Re: [Cfrg] Dynamic Key Changes on Encrypted Sessions.
"Paterson, Kenny" <Kenny.Paterson@rhul.ac.uk> Fri, 27 October 2017 09:22 UTC
Return-Path: <Kenny.Paterson@rhul.ac.uk>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 332AF13A9F5 for <cfrg@ietfa.amsl.com>; Fri, 27 Oct 2017 02:22:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.92
X-Spam-Level:
X-Spam-Status: No, score=-1.92 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=rhul.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YU2XbHg6-MRn for <cfrg@ietfa.amsl.com>; Fri, 27 Oct 2017 02:22:28 -0700 (PDT)
Received: from EUR03-DB5-obe.outbound.protection.outlook.com (mail-eopbgr40078.outbound.protection.outlook.com [40.107.4.78]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8291013A5CF for <cfrg@irtf.org>; Fri, 27 Oct 2017 02:22:26 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rhul.onmicrosoft.com; s=selector1-rhul-ac-uk; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=4cByOKICvQBNgnPQuUy5k5bmvZk1Butf3V4mg+iPu9k=; b=UEKe50uLhxfyiA6oyJggFh4q9RKOgdt4pSTNlhUiDrZdiYIaHts48lIg8+55b4MlhiIGTj33bR6/4RLkpbLAttZKbWDrLMvzAS88xpX9XgdDiI6mGhCqfcR/VmGXtAG/qNubPTMKHw2DEzMwf17yKj6lLvKR16P2FEL1Lgjgz24=
Received: from AM4PR0301MB1906.eurprd03.prod.outlook.com (10.168.2.156) by AM4PR0301MB1905.eurprd03.prod.outlook.com (10.168.2.155) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.178.6; Fri, 27 Oct 2017 09:22:23 +0000
Received: from AM4PR0301MB1906.eurprd03.prod.outlook.com ([fe80::adb1:d3e2:d068:a07]) by AM4PR0301MB1906.eurprd03.prod.outlook.com ([fe80::adb1:d3e2:d068:a07%13]) with mapi id 15.20.0178.007; Fri, 27 Oct 2017 09:22:23 +0000
From: "Paterson, Kenny" <Kenny.Paterson@rhul.ac.uk>
To: Peter Alexander <pipnflinx@gmail.com>, "cfrg@irtf.org" <cfrg@irtf.org>
Thread-Topic: [Cfrg] Dynamic Key Changes on Encrypted Sessions.
Thread-Index: AQHTToUxDalFOac93kqSKKIyxqaDbaL3fm+A
Date: Fri, 27 Oct 2017 09:22:23 +0000
Message-ID: <D618B988.A2B5F%kenny.paterson@rhul.ac.uk>
References: <CAH7Xz3fwZvQFgh2NdzHSToA_mQpyJ5ysKB2RkjeezAvOkHFHLQ@mail.gmail.com>
In-Reply-To: <CAH7Xz3fwZvQFgh2NdzHSToA_mQpyJ5ysKB2RkjeezAvOkHFHLQ@mail.gmail.com>
Accept-Language: en-GB, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/14.7.1.161129
authentication-results: spf=none (sender IP is ) smtp.mailfrom=Kenny.Paterson@rhul.ac.uk;
x-originating-ip: [134.219.227.30]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; AM4PR0301MB1905; 6:ylEx2OtUPCDjUxChWJ17aD/v+sFJVfQUGKNlkbeCUe4jcOHBjDgl0Gd3vmNreTs7FhETmjHJEuPALIT/Ze7BhfFx4NH6ovhpO3gbNZTm7I1sOBX3tj59mj1Igp01fa4jCJuhBkMjaa0FB/VUIYrdQA9fH/z7DhiFziUZJ8M2R6CPj976P9EtwrLDOMi8e0HyWiT8ga9jtTD6if/DO2uNWi/dj0jPbuZHs6NYOabSEgmBHwK/yFa6IhiSmrZDfHe+5MxE4JlUWTkXt3+/94E82DOA3oX/OFUmSewmYbO4+hpZDndz//bwihanFBq1oh9HYQ0gKzAeI5u0PKxF46UuzAmBWPTuxIJlVyc3wZ4MbdQ=; 5:/gxgyKaWI3a4DnVdDm0fZ/fibDNCkY+6gntEmisnhgv3/IPD5ZsPoPe8Q+VQRJ/tosN3ceu8gwRMbcdvyZsqYGBqZdzy0bMxNLRt8VfFtKRqVEBYZdXpHV4HqZApH3kiqClYkn+XCWHyrlXeCGwSRGq6r3xv3Yi+3yTaEqO7lh0=; 24:+Oai0uiEuKscySWEAsMyB8pqq8riRWYOgr3ZPVXBQFaNo68MXEDXr2tAO8/1fr1J6ULzRYcyGLXDnyC1sATdzPilP8k5DoqVHrzWFaVaNNM=; 7:gQtJjqZYR+sF9Oev3mTtOSiMzUoNa+5FXshIDKntLtQp08CfAI6tBhjPnUljKh3/om3YtVT+B1nRbmWesAen37Rk4NklCumIKGMx66HV9nfAki/T+1zocGh55N50Seq0kejj++DKbWs88o4Vk/pCpNq8BMhCSj3UULo2h1Bi3T81jwfqAxx39nVZw1+wFJXs6kSO2plYUivKxow/s3A6uuDyuoVg8IrBQj6pC2/4ESEUmmpt9+fv2y0jSmyBeqUZ
x-ms-exchange-antispam-srfa-diagnostics: SSOS;SSOR;
x-forefront-antispam-report: SFV:SKI; SCL:-1; SFV:NSPM; SFS:(10009020)(6009001)(376002)(346002)(189002)(24454002)(199003)(8676002)(101416001)(7736002)(74482002)(105586002)(81166006)(54356999)(86362001)(786003)(316002)(6486002)(106356001)(2900100001)(305945005)(5250100002)(58126008)(2501003)(110136005)(83506002)(8936002)(76176999)(81156014)(97736004)(6116002)(6306002)(68736007)(72206003)(966005)(53936002)(6246003)(6512007)(39060400002)(66066001)(42882006)(102836003)(3846002)(99286003)(2950100002)(3280700002)(14454004)(6436002)(478600001)(3660700001)(50986999)(25786009)(36756003)(189998001)(2906002)(6506006)(53546010)(5660300001)(413944005)(229853002); DIR:OUT; SFP:1101; SCL:1; SRVR:AM4PR0301MB1905; H:AM4PR0301MB1906.eurprd03.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en;
