Re: [Cfrg] Security proofs v DH backdoors

Peter Gutmann <pgut001@cs.auckland.ac.nz> Wed, 02 November 2016 00:50 UTC

Return-Path: <pgut001@cs.auckland.ac.nz>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3788D12984A for <cfrg@ietfa.amsl.com>; Tue, 1 Nov 2016 17:50:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.697
X-Spam-Level:
X-Spam-Status: No, score=-5.697 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-1.497] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=auckland.ac.nz
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZzkVeQRD01cu for <cfrg@ietfa.amsl.com>; Tue, 1 Nov 2016 17:50:51 -0700 (PDT)
Received: from mx4.auckland.ac.nz (mx4.auckland.ac.nz [130.216.125.248]) (using TLSv1.2 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7E96C129478 for <cfrg@irtf.org>; Tue, 1 Nov 2016 17:50:50 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=auckland.ac.nz; i=@auckland.ac.nz; q=dns/txt; s=mail; t=1478047851; x=1509583851; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=UkrMHKJxJq0V16Tg5MtR9o9Uz4sYw+D9edlyD+H12Hg=; b=EjRNMT0cLoxvFyzwYAGhI9aN7XiffIXtf0+qe4emryZS1PxuzfUYovdA V4IoijjD2xQ7WqOXpoW5b2p475bdW8BXfnvYBQOrGU2CaqutSVx9hRNjz qSFM4ZHyyq+HLyZ7ODJsjyHXw3fT2ek/9Ds73NsGr8PBJ2JgSxvYO9WXu qK1IkOODblACg28hTdrRHGIm7frK/HJZjf9OY6ixoc6RiHx4gnCprcFNk UJ+mhJ6Qb99kJzZYxnO8FCfvmZPMZv3HLpOO00ychzRz1lZeYfKY1oCAQ +IlTxIwbausFbfctmBFspVpzXsUsIGNBDjO/MbDpZtbY+BLthpbBJ6tvA w==;
X-IronPort-AV: E=Sophos;i="5.31,582,1473076800"; d="scan'208";a="113105345"
X-Ironport-HAT: MAIL-SERVERS - $RELAYED
X-Ironport-Source: 10.6.2.4 - Outgoing - Outgoing
Received: from exchangemx.uoa.auckland.ac.nz (HELO uxcn13-ogg-c.UoA.auckland.ac.nz) ([10.6.2.4]) by mx4-int.auckland.ac.nz with ESMTP/TLS/AES256-SHA; 02 Nov 2016 13:50:48 +1300
Received: from uxcn13-ogg-d.UoA.auckland.ac.nz (10.6.2.5) by uxcn13-ogg-c.UoA.auckland.ac.nz (10.6.2.4) with Microsoft SMTP Server (TLS) id 15.0.1178.4; Wed, 2 Nov 2016 13:50:47 +1300
Received: from uxcn13-ogg-d.UoA.auckland.ac.nz ([10.6.2.25]) by uxcn13-ogg-d.UoA.auckland.ac.nz ([10.6.2.25]) with mapi id 15.00.1178.000; Wed, 2 Nov 2016 13:50:47 +1300
From: Peter Gutmann <pgut001@cs.auckland.ac.nz>
To: Watson Ladd <watsonbladd@gmail.com>
Thread-Topic: [Cfrg] Security proofs v DH backdoors
Thread-Index: AdIuwSDNwRWUIafTQyeYSwlwLZEKKf//K6mAgAHV3UWAAuvMgIADyso2//8zFYCAA/S8V///WqwAgAGJRJo=
Date: Wed, 2 Nov 2016 00:50:47 +0000
Message-ID: <1478047842898.30730@cs.auckland.ac.nz>
References: <20161025131014.5709905.2866.6563@blackberry.com> <20161025133016.GA9081@LK-Perkele-V2.elisa-laajakaista.fi> <1477456366629.49872@cs.auckland.ac.nz> <20161028140827.GA24613@LK-Perkele-V2.elisa-laajakaista.fi> <1477825475854.42396@cs.auckland.ac.nz> <20161030114937.GA19191@LK-Perkele-V2.elisa-laajakaista.fi> <1477998938904.44724@cs.auckland.ac.nz>, <CACsn0ckbYXW9mHiQ2GbEE1NPBZM-OQd8EfVLVLMExrp3BxAMQw@mail.gmail.com>
In-Reply-To: <CACsn0ckbYXW9mHiQ2GbEE1NPBZM-OQd8EfVLVLMExrp3BxAMQw@mail.gmail.com>
Accept-Language: en-NZ, en-GB, en-US
Content-Language: en-NZ
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [130.216.158.4]
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/IzVaP0ehK6_Vl9YzjcX38hBKcJs>
Cc: CFRG <cfrg@irtf.org>
Subject: Re: [Cfrg] Security proofs v DH backdoors
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Wed, 02 Nov 2016 00:50:55 -0000

Watson Ladd <watsonbladd@gmail.com> writes:

>I don't see any benefit, especially given the amount that gets changed by LTS
>for no reason.

Like what?  Most of it is just saying that a bunch of optional negotiated-by-
extension features that improve security should be mandatory (in other words
it's stuff that's already implemented, you just don't need to negotiate each
one piecemeal any more), and pretty much every change there is to address
things that have been security or interop issues in the past.  Another name
for it might be TLS-with-lessons-learned.

(This discussion would probably be better off-list, not sure if it's relevant
for CFRG).

Peter.