Re: [Cfrg] how can CFRG improve cryptography in the Internet?
Paul Lambert <paul@marvell.com> Thu, 13 February 2014 00:19 UTC
Return-Path: <paul@marvell.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BD5B51A000A for <cfrg@ietfa.amsl.com>; Wed, 12 Feb 2014 16:19:52 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.567
X-Spam-Level:
X-Spam-Status: No, score=-1.567 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, IP_NOT_FRIENDLY=0.334, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kOPN7goqJDNX for <cfrg@ietfa.amsl.com>; Wed, 12 Feb 2014 16:19:51 -0800 (PST)
Received: from mx0a-0016f401.pphosted.com (mx0a-0016f401.pphosted.com [67.231.148.174]) by ietfa.amsl.com (Postfix) with ESMTP id 8CE1D1A004C for <cfrg@irtf.org>; Wed, 12 Feb 2014 16:19:49 -0800 (PST)
Received: from pps.filterd (m0045849.ppops.net [127.0.0.1]) by mx0a-0016f401.pphosted.com (8.14.5/8.14.5) with SMTP id s1D0JGtP005779; Wed, 12 Feb 2014 16:19:16 -0800
Received: from sc-owa04.marvell.com ([199.233.58.150]) by mx0a-0016f401.pphosted.com with ESMTP id 1j05edkyt7-10 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NOT); Wed, 12 Feb 2014 16:19:16 -0800
Received: from SC-vEXCH2.marvell.com ([10.93.76.134]) by SC-OWA04.marvell.com ([fe80::e56e:83a7:9eef:b5a1%16]) with mapi; Wed, 12 Feb 2014 16:19:16 -0800
From: Paul Lambert <paul@marvell.com>
To: Hannes Tschofenig <hannes.tschofenig@gmx.net>, David McGrew <mcgrew@cisco.com>, Stephen Farrell <stephen.farrell@cs.tcd.ie>
Date: Wed, 12 Feb 2014 16:19:24 -0800
Thread-Topic: [Cfrg] how can CFRG improve cryptography in the Internet?
Thread-Index: Ac8oUTq+ORmvy5QVS5CNuFxyP6uz4A==
Message-ID: <CF214B68.2F33F%paul@marvell.com>
References: <CACsn0ckOL8xdp5z7DdB9wyHhFpax0DhVXjsUMuGj39HgKk4YBA@mail.gmail.com> <52f50c59.aa1b8c0a.77c0.4985SMTPIN_ADDED_MISSING@mx.google.com> <CACsn0cnYkDwyAdwdf0+-JtksWu4NhKPr3L2emG2b3kFDe5v6hg@mail.gmail.com> <52F52E2D.8090104@cisco.com> <52F55236.1070800@gmx.net> <52F925FD.4030204@cisco.com> <52F93DA4.1090403@cs.tcd.ie> <52FA4CEB.50402@cisco.com> <52FBB0D2.20208@gmx.net>
In-Reply-To: <52FBB0D2.20208@gmx.net>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/14.3.9.131030
acceptlanguage: en-US
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:5.11.87, 1.0.14, 0.0.0000 definitions=2014-02-12_06:2014-02-12, 2014-02-12, 1970-01-01 signatures=0
X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 spamscore=0 suspectscore=0 phishscore=0 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=7.0.1-1305240000 definitions=main-1402120170
Cc: "cfrg@irtf.org" <cfrg@irtf.org>, "nmav@gnutls.org" <nmav@gnutls.org>
Subject: Re: [Cfrg] how can CFRG improve cryptography in the Internet?
