Re: [Cfrg] malicious DH base points [was Re: should the CFRG really strive for consensus?]

"Paterson, Kenny" <Kenny.Paterson@rhul.ac.uk> Sat, 03 January 2015 17:29 UTC

Return-Path: <Kenny.Paterson@rhul.ac.uk>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 749F11A90D2 for <cfrg@ietfa.amsl.com>; Sat, 3 Jan 2015 09:29:14 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.902
X-Spam-Level:
X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SkCh9zGaMR_j for <cfrg@ietfa.amsl.com>; Sat, 3 Jan 2015 09:29:12 -0800 (PST)
Received: from emea01-am1-obe.outbound.protection.outlook.com (mail-am1on0653.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe00::653]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B0CBE1A90B7 for <cfrg@irtf.org>; Sat, 3 Jan 2015 09:29:11 -0800 (PST)
Received: from DBXPR03MB383.eurprd03.prod.outlook.com (10.141.10.15) by DBXPR03MB382.eurprd03.prod.outlook.com (10.141.10.12) with Microsoft SMTP Server (TLS) id 15.1.49.12; Sat, 3 Jan 2015 17:28:47 +0000
Received: from DBXPR03MB383.eurprd03.prod.outlook.com ([10.141.10.15]) by DBXPR03MB383.eurprd03.prod.outlook.com ([10.141.10.15]) with mapi id 15.01.0049.002; Sat, 3 Jan 2015 17:28:47 +0000
From: "Paterson, Kenny" <Kenny.Paterson@rhul.ac.uk>
To: Christoph Anton Mitterer <calestyo@scientia.net>, "cfrg@irtf.org" <cfrg@irtf.org>
Thread-Topic: [Cfrg] malicious DH base points [was Re: should the CFRG really strive for consensus?]
Thread-Index: AdAlEKR+j0vH2sKEQBKKNUfeAAj9hwAApFCAACszC4AACZplgABlEtMA
Date: Sat, 3 Jan 2015 17:28:46 +0000
Message-ID: <D0CDD192.3B6AB%kenny.paterson@rhul.ac.uk>
References: <20141231154418.6639764.33790.24403@certicom.com> <D0C9CE59.3B14A%kenny.paterson@rhul.ac.uk> <CALqxMTHaBg-XRWpQiLN5zo11=b24q8OgE6g0X_7F2nbtS+6FnA@mail.gmail.com> <1420132477.4562.6.camel@scientia.net>
In-Reply-To: <1420132477.4562.6.camel@scientia.net>
Accept-Language: en-GB, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/14.4.7.141117
x-originating-ip: [78.146.61.145]
authentication-results: spf=none (sender IP is ) smtp.mailfrom=Kenny.Paterson@rhul.ac.uk;
x-dmarcaction: None
x-microsoft-antispam: BCL:0;PCL:0;RULEID:(3005003);SRVR:DBXPR03MB382;
x-exchange-antispam-report-test: UriScan:;
x-exchange-antispam-report-cfa-test: BCL:0;PCL:0;RULEID:;SRVR:DBXPR03MB382;
x-forefront-prvs: 0445A82F82
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(6009001)(479174004)(24454002)(199003)(377424004)(51704005)(189002)(68736005)(93886004)(64706001)(92566001)(62966003)(122556002)(40100003)(101416001)(50986999)(31966008)(2501002)(54356999)(77096005)(105586002)(15975445007)(87936001)(102836002)(2656002)(120916001)(74482002)(21056001)(46102003)(66066001)(99396003)(97736003)(19580395003)(19580405001)(106356001)(76176999)(20776003)(2900100001)(77156002)(107886001)(83506001)(36756003)(2950100001)(4396001)(86362001)(107046002); DIR:OUT; SFP:1101; SCL:1; SRVR:DBXPR03MB382; H:DBXPR03MB383.eurprd03.prod.outlook.com; FPR:; SPF:None; MLV:sfv; PTR:InfoNoRecords; A:1; MX:1; LANG:en;
received-spf: None (protection.outlook.com: rhul.ac.uk does not designate permitted sender hosts)
Content-Type: text/plain; charset="us-ascii"
Content-ID: <3A51D54E715D0944A8A3F05779F49927@eurprd03.prod.outlook.com>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: rhul.ac.uk
X-MS-Exchange-CrossTenant-originalarrivaltime: 03 Jan 2015 17:28:46.9919 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 2efd699a-1922-4e69-b601-108008d28a2e
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DBXPR03MB382
Archived-At: http://mailarchive.ietf.org/arch/msg/cfrg/1PmEtdvAcZrWq98W39PKYs2u4YU
Subject: Re: [Cfrg] malicious DH base points [was Re: should the CFRG really strive for consensus?]
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Sat, 03 Jan 2015 17:29:14 -0000

Hi,

On 01/01/2015 17:14, "Christoph Anton Mitterer" <calestyo@scientia.net>
wrote:

>On Thu, 2015-01-01 at 13:39 +0100, Adam Back wrote:
>> Seems like on
>> topic and to the point, not spam.
>plus: it seems kinda dangerous to me, if certain topics are more or
>less... well not forbidden, but at least "moderated to silence".

In general, I agree of course. But there was sufficient "mainstream"
activity going on on the list over the last few days that I wanted to try
to keep things a bit more focussed. T

And as Adam Langley and others have pointed out, no-one seriously believes
that the choice of base point has any security impact (a more refined
statement about this to which I can subscribe can be found at the bottom
of the safecurves page here: http://safecurves.cr.yp.to/rigid.html). Of
course, it does matter for other reasons, like compatibility with already
deployed code, but that's NOT what was being discussed in the thread.

>
>CFRG should be really open, even if this includes more wood and less
>trees,

I think you mean "more trees, less wood". The metaphor is "not being able
to see the wood for the trees", the "wood" referring to the whole
collection of trees, that is, the bigger picture. Anyway... what we want
here is lots of trees AND wood, but the right amounts and types of the two
different things at the right times. My message was about trying to keep
the balance right.

>... trust is very important and if people feel that some
>topics/questions/concerns might have been suppressed, CFRG will have the
>same problems as NIST.

Agreed. If you or anyone else reviews the list and comes to think that a
topic is important at the current time AND has received insufficient
attention on the list to date, then they are of course at liberty to post
on it. Even more so if they think something important is being
"suppressed".

Cheers,

Kenny