Dear all / authors of draft-mcgrew-tls-aes-ccm,
I'm trying to implement TLS_PSK_WITH_AES_128_CCM_8
[draft-mcgrew-tls-aes-ccm-03], which is the mandatory-to-implement
cipher suite for implementations of the Constrained Application
Protocol [draft-ietf-core-coap-08] in DTLS PSK mode.
It's surprisingly difficult to find some of the security parameters
for this cipher suite. It would be great if someone could confirm the
following values:
prf_algorithm = tls_prf_sha256
bulk_cipher_algorithm = aes
cipher_type = aead
enc_key_length = 16 octets
block_length = 16 octets
fixed_iv_length = 4 octets
record_iv_length = 8 octets
mac_algorithm = null
mac_length = 0 octets
mac_key_length = 0 octets
verify_data_length = 12 octets
Another quite unobvious thing is the value of the
GenericAEADCipher.nonce_explicit field. Maybe something like the
following text could be added to the draft?
GenericAEADCipher.nonce_explicit MUST be the
64-bit sequence number (TLS) or the 16-bit epoch
concatenated with the 48-bit sequence_number
(DTLS).
Thanks,
Klaus
_______________________________________________
TLS mailing list
TLS@...
https://www.ietf.org/mailman/listinfo/tls
