RE: [Cfrg] Fwd: [saag] [Sam Hartman]draft-harris-ssh-arcfour-fixes-02: informational or proposed?
"Blumenthal, Uri" <uri.blumenthal@intel.com> Wed, 01 June 2005 21:57 UTC
Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1DdbDO-0006Qi-4b; Wed, 01 Jun 2005 17:57:30 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1DdbDM-0006Qc-IX for cfrg@megatron.ietf.org; Wed, 01 Jun 2005 17:57:28 -0400
Received: from ietf-mx.ietf.org (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id RAA12443 for <cfrg@ietf.org>; Wed, 1 Jun 2005 17:57:25 -0400 (EDT)
Received: from fmr16.intel.com ([192.55.52.70] helo=fmsfmr006.fm.intel.com) by ietf-mx.ietf.org with esmtp (Exim 4.33) id 1DdbXE-0000yM-Az for cfrg@ietf.org; Wed, 01 Jun 2005 18:18:02 -0400
Received: from fmsfmr100.fm.intel.com (fmsfmr100.fm.intel.com [10.1.192.58]) by fmsfmr006.fm.intel.com (8.12.10/8.12.10/d: major-outer.mc,v 1.1 2004/09/17 17:50:56 root Exp $) with ESMTP id j51LvGQ1020387; Wed, 1 Jun 2005 21:57:16 GMT
Received: from fmsmsxvs040.fm.intel.com (fmsmsxvs040.fm.intel.com [132.233.42.124]) by fmsfmr100.fm.intel.com (8.12.10/8.12.10/d: major-inner.mc,v 1.2 2004/09/17 18:05:01 root Exp $) with SMTP id j51Lv8q5012448; Wed, 1 Jun 2005 21:57:16 GMT
Received: from fmsmsx332.amr.corp.intel.com ([132.233.42.148]) by fmsmsxvs040.fm.intel.com (SAVSMTP 3.1.7.47) with SMTP id M2005060114571607256 ; Wed, 01 Jun 2005 14:57:16 -0700
Received: from fmsmsx311.amr.corp.intel.com ([132.233.42.214]) by fmsmsx332.amr.corp.intel.com with Microsoft SMTPSVC(6.0.3790.211); Wed, 1 Jun 2005 14:57:16 -0700
Received: from hdsmsx402.amr.corp.intel.com ([10.127.2.62]) by fmsmsx311.amr.corp.intel.com with Microsoft SMTPSVC(6.0.3790.211); Wed, 1 Jun 2005 14:57:15 -0700
Received: from pysmsx401.amr.corp.intel.com ([146.152.3.156]) by hdsmsx402.amr.corp.intel.com with Microsoft SMTPSVC(6.0.3790.211); Wed, 1 Jun 2005 17:57:14 -0400
X-MimeOLE: Produced By Microsoft Exchange V6.5.7226.0
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Subject: RE: [Cfrg] Fwd: [saag] [Sam Hartman]draft-harris-ssh-arcfour-fixes-02: informational or proposed?
Date: Wed, 01 Jun 2005 17:56:17 -0400
Message-ID: <3DEC199BD7489643817ECA151F7C5929013C8E47@pysmsx401.amr.corp.intel.com>
Thread-Topic: [Cfrg] Fwd: [saag] [Sam Hartman]draft-harris-ssh-arcfour-fixes-02: informational or proposed?
