Re: [Cfrg] FIPS or equivalent approvals
David Jacobson <dmjacobson@sbcglobal.net> Thu, 31 July 2014 03:54 UTC
Return-Path: <dmjacobson@sbcglobal.net>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BD08E1A00AD for <cfrg@ietfa.amsl.com>; Wed, 30 Jul 2014 20:54:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BVv8zWkYWal5 for <cfrg@ietfa.amsl.com>; Wed, 30 Jul 2014 20:54:46 -0700 (PDT)
Received: from nm3-vm5.access.bullet.mail.gq1.yahoo.com (nm3-vm5.access.bullet.mail.gq1.yahoo.com [216.39.63.121]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D3BF41A0097 for <cfrg@irtf.org>; Wed, 30 Jul 2014 20:54:46 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sbcglobal.net; s=s2048; t=1406778886; bh=1fjyNVVSnH2Y/T+yEZDKCeMSDb45W9gfVUQN3Mysc2s=; h=Received:Received:Received:DKIM-Signature:X-Yahoo-Newman-Id:X-Yahoo-Newman-Property:X-YMail-OSG:X-Yahoo-SMTP:Message-ID:Date:From:User-Agent:MIME-Version:To:Subject:References:In-Reply-To:Content-Type:Content-Transfer-Encoding; b=PAvt1dYyrcdDXH+fYDAJgP2tjfKsUbHPqgIUnTC5FA6twCILqN2Dy9kW397CqBMxg6xV4LLp2EiLCJSKbt8mf5Uzi8xSMhqY48+bxfhM08ty5pDnxxvNwYxxOSDzXgx92+FqpuJQwWdWi+YPZb7AvWtLW/jjFuvatpbXVcBlSZGd0oNuOirVhvdoahhrIXwWpnerONgUQrG9tW4MPewLfY1c0yQqaOUM+qOYMAJ7RB+1oIJn+i6KvmKbBU1OICVDq4ncz+Szcc7VV2Jb++v9EEcL03oYHNJf3gm1wTqX7ap8G0zpQ/JagGH5/MdGMQotK/16ymueRfXeT1Hu67m8QQ==
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s2048; d=sbcglobal.net; b=DmJYLsiN0NvAqqYhiN4w4dlkeO6n2xDymlw63+vqwLgG3QbYHW2QUG+Xp/nuxY9levQOxyPWMebMwBgsmfZAvaTAutxN4NyOf8gAIM6wqcbHRm9EYBFEBVyG4p64Kgh5XzqzvAdy5vLYPfhtodmLTKN6qpuGzITfGLJCSjaBhXsWXImnIkaKS5rHMTXMBU4aioeg8DGKglSh+uGHvkLu0g82Zi6XahpnoY1lQbuFkohGoiO9iulm7NNUZk7V7KJqB4a1BeT9ZT6eD/osoYotsxk4dAsIziiXfdMINSqeVFGTDdu/jM+0e4JMRwmtN6cd6Fj/sjjpiT/fZdxczcyzng==;
Received: from [216.39.60.169] by nm3.access.bullet.mail.gq1.yahoo.com with NNFMP; 31 Jul 2014 03:54:46 -0000
Received: from [67.195.22.116] by tm5.access.bullet.mail.gq1.yahoo.com with NNFMP; 31 Jul 2014 03:54:46 -0000
Received: from [127.0.0.1] by smtp111.sbc.mail.gq1.yahoo.com with NNFMP; 31 Jul 2014 03:54:46 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sbcglobal.net; s=s1024; t=1406778886; bh=1fjyNVVSnH2Y/T+yEZDKCeMSDb45W9gfVUQN3Mysc2s=; h=X-Yahoo-Newman-Id:X-Yahoo-Newman-Property:X-YMail-OSG:X-Yahoo-SMTP:Message-ID:Date:From:User-Agent:MIME-Version:To:Subject:References:In-Reply-To:Content-Type:Content-Transfer-Encoding; b=r0p8mF/9oF8tHav5c/Q9zxFn1XNW4gdencf+kgemWDQPtNh2O3AaEvsDNtr6ZjRIQ/MCh7mM0n6l+G2f+qR2kyqbVrzMqcrlQazjo1Nt4umJW0ra94gpr6s+HNw2OIiNLjux82Uxd/d+6K2/h2AxX5GvVZR3WkoQjJ3so92kpXE=
X-Yahoo-Newman-Id: 383924.68383.bm@smtp111.sbc.mail.gq1.yahoo.com
X-Yahoo-Newman-Property: ymail-3
