Re: [Cfrg] [TLS] NIST crypto group and HKDF (and therefore TLS 1.3)

Sean Turner <sean@sn3rd.com> Sat, 09 May 2020 23:33 UTC

Return-Path: <sean@sn3rd.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C12203A0C60 for <cfrg@ietfa.amsl.com>; Sat, 9 May 2020 16:33:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=sn3rd.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lC9oKf162se9 for <cfrg@ietfa.amsl.com>; Sat, 9 May 2020 16:33:52 -0700 (PDT)
Received: from mail-qv1-xf36.google.com (mail-qv1-xf36.google.com [IPv6:2607:f8b0:4864:20::f36]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6E1803A0C5B for <cfrg@ietf.org>; Sat, 9 May 2020 16:33:52 -0700 (PDT)
Received: by mail-qv1-xf36.google.com with SMTP id fb4so2616179qvb.7 for <cfrg@ietf.org>; Sat, 09 May 2020 16:33:52 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sn3rd.com; s=google; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=nSeA62DOg5YBvij105Ks2yNSqeogozV+Im+u3JU8lTY=; b=PrKAHFEtlYxKmitGyGOTP17vD2dB/NrpEtFxOO2zL7mG+NoSShia6wd2W2KDbgSDF/ PSWiyjK7MEbHRmJs3ce4hJBJrkfw0dfuRC3asCbhZr3IPvpEL7LWnbSXAksX9Ikv3yFQ lfIn7P7q6UrUH/XHMZy4Yzg+zduOnQKrR6m+Q=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=nSeA62DOg5YBvij105Ks2yNSqeogozV+Im+u3JU8lTY=; b=O0HVG7dcL3fREDTLNZyvr1N5ESuchkUgcrWlYUSY/RIiO5ppClBWL8Nf3fq11X5xE7 6Y5WzxW4bm4aMaP3cAjnbYCfFmR9Nlbv+3tKTDEr77FV2DbC5hhmGNhShkZpGpxUybiX 1kqBUQ5DVBGWF00hCqu6baAgIINFVO2+SvYWKqDfaG1hCaRP1DkvQ5+25n/FZ2fyGYBC cs7/wcTb4vKK1dw0OVfRA34F7gwLbvUwOQXBtQesxDQb9IM8delUk5x4WG22jmSXv9Oc x6Ytu/ge+DpD1N9mBQsJsYD2MU9WoV8boiM50VAHgjTf2tpTl/6sWvf0CPyNaozDLQwK w9Og==
X-Gm-Message-State: AGi0Pub80Uq++WWdXxo/pzAsqlXAKsBXixeI+NdXOmLkvJpdAgWP67Q9 HKMEGBQNIoRhLkfGAGLMXwt2TQ==
X-Google-Smtp-Source: APiQypJQCF4vOovSoS2ODm0z/Xdgl6bLzdpc1y12RwRWc8pbuQ/vUgMz3/abDgK2xoTVfgASDpZchA==
X-Received: by 2002:a0c:8d0d:: with SMTP id r13mr3232517qvb.53.1589067231307; Sat, 09 May 2020 16:33:51 -0700 (PDT)
Received: from sn3rd.lan ([75.102.131.34]) by smtp.gmail.com with ESMTPSA id n65sm4677184qka.128.2020.05.09.16.33.50 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Sat, 09 May 2020 16:33:50 -0700 (PDT)
Content-Type: text/plain; charset=utf-8
Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.80.23.2.2\))
From: Sean Turner <sean@sn3rd.com>
In-Reply-To: <FFC8BB90-A57A-4A82-8739-1BD71D53DD58@akamai.com>
Date: Sat, 9 May 2020 19:33:48 -0400
Cc: TLS List <tls@ietf.org>, "cfrg@ietf.org" <cfrg@ietf.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <93A3A780-8624-47DD-9C47-88F60A929C9C@sn3rd.com>
References: <07D37E65-0951-49BB-B86E-BD3167ADB352@akamai.com> <9bae52f88d99421cbae6ab362e52c0a3@blackberry.com> <83724575-D77E-4E1C-89E9-7550D816C451@akamai.com> <764a9a78-615c-4a91-817f-d25a2f1643cb@www.fastmail.com> <FFC8BB90-A57A-4A82-8739-1BD71D53DD58@akamai.com>
To: "Salz, Rich" <rsalz=40akamai.com@dmarc.ietf.org>
X-Mailer: Apple Mail (2.3608.80.23.2.2)
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/-cn9GHU0PBZKzou1TW2tkn3IBWc>
Subject: Re: [Cfrg] [TLS] NIST crypto group and HKDF (and therefore TLS 1.3)
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Sat, 09 May 2020 23:33:57 -0000

Rich,

Check out SP 800-52r2. Section 3.1 includes the following:

servers … should be configured to negotiate TLS 1.3.

and

Agencies shall support TLS 1.3 by January 1, 2024.

“should” and “shall” are defined in RFC 2119. One could make the case that you are already there ;} If not, then I’m going to guess that SP 800-135r1, which includes a bunch of Application-Specific KDFs (e.g., IKEv2, TLS 1.2) needs a rev.

spt

> On May 9, 2020, at 09:07, Salz, Rich <rsalz=40akamai.com@dmarc.ietf.org> wrote:
> 
> Sorry for the confusion I caused.
> 
> HKDF is part of SP 800-56C.  NIST says that what TLS 1.3 does isn't quite the same, and therefore will not be covered by 56C. NIST wants to get TLS 1.3 validated for FIPS, and is currently trying to figure out how to do so.  The comment period for 56C closes Friday, and getting the TLS 1.3 KDF accepted into that is one way to get TLS 1.3 into FIPS.
> 
> Hope this helps clear things up.
> 
> _______________________________________________
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls