Thread Links Date Links
Thread Prev Thread Next Thread Index Date Prev Date Next Date Index

Re: [STDS-P1619] 1619r



Hi Glen,

Good catch!  Yes I agree that we need to include "in the data unit" in the second sentence.  Alternatively, we could drop the second sentence and modify the first sentence to have a limit of 2^20.  I think any of these approaches accomplish the goal of clarifying the requirement precisely.

See an additional comment in-line below:

Cheers,
-Matt


On Wed, Nov 27, 2013 at 10:46 AM, Glen Jaquette <jaquette@xxxxxxxxxx> wrote:

Matt,
From my point of view, I think I favor a variant of your 2nd option.   That is, I am OK with dropping the 1st sentence, but only if we modify the 2nd sentence to include the "in the data unit" qualifier that today only exists in the 1st sentence.  That is, specifically, the 2nd sentence should be changed from:

    The number of 128-bit blocks shall not exceed 220.
 
To:
    The number of 128-bit blocks in the data unit shall not exceed 220.


Also, with regards to the maximum amount of ciphertext recommended under a single XTS-AES key, which appears is only addressed in Annex D, there were quite a few changes proposed to the numbers in section D.4.3.   Did you guys conclude on which exact set of numbers you proposed to be used in the next version of 1619?   If so, could you please send that set of numbers?  [Perhaps by incorporating whatever changes were agreed to in Annex D, and sending the revised version of Annex D.]

I believe that the latest draft (D24) shows the currently agreed-to numbers by the group.  If you find any mistakes or have any recommended changes in this section, I think the group would be interested to hear!
 
Regards,
                  Glen Jaquette
                  jaquette@xxxxxxxxxx
                  (520) 352-9146


Inactive hide details for Matt Ball ---11/23/2013 12:35:50 PM---Hi Glen, This is a good point that we missed earlier.  I think Matt Ball ---11/23/2013 12:35:50 PM---Hi Glen, This is a good point that we missed earlier.  I think we can handle this in

From: Matt Ball <matt.ball@xxxxxxxx>
To: STDS-P1619@xxxxxxxxxxxxxxxxx,
Date: 11/23/2013 12:35 PM
Subject: Re: [STDS-P1619] 1619r




Hi Glen,

This is a good point that we missed earlier.  I think we can handle this in one of two ways:
    1. Revert the text to its previous contents, or
    2. Remove the first sentence so that the limit is now unambiguously 2^20 per data unit.
I recommend that we take the second option because this is more in line with NIST SP 800-38E (see http://csrc.nist.gov/publications/nistpubs/800-38E/nist-sp-800-38E.pdf) which reads:
    "The length of the data unit for any instance of an implementation of XTS-AES shall not exceed 2^20 AES blocks. Note that Subclause 5.1 of Ref.[2] recommends this limit but does not require it."

One of the goals of this revision is to make IEEE 1619rev and NIST SP 800-38E more in alignment, and this change would work towards that goal.

Would anyone object if we removed the first sentence (as in option 2) as an editorial change before starting Sponsor Ballot?

Cheers,
-Matt


On Sun, Nov 17, 2013 at 9:07 PM, Glen Jaquette <jaquette@xxxxxxxxxx> wrote:
    Guys,
    I apologize for missing the telecon.  But I have a question.  Previously, the only thing keeping the last two full sentences of this excerpt of 1619 was the words "shall" in the 1st and "should" in the 2nd,   This draft proposes to replace "should" with "shall" in the 2nd of those sentences -- which only then begs the question of why the modified 2nd sentence (i.e. with the "shall" is not a direct contradiction of the sentence which precedes it?



    Regards,
                      Glen Jaquette
                     
    jaquette@xxxxxxxxxx 

    Phone;  
    (520) 352-9146

    --
    Thanks!

    Matt Ball
    Cell: 303-717-2717




--
Thanks!

Matt Ball
Cell: 303-717-2717

GIF image

GIF image