Re: Defaults issues with AES-GCM from Wan-Teh Chang on 2013-04-18 (public-webcrypto@w3.org from April 2013)

From: Wan-Teh Chang <wtc@google.com>
Date: Wed, 17 Apr 2013 19:02:14 -0700
To: Richard Barnes <rbarnes@bbn.com>
Cc: Web Cryptography Working Group <public-webcrypto@w3.org>
Message-ID: <CALTJjxG6iF6s8-WfU1ByzY46VAnctSLbLMTGV8SY=xY1c7Vy3g@mail.gmail.com>

On Wed, Apr 17, 2013 at 5:52 PM, Richard Barnes <rbarnes@bbn.com> wrote:
>
> Proposed revised AesGcmParams:
>
> dictionary AesGcmParams : AlgorithmParameters {
>   ...
>   // The desired length of the authentication tag. May be 0 - 128.
>   [EnforceRange] octet? tagLength = 128;

The comment should say "length in bits".

A tagLength of 0 should be disallowed. Perhaps "May be 32 - 128" or
"May be 64 - 128".

We probably should also restrict tagLength to be a multiple of 8.

Wan-Teh

Received on Thursday, 18 April 2013 02:02:40 UTC