Re: [Cfrg] erratum for hmac what do we think...

Michael StJohns <msj@nthpermutation.com> Fri, 03 February 2017 19:49 UTC

Return-Path: <msj@nthpermutation.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6B79812950C for <cfrg@ietfa.amsl.com>; Fri, 3 Feb 2017 11:49:13 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.598
X-Spam-Level:
X-Spam-Status: No, score=-2.598 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=nthpermutation-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id goVIli6yAiBk for <cfrg@ietfa.amsl.com>; Fri, 3 Feb 2017 11:49:11 -0800 (PST)
Received: from mail-qt0-x230.google.com (mail-qt0-x230.google.com [IPv6:2607:f8b0:400d:c0d::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0B0BD129535 for <cfrg@irtf.org>; Fri, 3 Feb 2017 11:49:11 -0800 (PST)
Received: by mail-qt0-x230.google.com with SMTP id v23so50611004qtb.0 for <cfrg@irtf.org>; Fri, 03 Feb 2017 11:49:10 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nthpermutation-com.20150623.gappssmtp.com; s=20150623; h=subject:to:references:from:message-id:date:user-agent:mime-version :in-reply-to; bh=7gvkxxf5MiEY745LuKu9Z16e7E172r5Mv/6I1R6cl80=; b=Y1jdJB7GG3uSnmHKs+Hxso763We0oladliPpHcWg3D8gSMYbnOZdELQHo9xhrUtTJG egOe6/cdOEOn/hoCN5KOB/iB9PPaR9XKaZjy5Jo+oL20jxjydvJ/zwGM20holku/oiL+ kkxyGQwdhOSbIeiGZ0jqa4DPbYwpFltmh1MdHUzE2NYIiTWakKfH5iUzAg2iyhjOQcJ8 Apw+OT3aGJxWPj/YKf3A/RwqArT35izoLkyeSJ9tkn0gvuiFPzNqPhTmqKM2F9xYzEy2 ErRiE2G/xvor0wGlVgoHukRNVnbAs34rA25B6gNR+ph87dMgzFWlboWBRcUlunMaS/mb /SpQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:references:from:message-id:date :user-agent:mime-version:in-reply-to; bh=7gvkxxf5MiEY745LuKu9Z16e7E172r5Mv/6I1R6cl80=; b=X6Vrvx7Tv+S6IS93txZA938c2iZ9kW4p1sfCdVsedUOteyyTIBFsQUxIoMqdRDIG6S Gqfol/hlDGg9qddeOf+hp0W26civhAXZ/EFh6atazteu1x6KRT5M4fuKQd519bdVtLzw 5bJkvR+trcwRMcsb1ogCdURGrlmJMZEUP1a8d2XxZYQan0P7w8/at0HfbrcF1xV8cMFq 3P4RDGOm7vuycVu+WEZxzgbie8RoD88YYHOqAdSIg9ieJmtV4DXWt8HZ+qjM86gQ53Oo k3ItN8ItxZgDNZgF5524947hT6wL5T8PlUYM/WQhRc5ux76msnUF7MjoGa7vHvYVmKdM dIhQ==
X-Gm-Message-State: AMke39kuso6aDWZPjwwcOpscyvXbQnuF0DpyORlJCzWGwzyy9xMvQC1EcBMDPwhgHdAANg==
X-Received: by 10.55.80.136 with SMTP id e130mr16286043qkb.52.1486151349691; Fri, 03 Feb 2017 11:49:09 -0800 (PST)
Received: from ?IPv6:2601:152:4400:9b5f:1139:d049:134:71bb? ([2601:152:4400:9b5f:1139:d049:134:71bb]) by smtp.gmail.com with ESMTPSA id i132sm25299903qke.44.2017.02.03.11.49.08 for <cfrg@irtf.org> (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 03 Feb 2017 11:49:08 -0800 (PST)
To: cfrg@irtf.org
References: <666efaf7-b660-e20b-8a8a-8949a64e9bed@cs.tcd.ie> <52b3065b-bb20-9b2b-30da-78b09aace9cb@cs.tcd.ie>
From: Michael StJohns <msj@nthpermutation.com>
Message-ID: <f548bd9e-5aa9-9dec-a203-02bc7ef6687f@nthpermutation.com>
Date: Fri, 03 Feb 2017 14:49:14 -0500
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.7.0
MIME-Version: 1.0
In-Reply-To: <52b3065b-bb20-9b2b-30da-78b09aace9cb@cs.tcd.ie>
Content-Type: multipart/alternative; boundary="------------EBE595310E1F8F2DED6A1B08"
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/Ni1W3iJQDb30Y8rTnWMOS2H8NCA>
Subject: Re: [Cfrg] erratum for hmac what do we think...
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Fri, 03 Feb 2017 19:49:13 -0000

On 2/3/2017 1:28 PM, Stephen Farrell wrote:
> Thanks all,
>
> My reading of that thread leads me to conclude there there's consensus
> to not verify the erratum on the basis that the threat isn't that
> significant and a backwards incompatible change as would be required is
> not justified. However, if HMAC were to be updated in a manner that
> didn't require backwards compatibility then one would likely consider
> this. Hence I've marked this as "hold for document update"

I'd like to reiterate that RFC 2104 (or substantially similar text) was 
a feeder/submission for the FIPS 198-1 standard.  Its also old enough 
that it doesn't have the boilerplate we've since added that would allow 
for any changes/errata.  In that mode, its similar to the original 
publications of PKCS1, 7 and 12 as informational RFCs and we required a 
grant of rights to be able to gain change control over them.

Instead of making changes here to a document that's been OBEd by first 
being published as a FIPS  (FIPS 198) and second by an update in 2008 
(FIPS 198-1), let me suggest that comments should be bundled up and 
addressed to that document instead.

It looks like FIPS 198 is up for review in 2018 and changes might be 
applied then.

Perhaps I'm wrong about this, but we - the IETF - do not own change 
control over every RFC.

Mike


>
> Cheers,
> S.
>
> On 02/02/17 02:24, Stephen Farrell wrote:
>> Hiya,
>>
>> There's an erratum posted for hmac [1] where I'd be
>> interested in what folks here think.
>>
>> I'm unsure if this is a real problem, esp given that
>> there are I guess a lot of implementations.
>>
>> And even if it were a real problem, I'm not sure we'd
>> want that fix.
>>
>> Opinions welcome...
>>
>> Thanks,
>> S.
>>
>> [1]
>> https://www.rfc-editor.org/errata_search.php?rfc=2104&eid=4809&rec_status=15&area_acronym=&errata_type=&wg_acronym=&submitter_name=&stream_name=&submit_date=&presentation=records
>>
>>
>>
>> _______________________________________________
>> Cfrg mailing list
>> Cfrg@irtf.org
>> https://www.irtf.org/mailman/listinfo/cfrg
>>
>
>
> _______________________________________________
> Cfrg mailing list
> Cfrg@irtf.org
> https://www.irtf.org/mailman/listinfo/cfrg