Re: [Cfrg] XMSS and https://ia.cr/2017/938
"A. Huelsing" <ietf@huelsing.net> Fri, 27 April 2018 20:06 UTC
Return-Path: <ietf@huelsing.net>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7A8AD127873 for <cfrg@ietfa.amsl.com>; Fri, 27 Apr 2018 13:06:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.89
X-Spam-Level:
X-Spam-Status: No, score=-1.89 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, T_REMOTE_IMAGE=0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MB0-Skd26zFG for <cfrg@ietfa.amsl.com>; Fri, 27 Apr 2018 13:06:41 -0700 (PDT)
Received: from www363.your-server.de (www363.your-server.de [78.46.179.9]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 367DD12785F for <cfrg@irtf.org>; Fri, 27 Apr 2018 13:06:40 -0700 (PDT)
Received: from [78.46.172.3] (helo=sslproxy06.your-server.de) by www363.your-server.de with esmtpsa (TLSv1.2:DHE-RSA-AES256-GCM-SHA384:256) (Exim 4.85_2) (envelope-from <ietf@huelsing.net>) id 1fC9de-00081H-Jf for cfrg@irtf.org; Fri, 27 Apr 2018 22:06:38 +0200
Received: from [77.173.230.115] (helo=[192.168.2.7]) by sslproxy06.your-server.de with esmtpsa (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.89) (envelope-from <ietf@huelsing.net>) id 1fC9db-000Ixf-En for cfrg@irtf.org; Fri, 27 Apr 2018 22:06:35 +0200
To: cfrg@irtf.org
References: <810C31990B57ED40B2062BA10D43FBF501C5B39E@XMB116CNC.rim.net> <CALwqbuwaTxd9JQBMSOWNj0rK_CU3-=mYq+f1k0t1aNXQ8H7FrA@mail.gmail.com> <810C31990B57ED40B2062BA10D43FBF501C5B3EB@XMB116CNC.rim.net>
From: "A. Huelsing" <ietf@huelsing.net>
Message-ID: <b53be467-e5ce-86bb-c22a-74ffdb0896d5@huelsing.net>
Date: Fri, 27 Apr 2018 22:06:31 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.7.0
MIME-Version: 1.0
In-Reply-To: <810C31990B57ED40B2062BA10D43FBF501C5B3EB@XMB116CNC.rim.net>
Content-Type: multipart/alternative; boundary="------------8222A95F825D214204FAFD63"
Content-Language: en-GB
X-Authenticated-Sender: ietf@huelsing.net
X-Virus-Scanned: Clear (ClamAV 0.99.3/24518/Fri Apr 27 14:29:17 2018)
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/NnjxWqGKQjLJ7NMRQUYWCdHMMrw>
Subject: Re: [Cfrg] XMSS and https://ia.cr/2017/938
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Fri, 27 Apr 2018 20:06:44 -0000
Dear Dan, thanks that you found the time to eventually look at our draft that was discussed on list several times. It is currently at the RFC editor and we are sorry but we will not touch it anymore to add references, that time has past. Thanks, Andreas Am 27-04-18 um 17:43 schrieb Dan Brown: > > Hi Philip, > > Thanks … > > You’re too kind about my question being good: I see now that the concluding > remarks of your paper already said that the XMSS Internet draft was not > affected. Earlier parts of your talked about XMSS when instantiated with > WOTS-PRF – I had focused on these without catching the ID version of XMSS does > not use WOTS-PRF … > > It was my mistake to miss both details – so the question was not so good after > all. > > Still, I wonder if a reference to your paper in the Internet Draft would be > helpful, to at least that it repeat that it does not apply. > > Dan > > > > *From:* Philip Lafrance [mailto:philip.lafrance92@gmail.com] > *Sent:* Friday, April 27, 2018 11:29 AM > *To:* Dan Brown <danibrown@blackberry.com> > *Cc:* cfrg@irtf.org > *Subject:* Re: [Cfrg] XMSS and https://ia.cr/2017/938 > > > > Hello Dan, > > > > (I'm not a member of the XMSS team, but felt qualified to answer.) > > > > The answer to your question is not at all. Our paper only discussed the > security of WOTS-PRF and this has no bearing on the security of other > Winternitz constructions. In particular I should say that the WOTS+ scheme > remains secure. > > > > Good question though! And thanks for asking :) > > > > Warm regards, > > Philip Lafrance > > > > On Fri, Apr 27, 2018, 11:24 AM Dan Brown, <danibrown@blackberry.com > <mailto:danibrown@blackberry.com>> wrote: > > Hi XMSS team, > > > > Lafrance and Menezes https://ia.cr/2017/938 describe a flaw in a security > analysis and correction to the security estimates for WOTS-PRF and to > XMSS. I am rather new to this area, so I naively ask: > > > > Are the Lafrance—Menezes results applicable to (and addressed by) the > current draft of XMSS? > > > > Best regards, > > > > Dan Brown > Standards Manager > Office: +1 (289) 261-4157 > Mobile: +1 (416) 276-1736 > danibrown@blackberry.com <mailto:danibrown@blackberry.com> > > > BlackBerry <http://www.blackberry.com/> > > > > _______________________________________________ > Cfrg mailing list > Cfrg@irtf.org <mailto:Cfrg@irtf.org> > https://www.irtf.org/mailman/listinfo/cfrg > > > > _______________________________________________ > Cfrg mailing list > Cfrg@irtf.org > https://www.irtf.org/mailman/listinfo/cfrg
- [Cfrg] XMSS and https://ia.cr/2017/938 Dan Brown
- Re: [Cfrg] XMSS and https://ia.cr/2017/938 Philip Lafrance
- Re: [Cfrg] XMSS and https://ia.cr/2017/938 Dan Brown
- Re: [Cfrg] XMSS and https://ia.cr/2017/938 A. Huelsing