IETF Logo Mail Archive

Re: [CFRG] options == bad?

Kai Mindermann <kai.mindermann@ic-consult.com> Mon, 22 August 2022 06:44 UTC

Return-Path: <kai.mindermann@ic-consult.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B49FAC152595 for <cfrg@ietfa.amsl.com>; Sun, 21 Aug 2022 23:44:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.108
X-Spam-Level:
X-Spam-Status: No, score=-7.108 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=ic-consult.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 63v3P0hREN8j for <cfrg@ietfa.amsl.com>; Sun, 21 Aug 2022 23:44:27 -0700 (PDT)
Received: from EUR04-VI1-obe.outbound.protection.outlook.com (mail-eopbgr80105.outbound.protection.outlook.com [40.107.8.105]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F1A77C152592 for <cfrg@irtf.org>; Sun, 21 Aug 2022 23:44:25 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=krv2i6aihTRcwr5EPhYrEyC6oF2/uxjNUvOpV/8OMlvqVHZDgKxdZaFg9Yk11OKQ0omcrUFXdGaf6CPFGHTuwUtbcH0yjw1fn/1CS2qSsJlSxreqqDmst2/XCtgGu9kf4Dv7OCdBPxwDVUOH2tBW1dyDT/mteVznXqnJltRgMbLJozfV0/k6o18jGLFkMejSVPDEZb3A7uTu/Vnt3hLAMBPtRhujIcGWTLrQBcCs5vyKieeKo/m3jWhvcGwtNLmpitvQauzzSsMSQcS50+BMNRfSiyga8F+nrrAIjdJY6KqkbcTdfdGlOtjOdqCs3OdYp3UEGQCbz+FeeayxuVnxcA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=2AVfztj1Wc9bKupjgYNSPn9MeoUIhhjpqv+7lbbKTD4=; b=km8ssLAsEunu5PAQ4IY5+Yeu53bjalDintoNC5RcxMbz0IT2aFffiqZZIWa2iY6F/wDhuYb1dDfegaWvPdVkgP3trL7wrW9XNh3FHWA5d+VD8ZapuMH6CQUczCeppPvbZaHHFvhc+z5J8Y0/bDQzT3djmMnlkaSNTaf2Mf1gZ8VBZUk8IzKQrq4/jjgrQy8qnbZ4B9QUYsPf115wFUt5FprtmGVmDZuC8Rpz6l0i/98bRgrPCh6zloxOxWc2Wup9hb7gj9MuwOu+CRhLYYHj9hpUwkriHI0P2I8K9SZ+o1b/CpiPyBpP76JaBOQNL7vPo5HLcRmCc56BUumt+TfrzA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ic-consult.com; dmarc=pass action=none header.from=ic-consult.com; dkim=pass header.d=ic-consult.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ic-consult.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=2AVfztj1Wc9bKupjgYNSPn9MeoUIhhjpqv+7lbbKTD4=; b=qmjmOdBUK8rz6DAC4kgtMS4vsuwZ9KCJVjmAAK1wlAmpE/8cu8IjJFPdls/bD837JLxafij9PGW8wdcwecf/jXF4AyQhCuqqFk30FxEcTHwyTPE3UBYEyPl13/bnGdYYTsEk8oFwAWHqvctz70gtPanyrqdsIbwaKDD7yi+/cJ0/m5hw136crxEkK7+Y/cePp5wE33/TEUcYI9p6Z6kDsvdR1IJwdYoA3IpAyeUf4tS8cnj0Nbpz5TJ4UivoTKocYu56KAMp8cqZ3N/tjuQO8J7XXT7YUAGVmYi3thH0QEDdAsitfc3o0bPASsgI6wHyJjr7KTKH4/71yRCyrMyKUQ==
Received: from AM9P194MB1265.EURP194.PROD.OUTLOOK.COM (2603:10a6:20b:3a9::10) by AM9P194MB1380.EURP194.PROD.OUTLOOK.COM (2603:10a6:20b:3a5::8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5546.16; Mon, 22 Aug 2022 06:44:21 +0000
Received: from AM9P194MB1265.EURP194.PROD.OUTLOOK.COM ([fe80::9511:b8b3:a69c:1919]) by AM9P194MB1265.EURP194.PROD.OUTLOOK.COM ([fe80::9511:b8b3:a69c:1919%2]) with mapi id 15.20.5546.022; Mon, 22 Aug 2022 06:44:21 +0000
From: Kai Mindermann <kai.mindermann@ic-consult.com>
To: Manu Sporny <msporny@digitalbazaar.com>
