that an attacker is able to collect packets from a billion
(2^30) sessions; each such session contains a packet with the same IV (say,
IV=0), and contains a packet with the same
On Mar 31, 2015, at 1:49 PM, Tero Kivinen kivi...@iki.fi wrote:
Yoav Nir writes:
First is the nonce/IV question: In the current draft, there is a
64-bit IV with guidance not to repeat them (so use a counter or
LFSR). The function itself accepts a 96-bit input nonce, so the
nonce is
Subject: [IPsec] Two questions about draft-ietf-ipsecme-chacha20-poly1305-00
Hi,
There is two questions I would like guidance from the group about.
First is the nonce/IV question: In the current draft, there is a 64-bit IV
with guidance not to repeat them (so use a counter or LFSR
Yoav Nir writes:
First is the nonce/IV question: In the current draft, there is a
64-bit IV with guidance not to repeat them (so use a counter or
LFSR). The function itself accepts a 96-bit input nonce, so the
nonce is constructed from the 64-bit IV and 32 zero bits. The reason
for doing this
Hi,
There is two questions I would like guidance from the group about.
First is the nonce/IV question: In the current draft, there is a 64-bit IV with
guidance not to repeat them (so use a counter or LFSR). The function itself
accepts a 96-bit input nonce, so the nonce is constructed from the
Arrgh. Please don’t reply-all to my previous message, because it was mistakenly
directed to I-D announce…
On Mar 30, 2015, at 5:39 PM, Yoav Nir ynir.i...@gmail.com wrote:
Hi,
There is two questions I would like guidance from the group about.
First is the nonce/IV question: In the
-Original Message-
From: IPsec [mailto:ipsec-boun...@ietf.org] On Behalf Of Yoav Nir
Sent: Monday, March 30, 2015 10:40 AM
To: internet-dra...@ietf.org
Cc: ipsec@ietf.org; i-d-annou...@ietf.org
Subject: [IPsec] Two questions about draft-ietf-ipsecme-chacha20-poly1305-00
Hi