Re: [Cfrg] [MASSMAIL]Re: RGLC on draft-irtf-cfrg-xmss-hash-based-signatures-03.txt

"Grigory Marshalko" <marshalko_gb@tc26.ru> Tue, 22 March 2016 19:09 UTC

Return-Path: <marshalko_gb@tc26.ru>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E28DA12D176 for <cfrg@ietfa.amsl.com>; Tue, 22 Mar 2016 12:09:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.002
X-Spam-Level:
X-Spam-Status: No, score=-2.002 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=tc26.ru
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hz4POlcgdbiJ for <cfrg@ietfa.amsl.com>; Tue, 22 Mar 2016 12:09:09 -0700 (PDT)
Received: from mail.tc26.ru (mail.tc26.ru [188.40.163.82]) by ietfa.amsl.com (Postfix) with ESMTP id F3C3412D7A4 for <cfrg@irtf.org>; Tue, 22 Mar 2016 12:09:08 -0700 (PDT)
Received: from mail.tc26.ru (localhost [127.0.0.1]) by mail.tc26.ru (Postfix) with ESMTPSA id 2E9F43001C0; Tue, 22 Mar 2016 22:09:03 +0300 (MSK)
DKIM-Filter: OpenDKIM Filter v2.10.3 mail.tc26.ru 2E9F43001C0
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tc26.ru; s=mx; t=1458673746; bh=j8mIXF8DsVsouzHfmCHCmIhRLd/q19Fy/lgleJK9ZG8=; h=Date:From:Subject:To:Cc:In-Reply-To:References:From; b=HrGIzxEtglXQU779qgaARjNqLioJBO5j+sZnUDpBQ5MQ/I62gR24v5yrRWlSztRdK UyP/PM58mDIWbYKph2K6fnVqd6MedM3/pjjQxiNNt2He3QQEALUL1d/LUM18bovjWG AR8yPO/90xs748MCnBBEsz9CrzczPw8oeUUPVXmk=
Mime-Version: 1.0
Date: Tue, 22 Mar 2016 19:09:02 +0000
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Message-ID: <19bf79246196105503f046efa27ebc76@mail.tc26.ru>
X-Mailer: RainLoop/1.9.3.365
From: Grigory Marshalko <marshalko_gb@tc26.ru>
To: "A. Huelsing" <ietf@huelsing.net>, Russ Housley <housley@vigilsec.com>, Gilles Van Assche <gilles.vanassche@st.com>
In-Reply-To: <56EFCFF7.30405@huelsing.net>
References: <56EFCFF7.30405@huelsing.net> <56E9B7E2.7050105@isode.com> <56EC2EAB.3080707@st.com> <3F156D2A-326B-4A05-90BF-86AD6F6278C2@vigilsec.com>
X-KLMS-Rule-ID: 1
X-KLMS-Message-Action: clean
X-KLMS-AntiSpam-Lua-Profiles: 93437 [Mar 22 2016]
X-KLMS-AntiSpam-Version: 5.5.9.33
X-KLMS-AntiSpam-Envelope-From: marshalko_gb@tc26.ru
X-KLMS-AntiSpam-Rate: 0
X-KLMS-AntiSpam-Status: not_detected
X-KLMS-AntiSpam-Method: none
X-KLMS-AntiSpam-Moebius-Timestamps: 4026991, 4027022, 4026590
X-KLMS-AntiSpam-Info: LuaCore: 415 415 56d27afa4611b5fc17406ce7708f83a66d615280, 127.0.0.200:7.1.3; tc26.ru:7.1.1; www.irtf.org:7.1.1; d41d8cd98f00b204e9800998ecf8427e.com:7.1.1; 127.0.0.199:7.1.2; mail.tc26.ru:7.1.1, Auth:dkim=none
X-KLMS-AntiSpam-Interceptor-Info: scan successful
X-KLMS-AntiPhishing: Clean, 2016/03/21 09:45:52
X-KLMS-AntiVirus: Kaspersky Security 8.0 for Linux Mail Server, version 8.0.1.721, bases: 2016/03/22 05:25:00 #7302786
X-KLMS-AntiVirus-Status: Clean, skipped
Archived-At: <http://mailarchive.ietf.org/arch/msg/cfrg/3eiXD51ze9pNzGr5IJqyYqzY3Q8>
Cc: cfrg@irtf.org
Subject: Re: [Cfrg] [MASSMAIL]Re: RGLC on draft-irtf-cfrg-xmss-hash-based-signatures-03.txt
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Tue, 22 Mar 2016 19:09:11 -0000

I think a good approach for the first step is to use hash/block cipher algos that are already described in informational RFCs: as for hashes, say, SHA-2 family, Blake2, Streebog etc. It is rather convenient, since implementors could have a reasonable choice from the beginning and all descriptions could be found at the same place, written in the same manner. 
Regards,
Grigory Marshalko,
expert,
Technical committee for standardisation "Cryptography and security mechanisms" (TC 26)
www.tc26.ru


21 марта 2016 г., 13:42, "A. Huelsing" <ietf@huelsing.net> написал:
> Our reasoning behind choosing SHA2 for the first parameter sets was
> based on the availability of implementations in the field.
> However, this selection is not exclusive! We even describe in the
> document what has to be done to define parameter sets
> based on other hash functions / block ciphers.
> 
> I think it is a question for cfrg if we want to include parameters based
> on different hash functions in this state. I guess we can easily
> include SHA3 parameters as optional if someone provides us with a
> section describing how the different function families are instantiated
> using SHA3.
> 
> Andreas
> 
> On 03/18/16 19:19, Russ Housley wrote:
> 
>> The SHA-2 family of hash functions and the SHA-3 family of hash functions have the same security.
>> They do not have the same performance in many computing environments, so I do not think it is
>> appropriate to exclusively require the SHA-3 family of hash functions.
>> 
>> Russ
>> 
>> On Mar 18, 2016, at 12:36 PM, Gilles Van Assche wrote:
>> 
>>> Dear all,
>>> 
>>> As obvious as it may sound from a co-designer of Keccak, I nevertheless
>>> think that the proposed scheme should also support FIPS 202 instances.
>>> 
>>> The same comment goes for draft-mcgrew-hash-sigs and, in general, new
>>> proposals from the CFRG. Modern schemes should use modern hash standards.
>>> 
>>> Kind regards,
>>> Gilles
>>> 
>>> On 16/03/16 20:45, Alexey Melnikov wrote:
>>>> This message starts 4 weeks RGLC on
>>>> draft-irtf-cfrg-xmss-hash-based-signatures-03.txt (XMSS: Extended
>>>> Hash-Based Signatures) which will end on April 13th. Please let chairs
>>>> know if you think the document is ready for IRSG review (and publication
>>>> as an RFC) or if you find any issues with it.
>>>> 
>>>> Best Regards,
>>>> Kenny and Alexey
>> 
>> _______________________________________________
>> Cfrg mailing list
>> Cfrg@irtf.org
>> https://www.irtf.org/mailman/listinfo/cfrg
> 
> _______________________________________________
> Cfrg mailing list
> Cfrg@irtf.org
> https://www.irtf.org/mailman/listinfo/cfrg