CC: Stephen Farrell <stephen.farrell@cs.tcd.ie>, "cfrg@irtf.org" <cfrg@irtf.org>
Thread-Topic: [CFRG] options == bad?
Thread-Index: AQHYsxCCfn10zh6L9ku6UsX2AuOLKK20u4DAgANSagCAAm+w0A==
Date: Mon, 22 Aug 2022 06:44:21 +0000
Message-ID: <AM9P194MB12650FA2A0DC9B30AA60C805B6719@AM9P194MB1265.EURP194.PROD.OUTLOOK.COM>
References: <CH0PR11MB5739393F19DD5282E3D7EF549F6A9@CH0PR11MB5739.namprd11.prod.outlook.com> <CH0PR11MB5739557425DD3FDE5812D8479F6A9@CH0PR11MB5739.namprd11.prod.outlook.com> <4a3c52bf-d9b9-4e32-9f7f-f42256479906@beta.fastmail.com> <d9bd996d-0d2f-c313-80d2-3468cd4c956b@cs.tcd.ie> <CAMBN2CQ9+ZXAmz=5zRgpEfur9i=REwAOKsuZa5LEJfwvW4zcQQ@mail.gmail.com> <AM9P194MB1265C3C141951A47FEB315D5B66D9@AM9P194MB1265.EURP194.PROD.OUTLOOK.COM> <CAMBN2CT8W7AHzb-F_H1Q=4pXMUAo-8_+NpwttLodPNg0ZKsQMw@mail.gmail.com>
In-Reply-To: <CAMBN2CT8W7AHzb-F_H1Q=4pXMUAo-8_+NpwttLodPNg0ZKsQMw@mail.gmail.com>
Accept-Language: de-DE, en-US
Content-Language: de-DE
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_8c03c5b4-cdb1-4af6-a3a7-6ba071b42a99_ActionId=e397873f-9c34-4cd2-bfd9-89baad8b8e8e; MSIP_Label_8c03c5b4-cdb1-4af6-a3a7-6ba071b42a99_ContentBits=0; MSIP_Label_8c03c5b4-cdb1-4af6-a3a7-6ba071b42a99_Enabled=true; MSIP_Label_8c03c5b4-cdb1-4af6-a3a7-6ba071b42a99_Method=Standard; MSIP_Label_8c03c5b4-cdb1-4af6-a3a7-6ba071b42a99_Name=Public; MSIP_Label_8c03c5b4-cdb1-4af6-a3a7-6ba071b42a99_SetDate=2022-08-22T06:39:02Z; MSIP_Label_8c03c5b4-cdb1-4af6-a3a7-6ba071b42a99_SiteId=3ac65224-61ae-43a3-b5af-f6da3cac486c;
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=ic-consult.com;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 7db40921-d047-4e47-600d-08da8409bece
x-ms-traffictypediagnostic: AM9P194MB1380:EE_
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: ev4mc+gQlUG1LAzD064k1SEWpf4iQhWdr32FQPcbZnCwEw4aKM3sC4vKQhuve/KxBHbYatuDrkcIZER6HwhT40dIi/XQgFwQkHDEBPLTBFf6SQriYnowelTJNvMdykBASYXtHVrWAWiGWV2KmJ2LG854uHkO4AblaPPmhsUU/4YVLfeNWkLqbVU0sfAeGhs5LZqQcAwc7MBaaqU6rBAhWn4fGHR4QkQ51P/Ykr4O2ksmWBquflF/HR+XQZLwxSU/w217Hd+coQkp2Kyed0A7mIkZpWkNAPSMr3ZoSkj/afMPOyZibFR5fabOmUFW5RCtZRcWMnAEPDDPg+bD62ezIuEqRvtM7U6o6QrfxFASIt3lYvlx0x3MEswGjU6onHu4Lpe3SP8eRsEpqIhxiDAcYsy7Rb6MQyWXfpqU6AEM9gxPvpfUcIPrC1EIj+Lu/GyurzjhXqPqmQuUwZpxCh/J0sDy7/BzpMCCLFZZvb8dbY0amREttl1SnFxb4+5mCeAFYYvtl0kRGeIzkN+VPv7Jey8rN7Rd+dECQRZ8+yfqEPnV6OQBIudVDfmw1rY2M4UUAEikPj+uO4HsgbMHgBHhEF45Xcr0g8W7HwROsK42xQxzx3KejxbMzmb7jkMxS65zatIPAIzvN+u9gZBmxpBrs7fvOUEccyab60lUnYJ6DohB6Se1URWRxn0xxkbajBeNWhr4sDQ3Jp9DB9801NQ7GVGG02IDUxBsB8ZBCHN+fpAL8OEA5tnlH1kqaG3ufPb2q2bfuK/cy1mBGNro7PyXCMMT9bao91of6eGv0mW1674=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:AM9P194MB1265.EURP194.