[babel] Blake2S, blake2B or neither? [was: rather than ripemd160...]

Juliusz Chroboczek <jch@irif.fr> Fri, 30 November 2018 11:24 UTC

Return-Path: <jch@irif.fr>
X-Original-To: babel@ietfa.amsl.com
Delivered-To: babel@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A60A4130DD2 for <babel@ietfa.amsl.com>; Fri, 30 Nov 2018 03:24:04 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id e1PELCYlJmBF for <babel@ietfa.amsl.com>; Fri, 30 Nov 2018 03:24:02 -0800 (PST)
Received: from korolev.univ-paris7.fr (korolev.univ-paris7.fr [IPv6:2001:660:3301:8000::1:2]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 449E812D4EC for <babel@ietf.org>; Fri, 30 Nov 2018 03:24:02 -0800 (PST)
Received: from mailhub.math.univ-paris-diderot.fr (mailhub.math.univ-paris-diderot.fr [81.194.30.253]) by korolev.univ-paris7.fr (8.14.4/8.14.4/relay1/82085) with ESMTP id wAUBNsCM023586; Fri, 30 Nov 2018 12:23:54 +0100
Received: from mailhub.math.univ-paris-diderot.fr (localhost [127.0.0.1]) by mailhub.math.univ-paris-diderot.fr (Postfix) with ESMTP id 63BF429F11; Fri, 30 Nov 2018 12:24:00 +0100 (CET)
X-Virus-Scanned: amavisd-new at math.univ-paris-diderot.fr
Received: from mailhub.math.univ-paris-diderot.fr ([127.0.0.1]) by mailhub.math.univ-paris-diderot.fr (mailhub.math.univ-paris-diderot.fr [127.0.0.1]) (amavisd-new, port 10023) with ESMTP id dTUlYuLTXkAL; Fri, 30 Nov 2018 12:23:57 +0100 (CET)
Received: from pirx.irif.fr (unknown [78.194.40.74]) (Authenticated sender: jch) by mailhub.math.univ-paris-diderot.fr (Postfix) with ESMTPSA id 8534329F08; Fri, 30 Nov 2018 12:23:52 +0100 (CET)
Date: Fri, 30 Nov 2018 12:23:52 +0100
Message-ID: <87in0e6c6v.wl-jch@irif.fr>
From: Juliusz Chroboczek <jch@irif.fr>
To: Toke =?ISO-8859-1?Q?H=F8iland-J=F8rgensen?= <toke@toke.dk>
Cc: Markus Stenberg <markus.stenberg@iki.fi>, Dave =?ISO-8859-1?Q?T=E4ht?= <dave@taht.net>, babel-users <babel-users@lists.alioth.debian.org>, babel@ietf.org
In-Reply-To: <87woouq24j.fsf@toke.dk>
References: <CAA93jw5fHRm21yEJsabiiOF1ZP7Zh3M_gEgRo0imBOpRGhf0qA@mail.gmail.com> <87in0koun6.wl-jch@irif.fr> <87in0kx98o.fsf@toke.dk> <CAA93jw5gaYgyUX-ABX156_TnFX25Sy5SLyuRgd28fMLfRW4UHA@mail.gmail.com> <871s78x7z0.fsf@toke.dk> <2D09D61DDFA73D4C884805CC7865E6114DF44154@GAALPA1MSGUSRBF.ITServices.sbc.com> <87pnurwo5e.fsf@toke.dk> <CAPDSy+5QDu_kW-f=JWO1cPJJnDwDNpVwxwVC9SxfcE5+EOMpRg@mail.gmail.com> <87o9a9v3c6.fsf@toke.dk> <875zwhxv28.wl-jch@irif.fr> <8736rl16yj.fsf@taht.net> <87lg5cxuql.fsf@taht.net> <1C6B19AE-EAA7-4329-A364-8E4C059DAC01@iki.fi> <87woouq24j.fsf@toke.dk>
User-Agent: Wanderlust/2.15.9
MIME-Version: 1.0 (generated by SEMI-EPG 1.14.7 - "Harue")
Content-Type: text/plain; charset=US-ASCII
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.2.7 (korolev.univ-paris7.fr [194.254.61.138]); Fri, 30 Nov 2018 12:23:54 +0100 (CET)
X-Miltered: at korolev with ID 5C011DCA.001 by Joe's j-chkmail (http : // j-chkmail dot ensmp dot fr)!
X-j-chkmail-Enveloppe: 5C011DCA.001 from mailhub.math.univ-paris-diderot.fr/mailhub.math.univ-paris-diderot.fr/null/mailhub.math.univ-paris-diderot.fr/<jch@irif.fr>
X-j-chkmail-Score: MSGID : 5C011DCA.001 on korolev.univ-paris7.fr : j-chkmail score : . : R=. U=. O=. B=0.000 -> S=0.000
X-j-chkmail-Status: Ham
Archived-At: <https://mailarchive.ietf.org/arch/msg/babel/eKTEbsnT09aQdljSdpX867oydw0>
Subject: [babel] Blake2S, blake2B or neither? [was: rather than ripemd160...]
X-BeenThere: babel@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "A list for discussion of the Babel Routing Protocol." <babel.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/babel>, <mailto:babel-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/babel/>
List-Post: <mailto:babel@ietf.org>
List-Help: <mailto:babel-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/babel>, <mailto:babel-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 30 Nov 2018 11:24:05 -0000

>> With these numbers, I withdraw my support of including anything else
>> than SHA256 as MTI. I think specifying Blake2B or 2S as well makes
>> sense (mostly for crypto robustness reasons for having alternative
>> that is specified) but making it MAY-SHOULD seems sensible to me.

> I can probably live with that :)

Excellent, it looks like we're converging.  Thanks to both of you for the
informative and kind discussion.

At this stage, I see four possibilities:

  (1) leave the document as it is;
  (2) add a mention that implementation of Blake2S is RECOMMENDED (SHOULD);
  (3) add a mention that implementation of Blake2B is RECOMMENDED;
  (4) add a mention that implementation of both 2B and 2S is RECOMMENDED.

I am in favour of (1), since I am convinced that SHA256 is fast enough for
all reasonable devices.  (2) makes sense to me, and I won't oppose it.
I'll need some convincing in order to do (3) or (4), since Blake2B does
not appear bring any significant speed advantage over SHA256.

In either case, I'm planning to implement SHA256, Blake2B and Blake2S in
the reference implementation.

-- Juliusz