Thread-Index: AcVm9Ig3gxEVtzGvSG+I+xtZB0Ui+QAACjng
From: "Blumenthal, Uri" <uri.blumenthal@intel.com>
To: Greg Rose <ggr@qualcomm.com>, "David A. McGrew" <mcgrew@cisco.com>
X-OriginalArrivalTime: 01 Jun 2005 21:57:14.0475 (UTC) FILETIME=[DEBA93B0:01C566F4]
X-Scanned-By: MIMEDefang 2.44
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 3a4bc66230659131057bb68ed51598f8
Content-Transfer-Encoding: quoted-printable
Cc: cfrg@ietf.org
X-BeenThere: cfrg@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:cfrg@ietf.org>
List-Help: <mailto:cfrg-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@ietf.org?subject=subscribe>
Sender: cfrg-bounces@ietf.org
Errors-To: cfrg-bounces@ietf.org
I support Greg's position. -----Original Message----- From: cfrg-bounces@ietf.org [mailto:cfrg-bounces@ietf.org] On Behalf Of Greg Rose Sent: Wednesday, June 01, 2005 5:49 PM To: David A. McGrew Cc: 'cfrg@ietf.org' Subject: Re: [Cfrg] Fwd: [saag] [Sam Hartman]draft-harris-ssh-arcfour-fixes-02: informational or proposed? I am strongly of the opinion that RC4 should be deprecated, therefore that this RFC shouldn't be published *at all*. Certainly not as a proposed standard. Greg. At 14:41 2005-06-01 -0700, David A. McGrew wrote: >FYI. > >Begin forwarded message: > >>From: Sam Hartman <hartmans-ietf@mit.edu> >>Date: June 1, 2005 12:04:07 PM PDT >>To: ietf-ssh@netbsd.org, saag@mit.edu >>Subject: [saag] [Sam Hartman] draft-harris-ssh-arcfour-fixes-02: >>informational or proposed? >>Reply-To: ietf@ietf.org >> >> >> >>Hi. I believe the following request is of interest to secsh and saag. >> >> >>From: Sam Hartman <hartmans-ietf@mmit.edu.cnri.reston.va.us> >>Date: June 1, 2005 11:35:07 AM PDT >>To: ietf@ietf.org >>Cc: iesg@ietf.org >>Subject: draft-harris-ssh-arcfour-fixes-02: informational or proposed? >> >> >> >> >>Hi, folks. The IESG has received a last call comment recommending >>that the new rc4 cipher for ssh be published as informational rather >>than as a proposed standard because of weaknesses in rc4. It would be >>inappropriate to make a decision based on one comment so I am >>soliciting comments on this point. >> >>The argument in favor of publishing this document at proposed is that >>the existing arcfour cipher is part of a standard and that many other >>IETF protocols use rc4 in standards track documents. >> >> >>Please submit comments to ietf@ietf.org or iesg@ietf.org on this issue >>by 2005-06-28. >> >>Included below is a partial bibliography of RC4 attacks provided to >>the IESG by the person making the original comment. >> >> >> >>S. Fluhrer, I. Mantin, & A. Shamir, "Weaknesses in the Key Scheduling >>Algorithm of RC4", Proceedings of 8th Annual International Workshop >>on Selected areas in Cryptography (SAC 2001), Toronto, ON, CA, >>August 2001. >> >>J. D. Golic, "Linear Statistical Weakness of RC4 Key Generator", >>Procedings of EuroCrypt 1997, Konstanz, DE, May 1997. >> >>S. Fluhrer & D. McGrew, "Statistical Analysis of the RC4 Key >>Generator", Proceedings of 7th International Workshop on Fast >>Software Encryption (FSE 2000), New York, NY, US, April 2000. >> >>S. Mister & S.E. Tavares, "Cryptanalysis of RC4-like Ciphers", >>Proceedings of 5th Annual International Workshop on Selected >>Areas in Cryptography (SAC 1998), Kingston, ON, CA, August 1998. >> >>L. Knudsen, W. Meier, B. Preneel, V. Rijmen, & S. Verdoolaege, >>"Analysis Method for RC4", Proceedings of AsiaCrypt 1998. >> >>R. Wash, "Lecture Notes on Stream Ciphers and RC4", unpublished, >>Case Western Reserve University, OH, US >>http://acm.cwru.edu/files/2002%20Spring/talks/latex_samp2_4_09_02.pdf >> >>S. Paul & B. Preneel, "Analysis of Non-fortuitous Predictive States >>of the RC4 Key Generator", Proceedings of 4th International Conference >>on Cryptology in India (IndoCrypt 2003), New Delhi, IN, December 2003. >> >>_______________________________________________ >>Ietf mailing list >>Ietf@ietf.org >>https://www1.ietf.org/mailman/listinfo/ietf >> >> >> >>_______________________________________________ >>saag mailing list >>saag@mit.edu >>https://jis.mit.edu/mailman/listinfo/saag > >_______________________________________________ >Cfrg mailing list >Cfrg@ietf.org >https://www1.ietf.org/mailman/listinfo/cfrg Greg Rose INTERNET: ggr@qualcomm.com Qualcomm Incorporated VOICE: +1-858-651-5733 FAX: +1-858-651-5766 5775 Morehouse Drive http://people.qualcomm.com/ggr/ San Diego, CA 92121 232B EC8F 44C6 C853 D68F E107 E6BF CD2F 1081 A37C _______________________________________________ Cfrg mailing list Cfrg@ietf.org https://www1.ietf.org/mailman/listinfo/cfrg _______________________________________________ Cfrg mailing list Cfrg@ietf.org https://www1.ietf.org/mailman/listinfo/cfrg
- [Cfrg] Fwd: [saag] [Sam Hartman] draft-harris-ssh… David A. McGrew
- Re: [Cfrg] Fwd: [saag] [Sam Hartman] draft-harris… Greg Rose
- RE: [Cfrg] Fwd: [saag] [Sam Hartman]draft-harris-… Blumenthal, Uri
- RE: [Cfrg] Fwd: [saag] [Sam Hartman]draft-harris-… Peter Gutmann