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(13230016)(4636009)(136003)(39840400004)(346002)(376002)(396003)(366004)(38070700005)(2906002)(53546011)(7696005)(6506007)(86362001)(33656002)(9686003)(83380400001)(478600001)(41300700001)(966005)(71200400001)(45080400002)(186003)(76116006)(66946007)(52536014)(55016003)(64756008)(316002)(66476007)(4326008)(8676002)(6916009)(54906003)(66556008)(66446008)(44832011)(8936002)(5660300002)(38100700002)(122000001); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: jb4ZvH6XB0ZwraELykYls0No06x9XciuL49IlhJhbvNsZgE025/A/NMWjE7QnLEEGYmy9RwQbE4Wrgu2szplUN2ecFyK4ToPwL1EL0nE/4G7KFRGmHjztEkQFoOgr6LVSG+9HJlFEZYvQJOlbJC8c03fnz9Y6ldf4d6rQb2UccnByC9+ZDaiNve0NvkLDP8SVDldw8zrzy3gH8qiy5onhyIcRD75eNdZEMTgE52v3ycQdFmI6pDe2Ok8aLMZBd1KTrUxtS8mwBNO0rWT1NFp/ocac1EDk9Axs6CGUY1Ww2R0lK5/bCnmEm5RHnWH2lHcUeQsLiVZOitDy91ms+w0Ybi9m6/pT0xnWLsuKgLhTQ6Ibj5N6D+dGsvTmmVDlDGGHuuvCerKcWHtg/v6Bm9D7xo3RboxoEvugWFh2entIBy6db8MiLIlU36EPRHcAm6q9IroUDi+ponDujZ0CNBCLiKgfdiW4gBwF0etxObn4LsRnSlrNXgeWPFGKq53RBb5dXb69vvev9teQPnh+wMA3vFaF83NUeBrkN0S6WFiojK6nqdJLIQLtlgMniakZiJyNQqH5vpc6QNKwk0LuDMlla5E7ZJrvQToX/kg9eySdP0OPoKm8w8/Viuf7nR94BnWapIhinxacGW2ux1Ka9rlCl/Y/3p1tLSN7k2GvbvKPWjWBEFciD9zxa5Ec1EjrYySitXtqCJPj0+W9Pw+p7nL7DhO6Wb22P0S4Q2MW66HhjgBmY+Rb0VKjFIuXv2vMRAW+BGwryPzshIGEZoJoM/p5yCv33Ov3zkUNTTqokgcH/ZkOWI/4ktnJbNVgmixo/OzKz1IGMDBPkf31s+Ckbr5Vtoht+al+j/a8zebh0Fg4rcx6Pn5uLB+2+VIeP5n+A/lo7CmSyCVVX35vJbQmPHoKtaJUd8nlW1aF509sx3Yw1AbKAwbbH1+FZ1huqV3pL367tib0nlu9F8gcsJ5uiIu1vvz/hMisjLrQ7QMn20Tiwo3bxOUF6Gpw5+yecXflaTKrX6mCrQcHX91Q3efDn7B4O6+J2TT21Dv9F4VTWTE6buxR+OHhh8YUfh8VJ31gHOLb/u9PCdHLVFRwJMAP2Mv75UdcgxtJ8oSlDeuc8v+VGZiyXOuXVJfC005CoqoHQFeVJqztdFGwM5aLhJgCRIj19NFD53xK8IO79K2L2i/4KGp+BZewXiMRWc+0yIPh3cKiFu1VflN0v7eJoxGwCPxRccVyYcHuwkxwtcY4nGLKlJao6ILWaCm8OgpaTX89rVnv/cY3yTnKTWnCK+0Ei/IJAZRBmNxWrisCPmtJBNpYZtKsuGhg14xdhiiTfElLmWIZXAlYv8iUMeB/IMl/Ldg+FWcRkCg1Zsf5bXLud5Wv2FOrHXPJK8ix/3ldm6RIDWuIt8sPQ3nJF3xISrliAgGbjZzAO/S+JCKko42YFR86A/krM+zDcvN2i+ucF+0NFcxtOpVllpamdFwZExqI3jM9BvrWyw7aW892S/DaGo7BLpeXODEvcBotyuw9wPWq7KW0cU3JzJYGKCLdJERIPIYhaX1JgYen9mUWP3a8XEyxQye+wb7zm3wqEPs7I2wpgHfMFA2Ky1YxGRTYCJqhw24vimrVP3aC3PUKl/gFliRvgoKQIAz9z0+YAUzOxdhNIFgKSUKXrlIiEoCGBMJpw/ykA==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: ic-consult.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: AM9P194MB1265.EURP194.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: 7db40921-d047-4e47-600d-08da8409bece
X-MS-Exchange-CrossTenant-originalarrivaltime: 22 Aug 2022 06:44:21.6634 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 3ac65224-61ae-43a3-b5af-f6da3cac486c
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: abeHz7EN1/eCPs7T/IWlUSmAqgudUdbMlEUGbuwvQIDRC0s/XfKhERD+vmnmJ3p1pkeAZG/IOYsJL6kzBQnzMieKuolDkIBF+EYcoik88+8=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM9P194MB1380
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/EyWCbbVtF8z3A9mKSkKzPHQ2CQA>
Subject: Re: [CFRG] options == bad?
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Mon, 22 Aug 2022 06:44:31 -0000

