Re: [Cfrg] [secdir] ISE seeks help with some crypto drafts
Paul Wouters <paul@nohats.ca> Fri, 08 March 2019 17:52 UTC
Return-Path: <paul@nohats.ca>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9B93F1313FB for <cfrg@ietfa.amsl.com>; Fri, 8 Mar 2019 09:52:37 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=nohats.ca
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8_yEBq2zoEp1 for <cfrg@ietfa.amsl.com>; Fri, 8 Mar 2019 09:52:34 -0800 (PST)
Received: from mx.nohats.ca (mx.nohats.ca [IPv6:2a03:6000:1004:1::68]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 48E6C1313EC for <cfrg@irtf.org>; Fri, 8 Mar 2019 09:52:34 -0800 (PST)
Received: from localhost (localhost [IPv6:::1]) by mx.nohats.ca (Postfix) with ESMTP id 44GFSv4Tmlz3FX; Fri, 8 Mar 2019 18:52:31 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nohats.ca; s=default; t=1552067551; bh=vkHYbBtHSCZRc+1fHDomfSZ+nogu/C5BTd6Or9UuxCc=; h=Date:From:To:cc:Subject:In-Reply-To:References; b=kzTCpDwg6kq+JKG6GS/1ForAzwtiujZpGvj1SOhC+gN0ztu0OlsRaLcKnoeDByfk9 9Fxu9nTvWwtIQuxv3b8dq1PiAnqGggw41AC7zjitZFLAAana4xCKR3gvxh0nxkgnww CLKQSJjNKVXbaThFbnZXDsMjShWhmFpPzXG6P8Ms=
X-Virus-Scanned: amavisd-new at mx.nohats.ca
Received: from mx.nohats.ca ([IPv6:::1]) by localhost (mx.nohats.ca [IPv6:::1]) (amavisd-new, port 10024) with ESMTP id fGgMdu0jpCce; Fri, 8 Mar 2019 18:52:28 +0100 (CET)
Received: from bofh.nohats.ca (bofh.nohats.ca [76.10.157.69]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx.nohats.ca (Postfix) with ESMTPS; Fri, 8 Mar 2019 18:52:27 +0100 (CET)
Received: by bofh.nohats.ca (Postfix, from userid 1000) id A18425C856; Fri, 8 Mar 2019 12:52:26 -0500 (EST)
DKIM-Filter: OpenDKIM Filter v2.11.0 bofh.nohats.ca A18425C856
Received: from localhost (localhost [127.0.0.1]) by bofh.nohats.ca (Postfix) with ESMTP id 99A42411602B; Fri, 8 Mar 2019 12:52:26 -0500 (EST)
Date: Fri, 08 Mar 2019 12:52:26 -0500
From: Paul Wouters <paul@nohats.ca>
To: "RFC ISE (Adrian Farrel)" <rfc-ise@rfc-editor.org>
cc: cfrg@irtf.org, secdir <secdir@ietf.org>
In-Reply-To: <1d8de489fc976b63a911573300a431d4.squirrel@www.amsl.com>
Message-ID: <alpine.LRH.2.21.1903081227200.30421@bofh.nohats.ca>
References: <1d8de489fc976b63a911573300a431d4.squirrel@www.amsl.com>
User-Agent: Alpine 2.21 (LRH 202 2017-01-01)
MIME-Version: 1.0
Content-Type: text/plain; format="flowed"; charset="US-ASCII"
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/AWK32U7Yd0Xaxc0Lc5h__qGUKaQ>
Subject: Re: [Cfrg] [secdir] ISE seeks help with some crypto drafts
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Fri, 08 Mar 2019 17:52:38 -0000
On Fri, 8 Mar 2019, RFC ISE (Adrian Farrel) wrote: > Hi CFRG and SecDir, > > Ted Krovetz has asked for publication of ... > > https://datatracker.ietf.org/doc/draft-krovetz-ocb-wideblock/ > ....and... > https://datatracker.ietf.org/doc/draft-krovetz-rc6-rc5-vectors/ > > ....in the Independent Stream. > > These are both currently in expired state, but available in the archive. > > At this stage I am looking to know whether anyone feels that publication > would be a bad thing: > - at this stage > - ever I have strong reservations about the ocb draft. Rogaway has patents on OCB, and has put constrains on its use and there is no generic IPR statement that the IETF normally likes to see for work published as RFC. Until such a time, I do not think publishing RFC's with OCB is advised. A few years ago I asked the TLS OCB authors about extending their allowed usage to IKE/IPsec and they told me this use was not covered by Rogaway's license to them. While this has since changed a bit, and there is no longer a specific TLS-only license, other constrains are still in place. Specifying OCB documents that cannot be implemented or deployed indiscriminatory is troublesome. Patents: