Thread Links Date Links
Thread Prev Thread Next Thread Index Date Prev Date Next Date Index

Re: [STDS-P1619] E-MOTION 2013-10: Approve P1619r/D23 for Sponsor Ballot

Approve with Comments:

  1. In D.4.1 "General XEX transform", on page 25, line 7, I recommend removing the Editor's Note and replacing it with text such as this:  "In contrast to XEX, XTS-AES uses two keys to provide a tighter security bound (see section D.4.3)."
  2. In D.4.2, we should be able to replace the security bound with the original tighter bound of 4.5 q^2/2^n + epsilon (instead of a coefficient of 9.5) if we use the following reference:  K. Minematsu. “Improved Security Analysis of XEX and LRW Modes.” Selected Areas in Cryptography- SAC’06, LNCS 4356, pp.96-113, 2007.
  3. In D.4.3, I recommend removing this sentence: "This separation is a specific example of separation of key usage by purpose and is considered a good security design practice (see NIST Key Management Guidelines [B9], part 1, Section 5.2)".   Liskov and Minematsu (see [Liskov and Minematsu]) go through some trouble to explain how this text confuses the word 'purpose' as NIST intends it versus the way that it is used in P1619.  To avoid being taunted a second time, we should just remove the sentence.
  4. I recommend adding text to D.4.3. to reference [B12] so that we can show the security of ciphertext stealing.  Proposed text, to be inserted at the end of the first paragraph: "The final difference between XEX and XTS-AES is that XTS-AES allows for encrypting non-multiples of the underlying cipher width by using the ciphertext stealing technique.  Ciphertext stealing is shown to be secure in [B12]."
  5. I recommend adding the following reference for [Liskov and Minematsu].  (Note that due to the U.S. government shutdown, NIST's website is down.  However, it is possible to get a cached version by using this search at cache: )

[Liskov and Minematsu]: Moses Liskov and Kazuhiko Minematsu, "Comments on XTS-AES", Sept 2, 2008, See .


On Sat, Oct 5, 2013 at 10:25 AM, Eric Hibbard <Eric.Hibbard@xxxxxxx> wrote:

E-MOTION 2013-10: Approve P1619r/D23 for sponsor ballot

The IEEE Security in Storage Working Group (SISWG) authorizes the IEEE P1619r editor to submit draft D23 with approved changes for sponsor ballot.  This motion allows for editorial changes and minor corrections to be made to the draft before ballot without a re-vote in the working group. If after approval of this motion, major changes to P1619r are deemed necessary by the SISWG, this vote shall be voided and a new vote shall be required for the working group to submit the draft standard to sponsor ballot.


E-Voting opens: October 07, 202013, 5:00am Pacific
E-Voting closes: November 06, 2013, 5:00pm Pacific

Eligible E-voters:

Eric Hibbard
Luther Martin
Erik Anderson
Matt Ball
Landon Noll

Jim Hatfield

Voting Details:

Each voting IEEE SISWG member shall vote one of the following positions:

  1. Approve (Affirmative with or without Comments)
  2. Do Not Approve
    (Negative with Comments - the reasons for a negative vote shall be given and shall include specific wording or actions that, if implemented, would resolve the objection)
  3. Abstain (Abstention with Comment – the reason for an abstain vote shall be given)

Note: All other votes, e.g. “Negative without comments”, shall be considered an “abstain.”
Note: The specific wording or actions provided with a Negative with Comments ballot will be used to better understand what specific issues the balloter has with the document. Negotiations or other conversations may be necessary to actually make changes that satisfy the negative balloter. Overly broad comments such as “I don’t think we should be standardizing this” or “I don’t like this document” are not specific and will be considered an “abstain” absent other specific comments on that ballot.

Non-voting members of SISWG may also offer comments on the draft during the ballot period, but the working group is under no obligation to consider them.


All ballot responses and any associated comments must be sent to the presiding officer (Eric Hibbard eric.hibbard@xxxxxxx) and should also be sent to the SISWG email d-list (STDS-P1619@xxxxxxxxxxxxxxxxx) before the close of the ballot. The results of the ballot will be posted shortly after the ballot closes.


CTO Security and Privacy


International Representative, INCITS TC CS1 Cyber Security

Co-Chair, Cloud Security Alliance (CSA) – International Standardization Council (ISC)

Co-Chair, American Bar Association – SciTech Law – eDiscovery & Digital Evidence Committee

Vice Chair, American Bar Association – SciTech Law – Cloud Computing Committee

Chair, IEEE Information Assurance Standards Committee (IASC)

Chair, SNIA Security Technical Work Group

Vice Chair, IEEE Security in Storage Work Group (P1619)


2825 Lafayette Street
Santa Clara, CA 95050-2639
P 408.970.7979/ C 408.314.0515


Matt Ball
Cell: 303-717-2717