Re: [Cfrg] NSA sabotaging crypto standards
Nikos Mavrogiannopoulos <nmav@gnutls.org> Fri, 07 February 2014 16:12 UTC
Return-Path: <n.mavrogiannopoulos@gmail.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DD73E1AC7ED for <cfrg@ietfa.amsl.com>; Fri, 7 Feb 2014 08:12:38 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TGCQMS02aDVE for <cfrg@ietfa.amsl.com>; Fri, 7 Feb 2014 08:12:37 -0800 (PST)
Received: from mail-ea0-f179.google.com (mail-ea0-f179.google.com [209.85.215.179]) by ietfa.amsl.com (Postfix) with ESMTP id 976421A03D3 for <cfrg@irtf.org>; Fri, 7 Feb 2014 08:12:37 -0800 (PST)
Received: by mail-ea0-f179.google.com with SMTP id q10so1418677ead.38 for <cfrg@irtf.org>; Fri, 07 Feb 2014 08:12:02 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=sender:message-id:date:from:user-agent:mime-version:to:subject :references:in-reply-to:openpgp:content-type :content-transfer-encoding; bh=pXvFaqax2Z+CxjU2+ebMSyLvD6nUnoIuinKom6pXT6A=; b=GsBnoyjpWniZ2JYCNGAvGJtan2QN64uNpiF9lCAgCIlctCah8vQRzBOjpCYBM6kfFd d6F/uzNtEIdRHOOsLfHKTnJC1VnurfUEwQRfQRH/QUQLcjuKLnQVXo+Sg69ByBDh7OJn DxBxMHjlfbCYqbI9tV15hi/8sCk4GHFPKoahmSSmKTpLGh86Kpk1wzuWAlHH7frgjP0E zyke82lR1CUzZAFBTmp8LhKjKmHSWwEz2K8MWZqNQTZsYmys5ze1EisSZ4QcRLNiAQw7 Znj25ZlntGdfvI28wjy1/g1gK0Bxcton+feIG4PoUjLeAQdnY7dbvsdYNuzr5GBpokyn NdFg==
X-Received: by 10.15.41.140 with SMTP id s12mr17740796eev.4.1391789521981; Fri, 07 Feb 2014 08:12:01 -0800 (PST)
Received: from [10.100.2.25] (ip-62-245-100-42.net.upcbroadband.cz. [62.245.100.42]) by mx.google.com with ESMTPSA id o45sm4492385eeb.18.2014.02.07.08.11.58 for <cfrg@irtf.org> (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Fri, 07 Feb 2014 08:12:00 -0800 (PST)
Sender: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
Message-ID: <52F505C6.5020306@gnutls.org>
Date: Fri, 07 Feb 2014 17:11:50 +0100
From: Nikos Mavrogiannopoulos <nmav@gnutls.org>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20131103 Icedove/17.0.10
MIME-Version: 1.0
To: cfrg@irtf.org
References: <20140203192451.6268.76511.idtracker@ietfa.amsl.com> <75e1e853dc391b418062ee5e51adeb2f.squirrel@www.trepanning.net> <CABqy+sr7ZKrACj4Ga2_75d9Kea0aKbrp2P5fWWu4YZP53zijxw@mail.gmail.com> <CACsn0cmS152wYQWHiX8ykzaMM=6b=r=fwVuLfPj_u0wmoq0jKw@mail.gmail.com> <7BAC95F5A7E67643AAFB2C31BEE662D018B81B7F7C@SC-VEXCH2.marvell.com> <CACsn0c=a5PvZOZgVRjHaJ2avGCPHF6b6nOpNh+iT0909X-jUFA@mail.gmail.com> <52F23D52.4090509@cisco.com> <EFA9E215-3B01-43C6-A8F0-3F98E3ED2E26@netapp.com> <3E30D764-7E19-45DB-9D6D-63949F5B36CB@netapp.com> <255B9BB34FB7D647A506DC292726F6E1153AE65F2E@WSMSG3153V.srv.dir.telstra.com> <570B8BE5-1362-4D08-A22D-FE86FC4A77DC@netapp.com> <CACsn0ckm95r4x7VBrW81+f7Resf7RcS6iOBPx3yqu9m1VuELhw@mail.gmail.com> <6F8C22FA-B968-4B3C-8A8D-C24F1DFC5021@vpnc.org> <CACsn0cmFpQEBbv=3EWvUff3EnNuuiqyzjJqFR6Dy97VjLREVVg@mail.gmail.com> <c2077ef440412f1158e7bacdfc8f8db7.squirrel@www.trepanning.net> <CACsn0c=G86j-eha6CO1Wigjk8EQOeQoxS8=OX-pbgzn9BYwUUw@mail.gmail.com>
