Re: applying AES-GCM to secure shell: proposed "tweak"

To: Niels Möller <nisse%lysator.liu.se@localhost>
Subject: Re: applying AES-GCM to secure shell: proposed "tweak"
From: Nicolas Williams <Nicolas.Williams%sun.com@localhost>
Date: Wed, 15 Apr 2009 16:13:40 -0500

On Wed, Apr 15, 2009 at 11:05:52PM +0200, Niels Möller wrote:
> der Mouse <mouse%Rodents-Montreal.ORG@localhost> writes:
> 
> >> It doesn't need to be ignored, but the order does matter.  AEAD-*
> >> algorithms must appear first in the order list.
> >
> > That's completely unextendable; what happens when another algorithm is
> > added that also "must appear first"?
> 
> Agreed. That's not acceptable.
> 
> And besides that, it should be possible to express old-fashioned
> preferences, like "I really like triple-DES, but if you don't support
> it, I'll go with AEAD as a fallback".

Right.  My proposal (MAC algs nego irrelvant when AEAD cipher chosen)
allows that.

References:
- applying AES-GCM to secure shell: proposed "tweak"
  - From: Tim Polk
- Re: applying AES-GCM to secure shell: proposed "tweak"
  - From: Niels Möller
- Re: applying AES-GCM to secure shell: proposed "tweak"
  - From: der Mouse
- Re: applying AES-GCM to secure shell: proposed "tweak"
  - From: Nicolas Williams
- RE: applying AES-GCM to secure shell: proposed "tweak"
  - From: James Blaisdell
- Re: applying AES-GCM to secure shell: proposed "tweak"
  - From: der Mouse
- Re: applying AES-GCM to secure shell: proposed "tweak"
  - From: Niels Möller

Prev by Date: Re: applying AES-GCM to secure shell: proposed "tweak"
Next by Date: Re: applying AES-GCM to secure shell: proposed "tweak"
Previous by Thread: Re: applying AES-GCM to secure shell: proposed "tweak"
Next by Thread: RE: applying AES-GCM to secure shell: proposed "tweak"
Indexes:

Home | Main Index | Thread Index | Old Index