IETF Logo Mail Archive

Re: [Cfrg] RFC 5742 conflict review for draft-dolmatov-kuznyechik

"Blumenthal, Uri - 0553 - MITLL" <uri@ll.mit.edu> Tue, 02 February 2016 21:59 UTC

Return-Path: <prvs=1840752f4a=uri@ll.mit.edu>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C44BC1A00A1 for <cfrg@ietfa.amsl.com>; Tue, 2 Feb 2016 13:59:39 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, MIME_QP_LONG_LINE=0.001, RP_MATCHES_RCVD=-0.001, UNPARSEABLE_RELAY=0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wnulojWpWSpE for <cfrg@ietfa.amsl.com>; Tue, 2 Feb 2016 13:59:38 -0800 (PST)
Received: from llmx2.ll.mit.edu (LLMX2.LL.MIT.EDU [129.55.12.48]) by ietfa.amsl.com (Postfix) with ESMTP id 2D26C1A009E for <cfrg@irtf.org>; Tue, 2 Feb 2016 13:59:37 -0800 (PST)
Received: from LLE2K10-HUB02.mitll.ad.local (LLE2K10-HUB02.mitll.ad.local) by llmx2.ll.mit.edu (unknown) with ESMTP id u12LxKSg012264 for <cfrg@irtf.org>; Tue, 2 Feb 2016 16:59:20 -0500
From: "Blumenthal, Uri - 0553 - MITLL" <uri@ll.mit.edu>
To: "cfrg@irtf.org" <cfrg@irtf.org>
Thread-Topic: RFC 5742 conflict review for draft-dolmatov-kuznyechik
Thread-Index: AQHRXfqF30kDskQEAUONwvQsGzEE458ZTf6A
Date: Tue, 02 Feb 2016 21:59:32 +0000
Message-ID: <D2D68F83.26762%uri@ll.mit.edu>
References: <4A631584-C0F1-4AFC-A51D-155C34415413@isode.com> <D2D64C5B.61B8F%kenny.paterson@rhul.ac.uk> <CADqLbz+b-YQ10d6d5_GHN+r7ETWobQgq+skPyXQSdUGG1dBDqQ@mail.gmail.com> <CACsn0c=ErkJLja7QUbA06V7vH-KPR_MpTcPhPyrKfyV02bxq-w@mail.gmail.com> <D2D65F65.266E2%uri@ll.mit.edu> <87a8nix2od.fsf@latte.josefsson.org>
In-Reply-To: <87a8nix2od.fsf@latte.josefsson.org>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/14.5.9.151119
x-originating-ip: [172.25.177.51]
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg="sha256"; boundary="B_3537277163_135142075"
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2016-02-02_13:, , signatures=0
X-Proofpoint-Spam-Details: rule=inbound_notspam policy=inbound score=0 spamscore=0 suspectscore=0 malwarescore=0 phishscore=0 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1601100000 definitions=main-1602020361
Archived-At: <http://mailarchive.ietf.org/arch/msg/cfrg/H0SIKdv7nkuO4gFC1HHEUtAxmbE>
Subject: Re: [Cfrg] RFC 5742 conflict review for draft-dolmatov-kuznyechik
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Tue, 02 Feb 2016 21:59:39 -0000

>>Likewise, I’d expect an informational RFC describing Kalyna (Ukrainian
>> contest winner), which looks somewhat more appealing.
>
>I see a problem with publishing descriptions of national ciphers without
>guidance on suitable use and relevant applicability statements.

The only guidance I see is: if you need "it" or are required to use "it" -
do so, but be aware that people outside of your policy domain may not
interoperate with you using “it” because they may not have “it”
implemented. Implementing “it” is not required to be <whatever
protocol>-compliant.

Do you envision some other kind of guidance?

P.S. I wouldn’t expect US government to use anything but AES, and I
wouldn’t expect Ukrainian government to use anything but Kalyna. As for US
businesses communicating to Ukrainian businesses - off-hand it’s a toss
security-wise, either one would do.

P.P.S. Quality-wise - on the first look Kalyna looks better than AES,
while Kuznechik doesn’t.

v2.23.0 | Report a Bug | By Email