Re: [Cfrg] TLS PRF security proof?
"Dan Harkins" <dharkins@lounge.org> Tue, 08 July 2014 22:12 UTC
Return-Path: <dharkins@lounge.org>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 768511A015B for <cfrg@ietfa.amsl.com>; Tue, 8 Jul 2014 15:12:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.867
X-Spam-Level:
X-Spam-Status: No, score=-3.867 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, IP_NOT_FRIENDLY=0.334, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id aUDho4_wvT1n for <cfrg@ietfa.amsl.com>; Tue, 8 Jul 2014 15:12:23 -0700 (PDT)
Received: from colo.trepanning.net (colo.trepanning.net [69.55.226.174]) by ietfa.amsl.com (Postfix) with ESMTP id 4C8C61A014F for <cfrg@irtf.org>; Tue, 8 Jul 2014 15:12:23 -0700 (PDT)
Received: from www.trepanning.net (localhost [127.0.0.1]) by colo.trepanning.net (Postfix) with ESMTP id BC4A910224008; Tue, 8 Jul 2014 15:12:22 -0700 (PDT)
Received: from 69.12.173.8 (SquirrelMail authenticated user dharkins@lounge.org) by www.trepanning.net with HTTP; Tue, 8 Jul 2014 15:12:22 -0700 (PDT)
Message-ID: <b2b7a90843f86ec8828beec30560f3b8.squirrel@www.trepanning.net>
In-Reply-To: <CALCETrVekyPJeUdEReZ8L8zqrP5UOgHR4+MkYtNt2FFFdmMVew@mail.gmail.com>
References: <810C31990B57ED40B2062BA10D43FBF5CB648D@XMB116CNC.rim.net> <CALCETrVekyPJeUdEReZ8L8zqrP5UOgHR4+MkYtNt2FFFdmMVew@mail.gmail.com>
Date: Tue, 08 Jul 2014 15:12:22 -0700
From: Dan Harkins <dharkins@lounge.org>
To: Andy Lutomirski <luto@amacapital.net>
User-Agent: SquirrelMail/1.4.14 [SVN]
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 8bit
X-Priority: 3 (Normal)
Importance: Normal
Archived-At: http://mailarchive.ietf.org/arch/msg/cfrg/YV6aJJkr9bG5-qZ8uZNCQA9MkVI
Cc: Dan Brown <dbrown@certicom.com>, "cfrg@irtf.org" <cfrg@irtf.org>
Subject: Re: [Cfrg] TLS PRF security proof?
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Tue, 08 Jul 2014 22:12:28 -0000
On Tue, July 8, 2014 12:24 pm, Andy Lutomirski wrote: > On Tue, Jul 8, 2014 at 12:19 PM, Dan Brown <dbrown@certicom.com> wrote: >> >> Dear CFRG list, >> >> >> >> Is there a published security proof for the current TLS PRF in the draft >> TLS 1.3? >> > > Would it be useful if CFRG were to publish a recommended PRF? Perhaps > something using a modern hash function combiner using (HMAC-)SHA-512 > and either SHA-3 or something from the Salsa/ChaCha family as the > base? What about RFC 5869? http://eprint.iacr.org/2010/264 describes the design rationale which is more than what TLS PRF has (which, to me, seems a bit ad hoc). regards, Dan.
- [Cfrg] TLS PRF security proof? Dan Brown
- Re: [Cfrg] TLS PRF security proof? Andy Lutomirski
- Re: [Cfrg] TLS PRF security proof? Igoe, Kevin M.
- Re: [Cfrg] TLS PRF security proof? Dan Harkins
- Re: [Cfrg] TLS PRF security proof? Peter Gutmann
- Re: [Cfrg] TLS PRF security proof? Paterson, Kenny
- Re: [Cfrg] TLS PRF security proof? Dan Brown
- Re: [Cfrg] TLS PRF security proof? Andy Lutomirski
- Re: [Cfrg] TLS PRF security proof? Dan Brown
- Re: [Cfrg] TLS PRF security proof? Paul Hoffman
- Re: [Cfrg] TLS PRF security proof? Andy Lutomirski
- Re: [Cfrg] TLS PRF security proof? Andy Lutomirski
- Re: [Cfrg] TLS PRF security proof? Watson Ladd
- Re: [Cfrg] TLS PRF security proof? Andy Lutomirski
- Re: [Cfrg] TLS PRF security proof? Watson Ladd
- Re: [Cfrg] TLS PRF security proof? Andy Lutomirski
- Re: [Cfrg] TLS PRF security proof? Jakob Breier
- Re: [Cfrg] TLS PRF security proof? Hugo Krawczyk
- Re: [Cfrg] TLS PRF security proof? Watson Ladd
- Re: [Cfrg] TLS PRF security proof? Hugo Krawczyk