http://www.cs.ucdavis.edu/~rogaway/ocb/ocb-faq.htm#patent:phil "I license OCB under fair, reasonable, and non-discriminatory terms, with licensees paying a modest one-time fee." "I freely license OCB for most (but not all) settings." And just before that, discriminatory terms are cited for current use: "there is one license grant for open-source software; one for non-military software; and a third done just for OpenSSL." See also http://web.cs.ucdavis.edu/~rogaway/ocb/offer.htm Second, I'm not a cryptographer, but it seems OCB has recently seen some attacks that might impact the security of OCB: Cryptanalysis of OCB2 https://eprint.iacr.org/2018/1040 Breaking the confidentiality of OCB2 https://eprint.iacr.org/2018/1087 Plaintext Recovery Attack of OCB2 https://eprint.iacr.org/2018/1090 Note these publications are newer than the publication date of the draft, so it would be good to discuss this with the draft author or with CFRG to see how applicable these attacks are to the draft document. I have no specific remarks about the rc5-rc6 document. It seems useful to have test vectors, but I am not aware of any IETF protocol using RC5 or RC6, in which case it might not make sense for the IETF to publish these test vectors and another standards body might be more appropriate. Paul
- Re: [Cfrg] dragonfly, was: Re: Time to recharter … Peter Gutmann
- Re: [Cfrg] dragonfly, was: Re: Time to recharter … Dan Harkins
- Re: [Cfrg] dragonfly, was: Re: Time to recharter … Andy Lutomirski
- [Cfrg] ISE seeks help with some crypto drafts RFC ISE (Adrian Farrel)
- Re: [Cfrg] [secdir] ISE seeks help with some cryp… Paul Wouters
- Re: [Cfrg] ISE seeks help with some crypto drafts Salz, Rich
- Re: [Cfrg] ISE seeks help with some crypto drafts David Wong
- Re: [Cfrg] ISE seeks help with some crypto drafts D. J. Bernstein
- Re: [Cfrg] [secdir] ISE seeks help with some cryp… Tony Arcieri
- Re: [Cfrg] [secdir] ISE seeks help with some cryp… Blumenthal, Uri - 0553 - MITLL
- Re: [Cfrg] [secdir] ISE seeks help with some cryp… Stephen Farrell
- Re: [Cfrg] [secdir] ISE seeks help with some cryp… Tony Arcieri
- Re: [Cfrg] ISE seeks help with some crypto drafts Dan Brown
- Re: [Cfrg] ISE seeks help with some crypto drafts John Mattsson
- Re: [Cfrg] ISE seeks help with some crypto drafts Tony Arcieri
- Re: [Cfrg] ISE seeks help with some crypto drafts Aaron Zauner
- Re: [Cfrg] ISE seeks help with some crypto drafts Aaron Zauner
- Re: [Cfrg] ISE seeks help with some crypto drafts Aaron Zauner
- Re: [Cfrg] ISE seeks help with some crypto drafts mcgrew
- Re: [Cfrg] ISE seeks help with some crypto drafts Aaron Zauner
- Re: [Cfrg] ISE seeks help with some crypto drafts Tony Arcieri
- Re: [Cfrg] ISE seeks help with some crypto drafts Ted Krovetz
- Re: [Cfrg] ISE seeks help with some crypto drafts Paul Hoffman
- Re: [Cfrg] ISE seeks help with some crypto drafts Tony Arcieri
- Re: [Cfrg] ISE seeks help with some crypto drafts Blumenthal, Uri - 0553 - MITLL
- Re: [Cfrg] [secdir] ISE seeks help with some cryp… Paul Wouters
- Re: [Cfrg] [secdir] ISE seeks help with some cryp… Watson Ladd
- Re: [Cfrg] [secdir] ISE seeks help with some cryp… Blumenthal, Uri - 0553 - MITLL
- Re: [Cfrg] [secdir] ISE seeks help with some cryp… Paul Wouters
- Re: [Cfrg] [secdir] ISE seeks help with some cryp… Paul Hoffman
- Re: [Cfrg] [secdir] ISE seeks help with some cryp… S Moonesamy
- Re: [Cfrg] [secdir] ISE seeks help with some cryp… Benjamin Kaduk
- Re: [Cfrg] [secdir] ISE seeks help with some cryp… Uri Blumenthal
- Re: [Cfrg] [secdir] ISE seeks help with some cryp… Ted Krovetz
- Re: [Cfrg] [secdir] ISE seeks help with some cryp… Benjamin Kaduk
- Re: [Cfrg] [secdir] ISE seeks help with some cryp… Tony Arcieri
- Re: [Cfrg] [secdir] ISE seeks help with some cryp… Uri Blumenthal