There wasn't that much of a response unfortunately then.

-----Ursprüngliche Nachricht-----
Von: Manu Sporny <msporny@digitalbazaar.com> 
Gesendet: Samstag, 20. August 2022 19:27
An: Kai Mindermann <kai.mindermann@ic-consult.com>
Cc: Stephen Farrell <stephen.farrell@cs.tcd.ie>; cfrg@irtf.org
Betreff: Re: [CFRG] options == bad?

On Thu, Aug 18, 2022 at 10:54 AM Kai Mindermann <kai.mindermann@ic-consult.com> wrote:
> sounds a lot like you are going for some of the ideas I presented/drafted in https://datatracker.ietf.org/doc/html/draft-kaimindermann-securecryptoconfig a while ago.

Interesting... I read through the entire draft. Yes, the concepts are very similar, though the W3C Verifiable Credentials WG isn't trying to go as far as establish cryptoconfigs (as you call them) for the world.
We're just trying to define them for the Verifiable Credential Data Integrity work by building on top of established options in the COSE/JOSE algorithms registry... but (ideally) whittling them down to "one secure set of parameters for using a specific modern digital signature algorithm (eg. ECDSA, EdDSA) for the next 5 years".

> Its of very big importance to leave as much of the decisions regarding crypto parameters to the crypto experts/libraries and only expose the needed parameters.

Yes, and the problem right now is that web developers (to take an example population) are choosing from ALL of the algorithms in the COSE/JOSE registry (without understanding what mixing any of the parameters together really means). The incentives for application-layer cryptography library implementers to implement algorithms in the registries are misaligned... the more algorithms and parameters they support, the more popular their library becomes (because no developer wants to switch out their cryptography libraries if they need to do something else in the future... so developers choose something that supports EVERYTHING! ... and then go on to make questionably uneducated guesses based on stackoverflow threads). Case in point: https://github.com/panva/jose

We've watched in horror as our cryptography software (17M weekly installs), which takes this "implement all the options kitchen sink approach", is used by inexperienced developers that continue to make some questionable parametric choices:
https://www.npmjs.com/package/node-forge

> (Of course, there can also still be an interface that allows all the possible parameters for power users / experts).

Yes, of course "expert interfaces" still need to exist... but be deactivated/turned off by default. Ideally, cryptographic suites are actively installed by the end developer as requirements for the application (and are not just randomly pulled in when you install the library). Use of deprecated/experimental features are explicitly turned on (with warnings spewed to the console /logs if possible).

> What I have no concrete idea about yet are tunable parameters, e.g. some of the argon2id parameters may depend on the runtime environment.

Yeah, that's more difficult, and we're not currently trying to tackle that beast. We're fairly narrowly focused on doing this correctly for digital signatures and key exchange. We'll have some proposals for CFRG to review in the coming months to see if we're on the right track.

Kai, what was the response to the concepts in your suggested I-D?

-- manu

--
Manu Sporny - https://www.linkedin.com/in/manusporny/
Founder/CEO - Digital Bazaar, Inc.
News: Digital Bazaar Announces New Case Studies (2021) https://www.digitalbazaar.com/

v2.23.0 | Report a Bug | By Email