The SEED Encryption Algorithm
draft-lee-rfc4009bis-02
Revision differences
Document history
| Date | Rev. | By | Action |
|---|---|---|---|
|
2012-08-22
|
02 | (System) | post-migration administrative database adjustment to the No Objection position for Brian Carpenter |
|
2012-08-22
|
02 | (System) | post-migration administrative database adjustment to the Yes position for Russ Housley |
|
2005-06-12
|
02 | Amy Vezza | State Changes to RFC Ed Queue from Approved-announcement sent by Amy Vezza |
|
2005-06-06
|
02 | Michael Lee | IESG state changed to Approved-announcement sent |
|
2005-06-06
|
02 | Michael Lee | IESG has approved the document |
|
2005-06-06
|
02 | Michael Lee | Closed "Approve" ballot |
|
2005-06-06
|
02 | Russ Housley | [Ballot Position Update] Position for Russ Housley has been changed to Yes from Discuss by Russ Housley |
|
2005-06-06
|
02 | Russ Housley | State Changes to Approved-announcement to be sent from IESG Evaluation::AD Followup by Russ Housley |
|
2005-06-01
|
02 | (System) | Sub state has been changed to AD Follow up from New Id Needed |
|
2005-06-01
|
02 | (System) | New version available: draft-lee-rfc4009bis-02.txt |
|
2005-05-27
|
02 | (System) | Removed from agenda for telechat - 2005-05-26 |
|
2005-05-26
|
02 | Amy Vezza | State Changes to IESG Evaluation::Revised ID Needed from IESG Evaluation by Amy Vezza |
|
2005-05-26
|
02 | Russ Housley | [Ballot discuss] The issue raise in Brian's comment appears to be a technical error. Please correct the error, and then the document can be … [Ballot discuss] The issue raise in Brian's comment appears to be a technical error. Please correct the error, and then the document can be approved. |
|
2005-05-26
|
02 | Russ Housley | [Ballot Position Update] Position for Russ Housley has been changed to Discuss from Yes by Russ Housley |
|
2005-05-26
|
02 | Brian Carpenter | [Ballot Position Update] Position for Brian Carpenter has been changed to No Objection from Discuss by Brian Carpenter |
|
2005-05-26
|
02 | Brian Carpenter | [Ballot comment] Apparent text ambiguities (from review by Joel Halpern): This is nearly ready for publication as an informational RFC. However, it still retains ambiguities … [Ballot comment] Apparent text ambiguities (from review by Joel Halpern): This is nearly ready for publication as an informational RFC. However, it still retains ambiguities that seem distinctly undesirable. The algorithm in section 2 reads: Input : (L, R) for i = 1 to 15 L = R, R = L ^ F(Ki, R) L = L ^ F(K16, R), R=R Output : (L, R) The problem with this is that, as written, this appears t discard the upper 64 bits of key each time through. I presume that the intent is to save the original R, use the original L and R, and end up with the old R in L and the new R in R. i.e. T = R; R = L ^ F(Ki, R); L = T; Presumably the authors intended comma separated expressions in pseudo code to be simultaneous assignment. Most readers won't read it that way. Such usage is at best confusing. This is also the only section where the lack of explicit definition for the pseudo-code language matters. But it does matter here. It would be helpful if the division of blocks (or keys) into parts in sections 2 and 2.1 was more explicit (as section 2.2 is) about which part gets the more significant bits, and which part gets the less significant bits. The reader can guess, but guessing is not good specification. Thus, the L and R of section 2 should indicate which block is the most significant 64 bits of the input block. Similarly, Section 2.1 should explicitly indicate which block (R0 and R1) is the more significant 32 bits of R. And Ki0 and Ki1 should explicitly state which portions of the Ki input they correspond to. I believe the authors intended the reader to make assumptions based on the notation (L, R), but since this notation is never defined, such assumptions are unwarranted. Section 2.2 does this properly. I don't know if it matters, but I can not find the definitions of m0, m1, m2, and m3 in section 2.2. (It does not seem to matter much, since the actual usage of the m's is captured in teh relationship between the S and SS values, which are documented in the appendix.) |
|
2005-05-26
|
02 | Margaret Cullen | [Ballot Position Update] New position, No Objection, has been recorded for Margaret Wasserman by Margaret Wasserman |
|
2005-05-26
|
02 | Mark Townsley | [Ballot Position Update] New position, No Objection, has been recorded for Mark Townsley by Mark Townsley |