x-ms-office365-filtering-correlation-id: c56150c5-c14f-4ac8-ed41-08d51d1c3b35
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001)(4534020)(4602075)(4627075)(201703031133081)(201702281549075)(2017052603199); SRVR:AM4PR0301MB1905;
x-ms-traffictypediagnostic: AM4PR0301MB1905:
x-exchange-antispam-report-test: UriScan:(131327999870524);
x-microsoft-antispam-prvs: <AM4PR0301MB1905C331C2528B39AC7DB59BBC5A0@AM4PR0301MB1905.eurprd03.prod.outlook.com>
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(6040450)(2401047)(8121501046)(5005006)(3231020)(3002001)(10201501046)(100000703101)(100105400095)(93006095)(93001095)(6041248)(201703131423075)(201702281529075)(201702281528075)(201703061421075)(201703061406153)(20161123564025)(20161123555025)(20161123562025)(20161123558100)(20161123560025)(6072148)(201708071742011)(100000704101)(100105200095)(100000705101)(100105500095); SRVR:AM4PR0301MB1905; BCL:0; PCL:0; RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095); SRVR:AM4PR0301MB1905;
x-forefront-prvs: 0473A03F3F
received-spf: None (protection.outlook.com: rhul.ac.uk does not designate permitted sender hosts)
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="utf-8"
Content-ID: <1AF44E51C99FC74C8B79C97FEB16522B@eurprd03.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: rhul.ac.uk
X-MS-Exchange-CrossTenant-Network-Message-Id: c56150c5-c14f-4ac8-ed41-08d51d1c3b35
X-MS-Exchange-CrossTenant-originalarrivaltime: 27 Oct 2017 09:22:23.1691 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 2efd699a-1922-4e69-b601-108008d28a2e
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM4PR0301MB1905
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/GAPJyNuuWvIHNedCkrHZmxjF-ko>
Subject: Re: [Cfrg] Dynamic Key Changes on Encrypted Sessions.
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Fri, 27 Oct 2017 09:22:30 -0000
Dear Peter, Thanks for bringing this to the list. You might find this ID interesting to look at in the context of your work: https://tools.ietf.org/html/draft-irtf-cfrg-re-keying-08 Regards Kenny On 26/10/2017 19:06, "Cfrg on behalf of Peter Alexander" <cfrg-bounces@irtf.org on behalf of pipnflinx@gmail.com> wrote: >Greetings everyone, > > >I have tried sending this message before but it was getting blocked. So I >am trying again :) > > >Eliot Lear from the SAGG mailing list pointed me in your direction. Have >been meaning to post but got busy. > > > > > >Briefly; > > >I co-invented a VPN-like method for securing transmissions where >encryption keys could be changed without having to tear-down, and rebuild >the entire session. At the time we also tried to patent the technology >but essentially ran > out of funding. The organization has since dissolved. This was back in >2010. Given that the invention always sparked interest, but never truly >gone anywhere I would like to begin the process of opening it up to a >wider audience. > > >What follows are a few of the high-level design elements which we thought >were unique to the art. > > >- Dynamic key changes during encrypted sessions (no need to restart) >- Initial key exchange agnostic. Ex: Possible to use IPSec/DH exchange to >build initial tunnel >- Packets containing keys are obfuscated using upto three methods >- Can also utilize locally stored key arrays. Sending index of key >instead of key itself. > > >We were able to come up with working code (Linux 2.6 kernel & Android >Gingerbread), which I can share once I remove the proprietary crypto >libraries. I also have all of the documentation/presentation slides that >I authored at the > time. > > >Kindly let me know if this is something worth moving forward with. I am >open to discussion/criticism as needed. > > >Cheers! >
- [Cfrg] Dynamic Key Changes on Encrypted Sessions. Peter Alexander
- Re: [Cfrg] Dynamic Key Changes on Encrypted Sessi… Paterson, Kenny
- Re: [Cfrg] Dynamic Key Changes on Encrypted Sessi… Peter Alexander