In-Reply-To: <CACsn0c=G86j-eha6CO1Wigjk8EQOeQoxS8=OX-pbgzn9BYwUUw@mail.gmail.com>
X-Enigmail-Version: 1.6
OpenPGP: id=96865171
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
Subject: Re: [Cfrg] NSA sabotaging crypto standards
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Fri, 07 Feb 2014 16:12:39 -0000
On 02/07/2014 04:59 PM, Watson Ladd wrote: > But let's go into detail about how well the cryptographers did in TLS. > In 1995 Phil Rogaway tells everyone to use encrypt-then-MAC. I believe you are oversimplifying things. Indeed Rogaway suggested encrypt-then-MAC, but other cryptographers were suggesting MAC-then-Encrypt (authenticate what is meant not what is sent). There was also no attack known for MAC-then-encrypt. In general it is very easy to see the obvious solution 20 years later, but the challenge is to properly decide at the right time. regards, Nikos
- [Cfrg] I-D Action: draft-irtf-cfrg-dragonfly-03.t… internet-drafts
- Re: [Cfrg] I-D Action: draft-irtf-cfrg-dragonfly-… Dan Harkins
- Re: [Cfrg] I-D Action: draft-irtf-cfrg-dragonfly-… Watson Ladd
- Re: [Cfrg] I-D Action: draft-irtf-cfrg-dragonfly-… David McGrew
- Re: [Cfrg] I-D Action: draft-irtf-cfrg-dragonfly-… Watson Ladd
- Re: [Cfrg] I-D Action: draft-irtf-cfrg-dragonfly-… David McGrew
- Re: [Cfrg] I-D Action: draft-irtf-cfrg-dragonfly-… Dan Harkins
- Re: [Cfrg] I-D Action: draft-irtf-cfrg-dragonfly-… Paul Lambert
- Re: [Cfrg] I-D Action: draft-irtf-cfrg-dragonfly-… Watson Ladd
- Re: [Cfrg] I-D Action: draft-irtf-cfrg-dragonfly-… Dan Harkins
- Re: [Cfrg] I-D Action: draft-irtf-cfrg-dragonfly-… Yoav Nir
- Re: [Cfrg] I-D Action: draft-irtf-cfrg-dragonfly-… Watson Ladd
- Re: [Cfrg] I-D Action: draft-irtf-cfrg-dragonfly-… Mike Hamburg
- Re: [Cfrg] I-D Action: draft-irtf-cfrg-dragonfly-… Dan Harkins
- Re: [Cfrg] I-D Action: draft-irtf-cfrg-dragonfly-… Robert Ransom
- Re: [Cfrg] I-D Action: draft-irtf-cfrg-dragonfly-… Watson Ladd
- Re: [Cfrg] I-D Action: draft-irtf-cfrg-dragonfly-… Blumenthal, Uri - 0558 - MITLL
- Re: [Cfrg] 2^40. I can't exhibit it, but it exist… Paul Lambert
- Re: [Cfrg] 2^40. I can't exhibit it, but it exist… Michael Hamburg
- Re: [Cfrg] 2^40. I can't exhibit it, but it exist… Watson Ladd
- [Cfrg] publishing dragonfly (was: Re: 2^40. I can… David McGrew
- Re: [Cfrg] publishing dragonfly (was: Re: 2^40. I… Eggert, Lars