|
2005-05-26
|
02 | Bert Wijnen | [Ballot Position Update] Position for Bert Wijnen has been changed to No Objection from Undefined by Bert Wijnen |
|
2005-05-26
|
02 | Bert Wijnen | [Ballot comment] state in abstract that 4009 is obsoleted |
|
2005-05-26
|
02 | Bert Wijnen | [Ballot Position Update] New position, Undefined, has been recorded for Bert Wijnen by Bert Wijnen |
|
2005-05-25
|
02 | David Kessens | [Ballot Position Update] New position, No Objection, has been recorded for David Kessens by David Kessens |
|
2005-05-25
|
02 | Michelle Cotton | IANA Comments: We understand this document to have NO IANA Actions. |
|
2005-05-24
|
02 | Ted Hardie | [Ballot Position Update] New position, No Objection, has been recorded for Ted Hardie by Ted Hardie |
|
2005-05-24
|
02 | Scott Hollenbeck | [Ballot Position Update] New position, No Objection, has been recorded for Scott Hollenbeck by Scott Hollenbeck |
|
2005-05-23
|
02 | Brian Carpenter | [Ballot discuss] Apparent text ambiguities (from review by Joel Halpern): This is nearly ready for publication as an informational RFC. However, it still retains ambiguities … [Ballot discuss] Apparent text ambiguities (from review by Joel Halpern): This is nearly ready for publication as an informational RFC. However, it still retains ambiguities that seem distinctly undesirable. The algorithm in section 2 reads: Input : (L, R) for i = 1 to 15 L = R, R = L ^ F(Ki, R) L = L ^ F(K16, R), R=R Output : (L, R) The problem with this is that, as written, this appears t discard the upper 64 bits of key each time through. I presume that the intent is to save the original R, use the original L and R, and end up with the old R in L and the new R in R. i.e. T = R; R = L ^ F(Ki, R); L = T; Presumably the authors intended comma separated expressions in pseudo code to be simultaneous assignment. Most readers won't read it that way. Such usage is at best confusing. This is also the only section where the lack of explicit definition for the pseudo-code language matters. But it does matter here. It would be helpful if the division of blocks (or keys) into parts in sections 2 and 2.1 was more explicit (as section 2.2 is) about which part gets the more significant bits, and which part gets the less significant bits. The reader can guess, but guessing is not good specification. Thus, the L and R of section 2 should indicate which block is the most significant 64 bits of the input block. Similarly, Section 2.1 should explicitly indicate which block (R0 and R1) is the more significant 32 bits of R. And Ki0 and Ki1 should explicitly state which portions of the Ki input they correspond to. I believe the authors intended the reader to make assumptions based on the notation (L, R), but since this notation is never defined, such assumptions are unwarranted. Section 2.2 does this properly. I don't know if it matters, but I can not find the definitions of m0, m1, m2, and m3 in section 2.2. (It does not seem to matter much, since the actual usage of the m's is captured in teh relationship between the S and SS values, which are documented in the appendix.) |
|
2005-05-23
|
02 | Brian Carpenter | [Ballot Position Update] New position, Discuss, has been recorded for Brian Carpenter by Brian Carpenter |
|
2005-05-20
|
01 | (System) | New version available: draft-lee-rfc4009bis-01.txt |
|
2005-05-19
|
02 | Russ Housley | [Ballot Position Update] New position, Yes, has been recorded for Russ Housley |
|
2005-05-19
|
02 | Russ Housley | Ballot has been issued by Russ Housley |
|
2005-05-19
|
02 | Russ Housley | Created "Approve" ballot |
|
2005-05-19
|
02 | (System) | Ballot writeup text was added |
|
2005-05-19
|
02 | (System) | Last call text was added |
|
2005-05-19
|
02 | (System) | Ballot approval text was added |
|
2005-05-19
|
02 | Russ Housley | Placed on agenda for telechat - 2005-05-26 by Russ Housley |
|
2005-05-19
|
02 | Russ Housley | State Changes to IESG Evaluation from AD Evaluation by Russ Housley |
|
2005-05-19
|
02 | Russ Housley | Intended Status has been changed to Informational from None |
|
2005-05-19
|
02 | Russ Housley | State Changes to AD Evaluation from Publication Requested by Russ Housley |
|
2005-05-19
|
02 | Russ Housley | Draft Added by Russ Housley in state Publication Requested |
|
2005-05-02
|
00 | (System) | New version available: draft-lee-rfc4009bis-00.txt |