Re: [TLS] I-D Action: draft-ietf-tls-ecdhe-psk-aead-00.txt

Sun, 10 Jul 2016 03:52:20 -0700 

Hi,
I've just implemented these ciphersuites in BouncyCastle TLS, and have a
couple of questions:

In Section 3., should

   TLS_ECDHE_PSK_WITH_AES_256_CCM_8_SHA256 = {0xTBD,0xTBD};

end with ...SHA384 instead?

   For the AES-256 cipher suites, the TLS PRF with SHA-384 as the hash
   function SHALL be used and Clients and Servers MUST NOT negotiate
   curves of less than 384 bits.

requires SHA384 as the PRF, and I don't know what else SHA256 could
refer to for an AEAD ciphersuite.

I'm also curious whether there is a precedent in other RFCs for an
explicit minimum curve bits, or perhaps a de facto implementer's rule?

Regards,
Pete Dettman

On 28/05/2016 12:19 AM, [email protected] wrote:
> 
> A New Internet-Draft is available from the on-line Internet-Drafts 
> directories.
> This draft is a work item of the Transport Layer Security of the IETF.
> 
>         Title           : ECDHE_PSK with AES-GCM and AES-CCM Cipher Suites 
> for Transport Layer Security (TLS)
>         Authors         : John Mattsson
>                           Daniel Migault
>       Filename        : draft-ietf-tls-ecdhe-psk-aead-00.txt
>       Pages           : 7
>       Date            : 2016-05-27
> 
> Abstract:
>    This document defines several new cipher suites for the Transport
>    Layer Security (TLS) protocol.  The cipher suites are all based on
>    the Ephemeral Elliptic Curve Diffie-Hellman with Pre-Shared Key
>    (ECDHE_PSK) key exchange together with the Authenticated Encryption
>    with Associated Data (AEAD) algorithms AES-GCM and AES-CCM.  PSK
>    provides light and efficient authentication, ECDHE provides perfect
>    forward secrecy, and AES-GCM and AES-CCM provides encryption and
>    integrity protection.
> 
> 
> The IETF datatracker status page for this draft is:
> https://datatracker.ietf.org/doc/draft-ietf-tls-ecdhe-psk-aead/
> 
> There's also a htmlized version available at:
> https://tools.ietf.org/html/draft-ietf-tls-ecdhe-psk-aead-00
> 
> 
> Please note that it may take a couple of minutes from the time of submission
> until the htmlized version and diff are available at tools.ietf.org.
> 
> Internet-Drafts are also available by anonymous FTP at:
> ftp://ftp.ietf.org/internet-drafts/
> 
> _______________________________________________
> TLS mailing list
> [email protected]
> https://www.ietf.org/mailman/listinfo/tls
> 

_______________________________________________
TLS mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/tls

Reply via email to