Re: [Cfrg] RE: Where's the beef?

"Stephen Sprunk" <ssprunk@cisco.com> Sun, 01 September 2002 19:17 UTC

Received: from www1.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id PAA26594 for <cfrg-archive@odin.ietf.org>; Sun, 1 Sep 2002 15:17:07 -0400 (EDT)
Received: (from mailnull@localhost) by www1.ietf.org (8.11.6/8.11.6) id g81JIGD06148 for cfrg-archive@odin.ietf.org; Sun, 1 Sep 2002 15:18:16 -0400
Received: from ietf.org (odin.ietf.org [132.151.1.176]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id g81JIGo06145 for <cfrg-web-archive@optimus.ietf.org>; Sun, 1 Sep 2002 15:18:16 -0400
Received: from www1.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id PAA26581; Sun, 1 Sep 2002 15:16:37 -0400 (EDT)
Received: from www1.ietf.org (localhost.localdomain [127.0.0.1]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id g81JHWo06127; Sun, 1 Sep 2002 15:17:32 -0400
Received: from ietf.org (odin.ietf.org [132.151.1.176]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id g81JFKo06039 for <cfrg@optimus.ietf.org>; Sun, 1 Sep 2002 15:15:20 -0400
Received: from sj-msg-core-3.cisco.com (sj-msg-core-3.cisco.com [171.70.157.152]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id PAA26528 for <cfrg@ietf.org>; Sun, 1 Sep 2002 15:13:41 -0400 (EDT)
Received: from sj-msg-av-2.cisco.com (sj-msg-av-2.cisco.com [171.69.24.12]) by sj-msg-core-3.cisco.com (8.12.2/8.12.2) with ESMTP id g81JEb3x009695; Sun, 1 Sep 2002 12:14:37 -0700 (PDT)
Received: from nisser.cisco.com (localhost [127.0.0.1]) by sj-msg-av-2.cisco.com (8.12.2/8.12.2) with ESMTP id g81JEd0B001984; Sun, 1 Sep 2002 12:14:39 -0700 (PDT)
Received: from ssprunkw2k (ssprunk-w2k.cisco.com [64.101.135.221]) by nisser.cisco.com (8.8.6 (PHNE_14041)/CISCO.SERVER.1.2) with SMTP id MAA09516; Sun, 1 Sep 2002 12:14:38 -0700 (PDT)
Message-ID: <006a01c251eb$d15099c0$dd876540@amer.cisco.com>
From: "Stephen Sprunk" <ssprunk@cisco.com>
To: "Steven M. Bellovin" <smb@research.att.com>, "Alex Alten" <Alten@attbi.com>
Cc: "David A. Mcgrew" <mcgrew@cisco.com>, <cfrg@ietf.org>, "Ran Canetti" <canetti@watson.ibm.com>
References: <3.0.3.32.20020830234401.00f2d0c0@mail>
Subject: Re: [Cfrg] RE: Where's the beef?
Date: Sun, 1 Sep 2002 13:42:42 -0500
Organization: Cisco Systems, Inc.
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
Content-Transfer-Encoding: 7bit
Sender: cfrg-admin@ietf.org
Errors-To: cfrg-admin@ietf.org
X-BeenThere: cfrg@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@ietf.org?subject=unsubscribe>
List-Id: Crypto Forum Research Group <cfrg.ietf.org>
List-Post: <mailto:cfrg@ietf.org>
List-Help: <mailto:cfrg-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@ietf.org?subject=subscribe>
Content-Transfer-Encoding: 7bit
Content-Transfer-Encoding: 7bit

Thus spake "Alex Alten" <Alten@attbi.com>
> Anyway thanks for the plain speaking.  I was speaking from my own experience
> developing custom cryptographic algorithms.  I am no cryptanalyst, and I have
> come to deeply respect the analysis of people I do not ever see participating
> in our efforts here.  My concern was that we would not get the best advice
> if we could not pay for it.  You have stated otherwise.  So be it.
>
> But we have been sidetracked by this issue--I should not have pursued it
> with David M.
>
> What I really want to understand is what is this RG's practical role?
> (Jim H's somewhat pessimistic viewpoint seems to cut close to the bone.)
>
> Of particular interest to me is can it design custom cryptography to meet
> the particular needs of a WG?

Experience shows that "custom cryptography" is a bad idea because it doesn't
have the benefit of extensive public review.  I doubt we could pay for the sort
of analysis that the AES contest got for free -- and that will continue on as
long as Rijndael is in use.

CFRG's purpose, in my understanding, is to evaluate the known cryptosystems out
there, determine which ones can benefit the IETF, perform whatever IP-specific
modification or analysis is necessary, and publish Informational RFCs to be used
as normative references in IETF standard protocols.

S

_______________________________________________
Cfrg mailing list
Cfrg@ietf.org
https://www1.ietf.org/mailman/listinfo/cfrg