- Re: [Cfrg] [secdir] ISE seeks help with some cryp… Stephen Farrell
- Re: [Cfrg] [secdir] ISE seeks help with some cryp… Blumenthal, Uri - 0553 - MITLL
- Re: [Cfrg] [secdir] ISE seeks help with some cryp… Tony Arcieri
- [Cfrg] Time to recharter CFRG as a working group?… StJohns, Michael
- Re: [Cfrg] Time to recharter CFRG as a working gr… Tony Arcieri
- Re: [Cfrg] Time to recharter CFRG as a working gr… Blumenthal, Uri - 0553 - MITLL
- Re: [Cfrg] ISE seeks help with some crypto drafts Peter Gutmann
- Re: [Cfrg] ISE seeks help with some crypto drafts Salz, Rich
- Re: [Cfrg] ISE seeks help with some crypto drafts Salz, Rich
- Re: [Cfrg] Time to recharter CFRG as a working gr… John Mattsson
- Re: [Cfrg] [secdir] ISE seeks help with some cryp… Valery Smyslov
- Re: [Cfrg] Time to recharter CFRG as a working gr… Mathy Vanhoef
- Re: [Cfrg] dragonfly, was: Re: Time to recharter … Peter Gutmann
- Re: [Cfrg] Time to recharter CFRG as a working gr… Michael StJohns
- Re: [Cfrg] Time to recharter CFRG as a working gr… Richard Barnes
- Re: [Cfrg] Time to recharter CFRG as a working gr… Salz, Rich
- Re: [Cfrg] Time to recharter CFRG as a working gr… Stephen Farrell
- Re: [Cfrg] Time to recharter CFRG as a working gr… Michael StJohns
- Re: [Cfrg] Time to recharter CFRG as a working gr… denis bider
- Re: [Cfrg] Time to recharter CFRG as a working gr… Blumenthal, Uri - 0553 - MITLL
- Re: [Cfrg] Time to recharter CFRG as a working gr… Richard Barnes
- Re: [Cfrg] Time to recharter CFRG as a working gr… Daniel Kahn Gillmor
- Re: [Cfrg] Time to recharter CFRG as a working gr… Michael StJohns
- Re: [Cfrg] Time to recharter CFRG as a working gr… Paterson Kenneth
- Re: [Cfrg] [secdir] Time to recharter CFRG as a w… Paul Wouters
- Re: [Cfrg] [secdir] Time to recharter CFRG as a w… Uri Blumenthal
- Re: [Cfrg] [secdir] Time to recharter CFRG as a w… Tony Arcieri
- Re: [Cfrg] [secdir] Time to recharter CFRG as a w… Tony Arcieri
- Re: [Cfrg] [secdir] Time to recharter CFRG as a w… Paterson Kenneth
- Re: [Cfrg] [secdir] Time to recharter CFRG as a w… denis bider
- Re: [Cfrg] [secdir] Time to recharter CFRG as a w… Watson Ladd
- Re: [Cfrg] [secdir] Time to recharter CFRG as a w… Melinda Shore
- Re: [Cfrg] [secdir] Time to recharter CFRG as a w… Uri Blumenthal
- Re: [Cfrg] [secdir] Time to recharter CFRG as a w… denis bider
- Re: [Cfrg] [secdir] Time to recharter CFRG as a w… Martin Thomson
- Re: [Cfrg] [secdir] Time to recharter CFRG as a w… Peter Gutmann
- Re: [Cfrg] [secdir] Time to recharter CFRG as a w… Melinda Shore
- Re: [Cfrg] Time to recharter CFRG as a working gr… mcgrew
- Re: [Cfrg] [secdir] Time to recharter CFRG as a w… Donald Eastlake
- Re: [Cfrg] Time to recharter CFRG as a working gr… Michael StJohns
- Re: [Cfrg] Time to recharter CFRG as a working gr… mcgrew
- Re: [Cfrg] Time to recharter CFRG as a working gr… StJohns, Michael
- Re: [Cfrg] Time to recharter CFRG as a working gr… Stephen Farrell
- Re: [Cfrg] Time to recharter CFRG as a working gr… Martin Thomson
- [Cfrg] dragonfly, was: Re: Time to recharter CFRG… Dan Harkins
- Re: [Cfrg] dragonfly, was: Re: Time to recharter … Tony Arcieri
- Re: [Cfrg] dragonfly, was: Re: Time to recharter … Björn Haase
- Re: [Cfrg] ISE seeks help with some crypto drafts Eric Rescorla
- Re: [Cfrg] ISE seeks help with some crypto drafts Blumenthal, Uri - 0553 - MITLL
- Re: [Cfrg] ISE seeks help with some crypto drafts Blumenthal, Uri - 0553 - MITLL
- Re: [Cfrg] ISE seeks help with some crypto drafts Eric Rescorla
- Re: [Cfrg] ISE seeks help with some crypto drafts mcgrew
- Re: [Cfrg] ISE seeks help with some crypto drafts Blumenthal, Uri - 0553 - MITLL
- Re: [Cfrg] ISE seeks help with some crypto drafts mcgrew
- Re: [Cfrg] ISE seeks help with some crypto drafts Ted Krovetz
- Re: [Cfrg] ISE seeks help with some crypto drafts Benjamin Kaduk