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Thu, 13 Feb 2014 00:19:53 -0000
On 2/12/14, 9:35 AM, "Hannes Tschofenig" <hannes.tschofenig@gmx.net> wrote: >Hi David, > >there are really no crypto issues with RADIUS and Diameter. ?? Perhaps because they have no crypto. The RADIUS/Diameter AAA architecture is flawed by the inclusion of so many options that insecure deployments are common. > >The issue is that vendors don't implement the security protocols >mandated in our RFCs and, if they are implemented, operators don't turn >them on because they rely on "physical security". Yes. Our guidelines here are poor. TLS or IPsec are specified and even when used typically leave gaps due to ³physical security" > >On top of that we don't have a incomplete toolbox; there is no e2e >security solution standardized for RADIUS/Diameter. Would this be a work item? > >The consequence is that highly sensitive transaction data flies around >in the clear or, if it is protected, then all intermediaries see it. > >I organized a few Diameter interops several years ago and the biggest >problem we had was with security. Very few implementations implemented >TLS and it took us a day at each event to configure the certificates >since every implementation had their own management interface which >nobody knew how to use. Once we got past that point we found out that >none of the implementations were actually checking the certificates >anyway. Yes! A fundamental problem - X.509 :-) Al > >A couple of years have passed since that time and I really hope that the >situation is better now. At least there is FreeDiameter... > >Ciao >Hannes > >On 02/11/2014 04:16 PM, David McGrew wrote: >> Hi Stephen, >> >> On 02/10/2014 03:59 PM, Stephen Farrell wrote: >>> I think adding energy and appropriate tasking to CFRG is a fine >>> idea, but this bit is a bit of a potential rathole... >>> >>> On 02/10/2014 07:18 PM, David McGrew wrote: >>>> Surely we don't need new crypto mechanisms to solve the problems with >>>> RADIUS, but analyzing and documenting security issues and helping to >>>> socialize them with the IETF and the user base are all in charter and >>>> are worth doing. >>> I'm not clear on this. I don't think there are non-obvious >>> crypto issues with RADIUS or Diameter that CFRG can tackle >>> to be honest. Or maybe I'm not missing something? >>> >>> I don't think CFRG should be collectively "documenting security >>> issues" generally, if those that are not cryptographic. Reason >>> being that that'd likely generate more heat than light and would >>> overlap with secdir and IETF WGs too much probably. >> >> I was being too vague, sorry. By "documenting security issues" I had in >> mind those cases in which some sort of cryptanalysis needs to be brought >> to bear in order to show that, yes, there is an actual attack that can >> be performed. Sometimes some applied cryptanalysis needs to be done to >> make the point that some existing algorithm or parameter choice is no >> longer appropriate (or perhaps was never a good idea). The >> standards-oriented people in CFRG could probably identify some >> low-hanging fruit that the cryptanalysis-oriented people would enjoy >> breaking. >> >> Definitely we need to avoid the overlap that you mention. >> >> David >> >>> >>> I could maybe see re-chartering to include theorem-prover style >>> analyses or results in CFRG's charter, but I interpret the above >>> differently. >>> >>> If some CFRG folk are interested in e.g. RADIUS security, >>> then they are just as free as anyone to send mail to the >>> DIME list. >>> >>> Cheers, >>> S. >>> >>> >>> . >>> >> >
- [Cfrg] I-D Action: draft-irtf-cfrg-dragonfly-03.t… internet-drafts
- Re: [Cfrg] I-D Action: draft-irtf-cfrg-dragonfly-… Dan Harkins
- Re: [Cfrg] I-D Action: draft-irtf-cfrg-dragonfly-… Watson Ladd
- Re: [Cfrg] I-D Action: draft-irtf-cfrg-dragonfly-… David McGrew
