Now that we've preliminarily decided to allow both the 128-bit and 256-bit columns in IKEv2-SCSI (T10/07-449), the next straw poll for the group is to decide which symmetric encryption mode to mandate for IKEv2-SCSI.  The choices are as follows:
<br><br>a) AES-GCM; or<br>b) AES-CBC-HMAC-SHA<br clear="all"><br>GCM is generally faster in both software and hardware implementations.&nbsp; CBC-HMAC-SHA is currently FIPS 140-2-approved (SP 800-38A + FIPS 198a + FIPS 180-2).&nbsp; However, NIST will likely approve SP 800-38D (GCM) by the time IKEv2-SCSI is finished.
<br><br>Please check with your crypto dudes and let David Black and me know which choice you prefer, and whether this is a strong preference.&nbsp; I&#39;m hoping we can resolve this by the next CAP security conference call, or Vegas at the latest.
<br><br>-- <br>Thanks!<br>Matt Ball<br>IEEE SISWG Chair<br>303-717-2717<br><a href="http://www.linkedin.com/in/matthewvball">http://www.linkedin.com/in/matthewvball</a>