draft-zauner-tls-aes-ocb-04 is now implemented in BouncyCastle TLS, and I am looking for other implementations for interop testing.
Regards, Pete Dettman On 6/04/2016 9:47 PM, Aaron Zauner wrote: > Hi, > > I've uploaded a new version of the OCB draft a few days ago. Major changes: > > - the nonce construction is now identical to the one from the chacha/poly > draft to reduce risk of nonce misuse/reuse > - added a security considerations section on data limit under a single key > (identical to GCM) > - IPR claims for TLS are now fully resolved as far as I can tell - the draft > contains updated information on the issue > > I'm happy to receive any feedback/critique on the draft if anyone is > interested in reviewing. > > BTW: Andy Polyakov has added AESNI optimized assembly for OCB to OpenSSL > (https://github.com/openssl/openssl/commit/bd30091c9725bdad1c82bce10839f33ceaa5623b). > C/B numbers are quite impressive, IMO. > > Thanks for your consideration, > Aaron _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls