[Ietf-krb-wg] Camellia-CTS for Kerberos
Luke Howard
lukeh at padl.com
Mon May 10 09:25:59 EDT 2010
The users/lhoward/camellia-ccm branch of MIT Kerberos contains an implementation of both CCM and CMAC, for both AES and Camellia. The mandatory checksum type for the CCM enctypes is CMAC. (However, as mentioned before, integrity in CCM is provided through CBC-MAC.)
#define ENCTYPE_AES128_CCM_128 -64
#define ENCTYPE_AES256_CCM_128 -65
#define ENCTYPE_CAMELLIA128_CCM_128 -66
#define ENCTYPE_CAMELLIA256_CCM_128 -67
#define CKSUMTYPE_CMAC_128_AES128 -64
#define CKSUMTYPE_CMAC_128_AES256 -65
#define CKSUMTYPE_CMAC_128_CAMELLIA128 -66
#define CKSUMTYPE_CMAC_128_CAMELLIA256 -67
-- Luke
On 09/05/2010, at 8:47 PM, Luke Howard wrote:
> Regarding implementing Camellia-CCM (admittedly otherwise unspecified and off-topic), would one prefer the mandatory Kerberos checksum type to be SHA-1 (-512?) or CMAC? (Note this is orthogonal to the use of CBC-MAC in CCM itself.)
>
> CMAC is arguably more consistent with CCM (see NIST 800-38C section 5.2).
>
> -- Luke
> _______________________________________________
> ietf-krb-wg mailing list
> ietf-krb-wg at lists.anl.gov
> https://lists.anl.gov/mailman/listinfo/ietf-krb-wg
>
--
www.padl.com | www.thisismagnolia.net
More information about the Kerberos
mailing list