X-YMail-OSG: 1qVGIfcVM1laRljrasGGCPW8KAHgdrnl8ig5nirOb00txpB y7LJroyrBkgeI5zSnmWXqaS48Y2cWaXiF80VXGFPO0Zh3JugLQ5xFVRIPo7Y 6odPfYxcdtybfcvC7JVJz0ZhDudoN0fZe_fDQu7XsONwBQoxVP2PsvA_I1kT pOptu7pJBO6fRQf3Wm5.cW0mX1QqPzLERAHcncy7uiVxX.KYoQ5qNXNYUkvQ _yWUoSlMPTM_tN2S2crq3Y9.EOdjBvvsccDk6eKSCzx7rbDeeQWZtT.i571W qIOAJ2JMaxqasgeYdAtakrs1g29ionRQE4sGDBaT41aGWFn1I4v7mnCElqyX 2xFnA7e_0RUUaL8NPpGa3x7ayTo9FnbqGZRR5.IFx0BLJ3zKTZZcWPRlGgl3 ZFEiMIe.6j290giGHLj1r7taeQFG8L4XgUkjzdKEEh01BjccyirNygrE9eBw 5Z6byym44sifTpRsq97lbu6VjNOrGpLbiszoxdsi543d3tUQOar5EB8mqjKH _KBNF8Rc9vgCYEak0EbTm1XjDR8zj2OF93BVPtneJr2XXN5blfS0fK_gQfHK KmOXROLywzJQayLmj.jqY8aK7gQa_xuGkS5NNh1YjFBrSu_M8
X-Yahoo-SMTP: nOrmCa6swBAE50FabWnlVFUpgFVJ9Gbi__8U5mpvhtQq7tTV1g--
Message-ID: <53D9BE05.6080806@sbcglobal.net>
Date: Wed, 30 Jul 2014 20:54:45 -0700
From: David Jacobson <dmjacobson@sbcglobal.net>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:24.0) Gecko/20100101 Thunderbird/24.6.0
MIME-Version: 1.0
To: "Salz, Rich" <rsalz@akamai.com>, Alyssa Rowan <akr@akr.io>, "cfrg@irtf.org" <cfrg@irtf.org>
References: <CAMm+LwhYWfP30=rdYQoVZ=Ns8dCn2HdjKLLPCP7Yw540eifvOg@mail.gmail.com> <53D7E119.7040209@akr.io> <2A0EFB9C05D0164E98F19BB0AF3708C718599EDC92@USMBX1.msg.corp.akamai.com>
In-Reply-To: <2A0EFB9C05D0164E98F19BB0AF3708C718599EDC92@USMBX1.msg.corp.akamai.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: http://mailarchive.ietf.org/arch/msg/cfrg/YRvdnfO9nAKwUSBjEI3Xvl2PZMQ
Subject: Re: [Cfrg] FIPS or equivalent approvals
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Thu, 31 Jul 2014 03:54:48 -0000
On 7/29/14 11:43 AM, Salz, Rich wrote: >> I feel a HSM/smartcard/token design actually worthy of >> third-party trust would need: > Check out http://cryptech.is > > -- > Principal Security Engineer > Akamai Technologies, Cambridge MA > IM: rsalz@jabber.me Twitter: RichSalz > In a past life, I worked on the design of an HSM that was used by lots of banks. (FIPS 140-2 level 3) It was basically just an ARM processor and a crypto accelerator in a module coated with hard opaque epoxy. There is no reason that the firmware couldn't be modified to do Curve 25519. Of course, it would be slower, since it wouldn't get any benefit from the crypto accelerator, and you couldn't put it in FIPS mode with that curve enabled (not a "FIPS approved algorithm"). --David Jacobson
- [Cfrg] FIPS or equivalent approvals Phillip Hallam-Baker
- Re: [Cfrg] FIPS or equivalent approvals Paul Hoffman
- Re: [Cfrg] FIPS or equivalent approvals Salz, Rich
- Re: [Cfrg] FIPS or equivalent approvals Robert Moskowitz
- Re: [Cfrg] FIPS or equivalent approvals Alyssa Rowan
- Re: [Cfrg] FIPS or equivalent approvals Phillip Hallam-Baker
- Re: [Cfrg] FIPS or equivalent approvals Phillip Hallam-Baker
- Re: [Cfrg] FIPS or equivalent approvals Salz, Rich
- Re: [Cfrg] FIPS or equivalent approvals David Jacobson
- Re: [Cfrg] FIPS or equivalent approvals David Jacobson
- Re: [Cfrg] FIPS or equivalent approvals Randy Bush