IETF Logo Mail Archive

Re: [Cfrg] TLS PRF security proof?

Peter Gutmann <pgut001@cs.auckland.ac.nz> Wed, 09 July 2014 05:58 UTC

Return-Path: <pgut001@cs.auckland.ac.nz>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 96CDD1A034B for <cfrg@ietfa.amsl.com>; Tue, 8 Jul 2014 22:58:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.551
X-Spam-Level:
X-Spam-Status: No, score=-2.551 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RP_MATCHES_RCVD=-0.651] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GKlmDdny1JnF for <cfrg@ietfa.amsl.com>; Tue, 8 Jul 2014 22:58:18 -0700 (PDT)
Received: from mx2.auckland.ac.nz (mx2.auckland.ac.nz [130.216.125.245]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6D1AF1A033D for <cfrg@irtf.org>; Tue, 8 Jul 2014 22:58:16 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=auckland.ac.nz; i=@auckland.ac.nz; q=dns/txt; s=uoa; t=1404885498; x=1436421498; h=from:to:subject:date:message-id: content-transfer-encoding:mime-version; bh=T6vmngBwy8hQHlWeXWG/RkbFh4ppdLH0/I2TE/+ZRH0=; b=D8bojeWWKu269O/TOrY4XQmBXBYR4/e071QQOVrSr7bMM+Oao9s57a5Y v3Jm/jfiYGKVPuAXCvzD7KmP0sk4/2CGcE44PmeMSRq7gYtNlOOCmU3Ze Mg5H6j96q+V3I9itbfCKo3aOA+XbRVD7nJOKqReAQ9SihyobcBc35YTtN E=;
X-IronPort-AV: E=Sophos;i="5.01,630,1399982400"; d="scan'208";a="262705756"
X-Ironport-HAT: MAIL-SERVERS - $RELAYED
X-Ironport-Source: 130.216.4.106 - Outgoing - Outgoing
Received: from uxchange10-fe2.uoa.auckland.ac.nz ([130.216.4.106]) by mx2-int.auckland.ac.nz with ESMTP/TLS/AES128-SHA; 09 Jul 2014 17:58:15 +1200
Received: from UXCN10-TDC06.UoA.auckland.ac.nz ([169.254.11.9]) by uxchange10-fe2.UoA.auckland.ac.nz ([169.254.27.86]) with mapi id 14.03.0174.001; Wed, 9 Jul 2014 17:58:15 +1200
From: Peter Gutmann <pgut001@cs.auckland.ac.nz>
To: "cfrg@irtf.org" <cfrg@irtf.org>
Thread-Topic: [Cfrg] TLS PRF security proof?
Thread-Index: Ac+bOsU0ejwpgQmhSCWZTwrxuwCGbQ==
Date: Wed, 09 Jul 2014 05:58:13 +0000
Message-ID: <9A043F3CF02CD34C8E74AC1594475C738E869BF3@uxcn10-tdc06.UoA.auckland.ac.nz>
Accept-Language: en-NZ, en-GB, en-US
Content-Language: en-NZ
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [130.216.158.4]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: http://mailarchive.ietf.org/arch/msg/cfrg/7P5PgX6gb21ivhLqK-s13oo_lVo
Subject: Re: [Cfrg] TLS PRF security proof?
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Wed, 09 Jul 2014 05:58:23 -0000

Dan Brown <dbrown@certicom.com> writes:

>Would it be useful if CFRG were to publish a recommended PRF?

Already done, just use HKDF, RFC 5869.  The problem isn't publishing it, it's
getting it adopted, so far each and every standards group has seen fit to
invent their own incompatible PRF/KDF, and I'm not sure what size gun you'd
need to hold to everyone's head to get them to agree to standardise on HKDF
(or anything els for that matter).

Peter.

v2.23.0 | Report a Bug | By Email