TSCH and CCM security proofs

Email thread available at: https://mailarchive.ietf.org/arch/msg/6tisch/40DjZyw7J_B5hIGhKhHEvErIYbQ

Proposed resolution:

Implementations MUST use different link-layer keys when using different authentication tag (MIC) lengths, as using the same key with different authentication tag lengths might be unsafe. For example, this prohibits the usage of the same key for both MIC-32 and MIC-64 levels. See Annex B.4.3 of {{IEEE802.15.4}} for more information.

Comments (2)