Thread Links Date Links
Thread Prev Thread Next Thread Index Date Prev Date Next Date Index

Re: [802.3_NGECDC] Single twisted pair, 1km CFI slide review



JB/Bob-

Encryption has been out of scope for 802.3 work for 35 years.
I see no compelling reason to change now.
It is not within the 802.3 skill set nor would be appropriate to bundle with a PHY project.

These considerations belong in 802.1

Best regards,

	Geoff Thompson


> On Mar 2, 2016, at 5:48 PMPST, Joseph Byrne <joseph.byrne@xxxxxxx> wrote:
> 
> Robert,
> 
> For the reasons you supplied (speed and scalability) GCM is preferred. Moreover, MACsec is often implemented in the MAC. Deviating from accepted practice would mean either forcing the industry to always put it in the PHY or for MACs to support both versions. Neither is acceptable, especially in light of the acceptance GCM has garnered since the days of 11i. Moreover, I think predicating 1000Base-T1 on developing a new MACsec standard would slow the process of developing -T1.
> 
> JB
> 
> -----Original Message-----
> From: Robert Moskowitz [mailto:rgm@xxxxxxxxxxxxxxxxxxxx] 
> Sent: Wednesday, March 02, 2016 5:00 PM
> To: STDS-802-3-NGECDC@xxxxxxxxxxxxxxxxx
> Subject: Re: [802.3_NGECDC] Single twisted pair, 1km CFI slide review
> 
> I will add one more item to consider, and that is security.
> 
> Security for 802.3 frames is provided by 802.1AE which specifies the AES GCM mode of operation.  GCM was specifically developed back for 802.3ah
> (EPON) and is designed for fast, parallelizable operation. This is achieved at a cost to memory over CCM which was developed for 802.11i and is used in 802.15.4 as well.
> 
> An oft discussion is GCM or CCM, and in constrained environments, CCM typically wins.  As such this work should include a matching effort in
> 802.1 to add CCM to 802.1AE.
> 
> This is a first-level evaluation of the cost of security for LRE devices and more discussion and research will be needed.