Proposal to include additional cryptographic algorithms in the NTPSec implementation (Richard Laager)

[Sarath _Msft_]

Thank you for your response. I am not a cryptography expert either - so perhaps crypto experts even from Microsoft may have a different take on this.
 >The RFC does specifically say that "Server implementations... MUST support AEAD_AES_SIV_CMAC_256." (RFC 8915, section 4.1.
This is a requirement for standards compliant implementation no doubt, but limiting an implementation to only this algorithm type seems to limit the flexibility made available in NTS-KE AEAD algorithm negotiation (also in Section 4.1.5 of RFC 8915).
I can give one more compelling reason for this proposal besides finding matching algorithms between OpenSSL and SymCrypt libraries.
Based on my (admittedly limited) reading, NTS-NTP appears to be the primary RFC taking a dependency on AES_SIV_CMAC algorithms. The additional algorithms suggested for inclusion see widespread use and have common name recognition among administrators and users, in addition to being common to both OpenSSL and SymCrypt libraries. Adding support for these algorithms will give users a choice of readily recognizable crypto algorithms and in my opinion, help lower the barriers for adoption of NTS-NTP protocol.
RFC8915 is an important protocol and standards-compliant implementations further interoperability.  Having said that, I am unable to comment on future releases from Microsoft at this time.
-Sarath
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ntpsec.org/pipermail/devel/attachments/20250128/517fd992/attachment.htm>