- Re: [Cfrg] publishing dragonfly (was: Re: 2^40. I… Manger, James
- Re: [Cfrg] publishing dragonfly (was: Re: 2^40. I… Eggert, Lars
- [Cfrg] NSA sabotaging crypto standards Manger, James
- Re: [Cfrg] NSA sabotaging crypto standards Alexandre Anzala-Yamajako
- Re: [Cfrg] how can CFRG improve cryptography in t… Rob Stradling
- Re: [Cfrg] NSA sabotaging crypto standards Eggert, Lars
- Re: [Cfrg] NSA sabotaging crypto standards Watson Ladd
- Re: [Cfrg] NSA sabotaging crypto standards Paul Hoffman
- Re: [Cfrg] NSA sabotaging crypto standards Watson Ladd
- Re: [Cfrg] NSA sabotaging crypto standards Paul Hoffman
- Re: [Cfrg] NSA sabotaging crypto standards David McGrew
- Re: [Cfrg] NSA sabotaging crypto standards Dan Harkins
- Re: [Cfrg] NSA sabotaging crypto standards Watson Ladd
- Re: [Cfrg] how can CFRG improve cryptography in t… David McGrew
- Re: [Cfrg] NSA sabotaging crypto standards Nikos Mavrogiannopoulos
- Re: [Cfrg] NSA sabotaging crypto standards Watson Ladd
- Re: [Cfrg] NSA sabotaging crypto standards Blumenthal, Uri - 0558 - MITLL
- Re: [Cfrg] NSA sabotaging crypto standards Watson Ladd
- [Cfrg] how can CFRG improve cryptography in the I… David McGrew
- Re: [Cfrg] how can CFRG improve cryptography in t… Daniel Kahn Gillmor
- Re: [Cfrg] NSA sabotaging crypto standards Blumenthal, Uri - 0558 - MITLL
- Re: [Cfrg] how can CFRG improve cryptography in t… Hannes Tschofenig
- Re: [Cfrg] how can CFRG improve cryptography in t… Rene Struik
- Re: [Cfrg] how can CFRG improve cryptography in t… Stephen Farrell
- Re: [Cfrg] how can CFRG improve cryptography in t… dan
- Re: [Cfrg] how can CFRG improve cryptography in t… Watson Ladd
- Re: [Cfrg] how can CFRG improve cryptography in t… Daniel Kahn Gillmor
- Re: [Cfrg] how can CFRG improve cryptography in t… David McGrew
- Re: [Cfrg] how can CFRG improve cryptography in t… Stephen Farrell
- Re: [Cfrg] how can CFRG improve cryptography in t… Tom Ritter
- Re: [Cfrg] how can CFRG improve cryptography in t… Igoe, Kevin M.
- Re: [Cfrg] how can CFRG improve cryptography in t… Hannes Tschofenig
- Re: [Cfrg] how can CFRG improve cryptography in t… Hannes Tschofenig
- Re: [Cfrg] how can CFRG improve cryptography in t… Hannes Tschofenig
- Re: [Cfrg] how can CFRG improve cryptography in t… David McGrew
- Re: [Cfrg] how can CFRG improve cryptography in t… Paul Lambert
- Re: [Cfrg] how can CFRG improve cryptography in t… Watson Ladd
- Re: [Cfrg] how can CFRG improve cryptography in t… Rene Struik
- Re: [Cfrg] how can CFRG improve cryptography in t… Geoffrey Waters
- Re: [Cfrg] how can CFRG improve cryptography in t… S Moonesamy
- Re: [Cfrg] how can CFRG improve cryptography in t… David McGrew