- Re: [Cfrg] I-D Action: draft-irtf-cfrg-dragonfly-… Watson Ladd
- Re: [Cfrg] I-D Action: draft-irtf-cfrg-dragonfly-… David McGrew
- Re: [Cfrg] I-D Action: draft-irtf-cfrg-dragonfly-… Dan Harkins
- Re: [Cfrg] I-D Action: draft-irtf-cfrg-dragonfly-… Paul Lambert
- Re: [Cfrg] I-D Action: draft-irtf-cfrg-dragonfly-… Watson Ladd
- Re: [Cfrg] I-D Action: draft-irtf-cfrg-dragonfly-… Dan Harkins
- Re: [Cfrg] I-D Action: draft-irtf-cfrg-dragonfly-… Yoav Nir
- Re: [Cfrg] I-D Action: draft-irtf-cfrg-dragonfly-… Watson Ladd
- Re: [Cfrg] I-D Action: draft-irtf-cfrg-dragonfly-… Mike Hamburg
- Re: [Cfrg] I-D Action: draft-irtf-cfrg-dragonfly-… Dan Harkins
- Re: [Cfrg] I-D Action: draft-irtf-cfrg-dragonfly-… Robert Ransom
- Re: [Cfrg] I-D Action: draft-irtf-cfrg-dragonfly-… Watson Ladd
- Re: [Cfrg] I-D Action: draft-irtf-cfrg-dragonfly-… Blumenthal, Uri - 0558 - MITLL
- Re: [Cfrg] 2^40. I can't exhibit it, but it exist… Paul Lambert
- Re: [Cfrg] 2^40. I can't exhibit it, but it exist… Michael Hamburg
- Re: [Cfrg] 2^40. I can't exhibit it, but it exist… Watson Ladd
- [Cfrg] publishing dragonfly (was: Re: 2^40. I can… David McGrew
- Re: [Cfrg] publishing dragonfly (was: Re: 2^40. I… Eggert, Lars
- Re: [Cfrg] publishing dragonfly (was: Re: 2^40. I… Manger, James
- Re: [Cfrg] publishing dragonfly (was: Re: 2^40. I… Eggert, Lars
- [Cfrg] NSA sabotaging crypto standards Manger, James
- Re: [Cfrg] NSA sabotaging crypto standards Alexandre Anzala-Yamajako
- Re: [Cfrg] how can CFRG improve cryptography in t… Rob Stradling
- Re: [Cfrg] NSA sabotaging crypto standards Eggert, Lars
- Re: [Cfrg] NSA sabotaging crypto standards Watson Ladd
- Re: [Cfrg] NSA sabotaging crypto standards Paul Hoffman
- Re: [Cfrg] NSA sabotaging crypto standards Watson Ladd
- Re: [Cfrg] NSA sabotaging crypto standards Paul Hoffman
- Re: [Cfrg] NSA sabotaging crypto standards David McGrew
- Re: [Cfrg] NSA sabotaging crypto standards Dan Harkins
- Re: [Cfrg] NSA sabotaging crypto standards Watson Ladd
- Re: [Cfrg] how can CFRG improve cryptography in t… David McGrew
- Re: [Cfrg] NSA sabotaging crypto standards Nikos Mavrogiannopoulos
- Re: [Cfrg] NSA sabotaging crypto standards Watson Ladd
- Re: [Cfrg] NSA sabotaging crypto standards Blumenthal, Uri - 0558 - MITLL
- Re: [Cfrg] NSA sabotaging crypto standards Watson Ladd
- [Cfrg] how can CFRG improve cryptography in the I… David McGrew
- Re: [Cfrg] how can CFRG improve cryptography in t… Daniel Kahn Gillmor
- Re: [Cfrg] NSA sabotaging crypto standards Blumenthal, Uri - 0558 - MITLL
- Re: [Cfrg] how can CFRG improve cryptography in t… Hannes Tschofenig
- Re: [Cfrg] how can CFRG improve cryptography in t… Rene Struik
- Re: [Cfrg] how can CFRG improve cryptography in t… Stephen Farrell
- Re: [Cfrg] how can CFRG improve cryptography in t… dan
- Re: [Cfrg] how can CFRG improve cryptography in t… Watson Ladd
- Re: [Cfrg] how can CFRG improve cryptography in t… Daniel Kahn Gillmor
- Re: [Cfrg] how can CFRG improve cryptography in t… David McGrew
- Re: [Cfrg] how can CFRG improve cryptography in t… Stephen Farrell
- Re: [Cfrg] how can CFRG improve cryptography in t… Tom Ritter
- Re: [Cfrg] how can CFRG improve cryptography in t… Igoe, Kevin M.
- Re: [Cfrg] how can CFRG improve cryptography in t… Hannes Tschofenig
- Re: [Cfrg] how can CFRG improve cryptography in t… Hannes Tschofenig
- Re: [Cfrg] how can CFRG improve cryptography in t… Hannes Tschofenig
- Re: [Cfrg] how can CFRG improve cryptography in t… David McGrew
- Re: [Cfrg] how can CFRG improve cryptography in t… Paul Lambert
- Re: [Cfrg] how can CFRG improve cryptography in t… Watson Ladd
- Re: [Cfrg] how can CFRG improve cryptography in t… Rene Struik
- Re: [Cfrg] how can CFRG improve cryptography in t… Geoffrey Waters
- Re: [Cfrg] how can CFRG improve cryptography in t… S Moonesamy
- Re: [Cfrg] how can CFRG improve cryptography in t… David McGrew