[babel] rather than ripemd160...
Dave Taht <dave.taht@gmail.com> Mon, 26 November 2018 12:43 UTC
Return-Path: <dave.taht@gmail.com>
X-Original-To: babel@ietfa.amsl.com
Delivered-To: babel@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1])
by ietfa.amsl.com (Postfix) with ESMTP id 5C6E8126CC7
for <babel@ietfa.amsl.com>; Mon, 26 Nov 2018 04:43:49 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.877
X-Spam-Level:
X-Spam-Status: No, score=-0.877 tagged_above=-999 required=5
tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1,
DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001,
SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URI_HEX=1.122]
autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key)
header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44])
by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id gBRyqtWM--bN for <babel@ietfa.amsl.com>;
Mon, 26 Nov 2018 04:43:47 -0800 (PST)
Received: from mail-qt1-x82a.google.com (mail-qt1-x82a.google.com
[IPv6:2607:f8b0:4864:20::82a])
(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
(No client certificate requested)
by ietfa.amsl.com (Postfix) with ESMTPS id A8F6A12D4EA
for <babel@ietf.org>; Mon, 26 Nov 2018 04:43:47 -0800 (PST)
Received: by mail-qt1-x82a.google.com with SMTP id p17so17276313qtl.5
for <babel@ietf.org>; Mon, 26 Nov 2018 04:43:47 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
h=mime-version:from:date:message-id:subject:to
:content-transfer-encoding;
bh=jti0zm07ZBdSZ4EzqOL/k3n1/qx0+GHZ7qN7UkI2P0U=;
b=cXrf3cgWRxH4Q0ZvJLokx0Np/r3g5DpEy4Wv3okUEeD0PLuWb/n+TCiPnaC+h7Amp8
VUPbkNRhpuz0Z/vN9Bp7V6aCfcrXaM+e0crYZ5PcNt7PobuoJBa0SXSD2ECxSHZk0QoV
xGrubCDrUKGkdN1fpq+sdL+0e7OMi4FeWHjnpamImOdOTH4vmvdSXCvz/uyzcu43cWmK
2D5U32r4Py3F2sv1mE2RPckQzPqr+/5qRwgv4jDeoyv0GUTJq/T0QLj28bxbiY/yw65/
PoWHZEvTidxafmqrslqRyRBns3ozAXNXKlxSmoG2CdOXwJ05VLtHwv5LU4lf1mL9Q3Lr
D2lw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20161025;
h=x-gm-message-state:mime-version:from:date:message-id:subject:to
:content-transfer-encoding;
bh=jti0zm07ZBdSZ4EzqOL/k3n1/qx0+GHZ7qN7UkI2P0U=;
b=KU+/Ur8VX0xjTvbGpEa9k7ReDcmkuQ0pGOOebV24n/bDEZoa15KiBj6lfo9kb9EQh/
FdQVV9Cmm3RJcDZAxh0dkQvP0ZWtraIniAc4J4hXaBRoLQIzLCBG3kJ8xchLfWoa6Jp6
pDPjqeBF2BZGLj+Ex2YkGfa+EMvvRQOAUmxWlzrUCeqCKXw8/0p9a/2YHiTH8G5Ew/Cs
iLXY0TJ21wa4yw3rRXOHvJNeQ5lHu7l8tBMUiUDMp7pvR03lPr86u44r6T+jP1X4RoU/
Qe7MWXsL79pvJ74EEY8vp/w5qVvXa8fS1ptMRcxjG5WeJsTCvIoJwhdJMn9cURhy9m70
AHRw==
X-Gm-Message-State: AGRZ1gIg8dPrS8MToiLRXZDToxFko/S9nFmse9e3eXbniVa2s1N18Cpm
xXc1Wd9tZOKNqJFkkjdlKiUBIJ6WSy4tQQPxbKB80uf1
X-Google-Smtp-Source: AJdET5dP+EMD5ix9pXF++9Ru/1wF+IsW80TEmZ3Va83aZ+OxJqkmxWjxoLAjU53nRZLJBuG6Ijap5xZdPn3BPMbbeeM=
X-Received: by 2002:ac8:3065:: with SMTP id g34mr26265208qte.136.1543236226608;
Mon, 26 Nov 2018 04:43:46 -0800 (PST)
MIME-Version: 1.0
From: Dave Taht <dave.taht@gmail.com>
Date: Mon, 26 Nov 2018 04:43:34 -0800
Message-ID: <CAA93jw5fHRm21yEJsabiiOF1ZP7Zh3M_gEgRo0imBOpRGhf0qA@mail.gmail.com>
To: babel-users <babel-users@lists.alioth.debian.org>,
Babel at IETF <babel@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/babel/hDdSmYNWYn7SRez7AmmNynCdwOs>
Subject: [babel] rather than ripemd160...
X-BeenThere: babel@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "A list for discussion of the Babel Routing Protocol."
