Re: [Cfrg] tcpinc: endpoint authentication and session ID privacy

Kyle Rose <krose@krose.org> Sat, 01 October 2016 16:31 UTC

Return-Path: <krose@krose.org>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A22BB12B0CB for <cfrg@ietfa.amsl.com>; Sat, 1 Oct 2016 09:31:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.8
X-Spam-Level:
X-Spam-Status: No, score=-0.8 tagged_above=-999 required=5 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=krose.org
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6WHWeLABrOE6 for <cfrg@ietfa.amsl.com>; Sat, 1 Oct 2016 09:31:32 -0700 (PDT)
Received: from mail-qk0-x232.google.com (mail-qk0-x232.google.com [IPv6:2607:f8b0:400d:c09::232]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 87FF112B08E for <cfrg@irtf.org>; Sat, 1 Oct 2016 09:31:32 -0700 (PDT)
Received: by mail-qk0-x232.google.com with SMTP id j129so124794158qkd.1 for <cfrg@irtf.org>; Sat, 01 Oct 2016 09:31:32 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=krose.org; s=google; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=EVMF1F6OMXpwriaK0xG4sBhIl8290GXcI3G6aNy8sVA=; b=N0mq4ohqprVf8VeMA6pXMBMWFcQ3YAA60ajB5Cudotok6bJI+BdvhXyBBF+x2PCqPg Tp0ffJ+PrYeSFCff8kOOo1EaRh7MG2R62xapoGty/lhy9hUoIn/b+vWoDIwMkiWXfM83 Hb21DUlsYVpCREnymrN/2hFtQj5CALs+2mnw8=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=EVMF1F6OMXpwriaK0xG4sBhIl8290GXcI3G6aNy8sVA=; b=SCJDMTjaaB51kgr+SkhiTgBQCGHT0dBdFlcuvhrLcB9u+U0lJHNY3c0h4D5mIqK4y0 9pgTCfR1t0QYR/EerdQU/1AKkAQgDSNwMHG0P9S61lejcm1Kn8uOwRiz4SX5lweUQ8mI RPfI35af3emD1ICR3DN3/d2QJ3IhSHWmFhLiht3xHQ8k63JUXi1idpxzzmZzLrJjuR6n 9F29EC0qrHK4V/kKmIMFb/QA7aPKMV2kYfgS06oduW0h12FeywfuK6YhBgxuUqI5/yRp fvHmq3ANC4j755GGE+3NbtKJbigcEvsK05zs7DDKV27o5IZ8cx5mOeXsprd8zyF9qZ7b vqVw==
X-Gm-Message-State: AA6/9RkOK6e+0R32JP+B2DD+U6PhRKjgELJyKzHVIS1/ZkIw9OQs3u7TocHDsatSYJxGTQW326ihusCgnUxR0Q==
X-Received: by 10.55.143.130 with SMTP id r124mr13229468qkd.100.1475339491597; Sat, 01 Oct 2016 09:31:31 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.55.217.8 with HTTP; Sat, 1 Oct 2016 09:31:31 -0700 (PDT)
X-Originating-IP: [2607:fb90:ade:257d:3dde:bc4c:b85d:c7b4]
Received: by 10.55.217.8 with HTTP; Sat, 1 Oct 2016 09:31:31 -0700 (PDT)
In-Reply-To: <a78ce42cf3504cbbb35735b0f45bc43b@usma1ex-dag1mb1.msg.corp.akamai.com>
References: <CAJU8_nXtwpe1_8UpKtKnG3fmpMWuMW7Zcj6SzPAnZ9jmJi9T2g@mail.gmail.com> <a78ce42cf3504cbbb35735b0f45bc43b@usma1ex-dag1mb1.msg.corp.akamai.com>
From: Kyle Rose <krose@krose.org>
Date: Sat, 1 Oct 2016 12:31:31 -0400
Message-ID: <CAJU8_nXXTVYCu+wt5QJ1RZiuqzparFwvQ33J55E-SaLhuZ6GoQ@mail.gmail.com>
To: Rich Salz <rsalz@akamai.com>
Content-Type: multipart/alternative; boundary=94eb2c0834045210df053dd03eef
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/N1MUc3rANSUcFxSvTfs6k5gpUXI>
Cc: tcpinc-chairs@ietf.org, cfrg@irtf.org
Subject: Re: [Cfrg] tcpinc: endpoint authentication and session ID privacy
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Sat, 01 Oct 2016 16:31:34 -0000

On Oct 1, 2016 11:48 AM, "Salz, Rich" <rsalz@akamai.com> wrote:
>
>
> > The authors claim (and I am inclined to agree, though I am not a
cryptographer) that these session IDs do not in general need to be private
>
>
> Is correlation possible, such as when I move from my NATted home to
work?  (Yes, this is a basic/naïve question, sorry.)

No: a session ID is to be used on one connection only, with a key
derivation algorithm used by both hosts on secret IKM to derive future IDs
for session caching/reuse. See sections 3.3-3.4 of the tcpcrypt draft for
more information on how these identifiers are derived.

Kyle