<babel.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/babel>,
<mailto:babel-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/babel/>
List-Post: <mailto:babel@ietf.org>
List-Help: <mailto:babel-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/babel>,
<mailto:babel-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 26 Nov 2018 12:43:49 -0000
I have been fiddling with the hmac-challenge branch and deeply unhappy at the prospect of how much cpu this may end up consuming on the cheap MIPs routers common today (which are, admittedly, rapidly being replaced by cheap ARM ones). (let's not talk about dtls) Anyway, the default hash function is sha256 in the hmac-challenge branch. I approve, there's hardware support for it, and if someone breaks it, civilization collapses, so an alternate hmac is a "good to have", and what's in that branch... is ripemd160. Both blake and siphash seem like a superior choice for an alternate hmac function to ripemd160. In particular blake is subject of its own RFC, and comes in several clean highly optimized versions for x86 and arm architectures. https://blake2.net/ - https://www.131002.net/siphash/siphash.pdf ? -- Dave Täht CTO, TekLibre, LLC http://www.teklibre.com Tel: 1-831-205-9740
- [babel] rather than ripemd160... Dave Taht
- Re: [babel] rather than ripemd160... Juliusz Chroboczek
- Re: [babel] [Babel-users] rather than ripemd160... Toke Høiland-Jørgensen
- [babel] HMAC and MTI [was: rather than ripemd160.… Juliusz Chroboczek
- Re: [babel] [Babel-users] rather than ripemd160... Dave Taht
- Re: [babel] [Babel-users] rather than ripemd160... Toke Høiland-Jørgensen
- Re: [babel] HMAC and MTI [was: rather than ripemd… Markus Stenberg
- Re: [babel] HMAC and MTI [was: rather than ripemd… Toke Høiland-Jørgensen
- [babel] HMAC Key rotation key format (was ripemd) Dave Taht
- Re: [babel] HMAC and MTI [was: rather than ripemd… Juliusz Chroboczek
- Re: [babel] HMAC Key rotation key format (was rip… Mahesh Jethanandani
- Re: [babel] [Babel-users] rather than ripemd160... STARK, BARBARA H
- Re: [babel] [Babel-users] rather than ripemd160... Toke Høiland-Jørgensen
- Re: [babel] HMAC Key rotation key format (was rip… Toke Høiland-Jørgensen
- Re: [babel] HMAC Key rotation key format (was rip… Dave Taht
- Re: [babel] HMAC Key rotation key format (was rip… Toke Høiland-Jørgensen
- Re: [babel] [Babel-users] rather than ripemd160... David Schinazi
- Re: [babel] [Babel-users] HMAC Key rotation key f… David Schinazi
- Re: [babel] [Babel-users] rather than ripemd160... Dave Taht
- Re: [babel] [Babel-users] rather than ripemd160... Toke Høiland-Jørgensen
- Re: [babel] [Babel-users] rather than ripemd160... Toke Høiland-Jørgensen
- Re: [babel] [Babel-users] rather than ripemd160... Juliusz Chroboczek
- Re: [babel] [Babel-users] rather than ripemd160... Dave Taht
- Re: [babel] [Babel-users] rather than ripemd160... David Schinazi
- Re: [babel] [Babel-users] rather than ripemd160... Toke Høiland-Jørgensen
- [babel] DTLS and hmac co-existence Dave Taht
- Re: [babel] [Babel-users] DTLS and hmac co-existe… David Schinazi
- Re: [babel] [Babel-users] rather than ripemd160... Dave Taht
- Re: [babel] [Babel-users] HMAC Key rotation key f… Dave Taht
- Re: [babel] [Babel-users] rather than ripemd160... Dave Taht
- Re: [babel] [Babel-users] DTLS and hmac co-existe… Dave Taht
- Re: [babel] [Babel-users] HMAC Key rotation key f… Ted Lemon
- Re: [babel] [Babel-users] rather than ripemd160... Markus Stenberg
- Re: [babel] [Babel-users] rather than ripemd160... Toke Høiland-Jørgensen
- [babel] Blake2S, blake2B or neither? [was: rather… Juliusz Chroboczek
- Re: [babel] Blake2S, blake2B or neither? [was: ra… Toke Høiland-Jørgensen
- Re: [babel] Blake2S, blake2B or neither? [was: ra… Markus Stenberg
- Re: [babel] Blake2S, blake2B or neither? [was: ra… Juliusz Chroboczek
- Re: [babel] Blake2S, blake2B or neither? [was: ra… Toke Høiland-Jørgensen
- Re: [babel] Blake2S, blake2B or neither? [was: ra… Juliusz Chroboczek
- Re: [babel] [Babel-users] Blake2S, blake2B or nei… Dave Taht
- Re: [babel] [Babel-users] HMAC Key rotation key f… Juliusz Chroboczek
- Re: [babel] HMAC Key rotation key format (was rip… Juliusz Chroboczek
- Re: [babel] HMAC Key rotation key format (was rip… Dave Taht
- Re: [babel] HMAC Key rotation key format (was rip… Markus Stenberg