Re: [Cfrg] What is the standard we are going to apply?

Alyssa Rowan <akr@akr.io> Tue, 24 December 2013 03:34 UTC

Return-Path: <akr@akr.io>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B870A1AE369 for <cfrg@ietfa.amsl.com>; Mon, 23 Dec 2013 19:34:11 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.902
X-Spam-Level:
X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6Q4m5EnayWbM for <cfrg@ietfa.amsl.com>; Mon, 23 Dec 2013 19:34:09 -0800 (PST)
Received: from entima.net (entima.net [78.129.143.175]) by ietfa.amsl.com (Postfix) with ESMTP id 8B08A1AE3BD for <cfrg@irtf.org>; Mon, 23 Dec 2013 19:34:08 -0800 (PST)
Received: from [10.10.42.10] (cpc5-derb12-2-0-cust796.8-3.cable.virginm.net [82.31.91.29]) by entima.net (Postfix) with ESMTPSA id 797BC600FD for <cfrg@irtf.org>; Tue, 24 Dec 2013 03:34:03 +0000 (GMT)
Message-ID: <52B900B3.9040908@akr.io>
Date: Tue, 24 Dec 2013 03:34:11 +0000
From: Alyssa Rowan <akr@akr.io>
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.2.0
MIME-Version: 1.0
To: cfrg@irtf.org
References: <CACsn0ckyKisPzbVyQDkH-iR2rEwZvtojFpxx+sm=-Y3so7hFTg@mail.gmail.com>
In-Reply-To: <CACsn0ckyKisPzbVyQDkH-iR2rEwZvtojFpxx+sm=-Y3so7hFTg@mail.gmail.com>
X-Enigmail-Version: 1.6
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Subject: Re: [Cfrg] What is the standard we are going to apply?
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Tue, 24 Dec 2013 03:34:11 -0000

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On 23 Dec 2013 17:00, Watson Ladd wrote:

> [...] I feel the CFRG should take a more proactive stance on being 
> "the crypto people" at the IETF/IRTF, and should use this position 
> to promote stronger cryptography with better guarantees than what 
> has existed so far in the IETF.

You, John, and others have mentioned a strong desire for protocols
and/or primitives being evaluated to have well-vetted proofs:
in standard model if possible, else random oracle; and side-channel
resistance (i.e. suitability for constant-time implementation, etc).

That sounds to me like an excellent idea, wherever it is practical.

No matter what adversary might seek to interfere, and whether they're
RFC3514 compliant or not when doing it, a protocol or primitive with a
solid proof is more transparently, demonstrably effective than one
without one.

- -- 
/akr
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJSuQCzAAoJEOyEjtkWi2t6tjYQALIP6BPit91A0fUsHDNujDk3
wN8fbFFtK1ZLpuqzAE7muF0iJMk8FrFwkGuRZnJt0XYkfz8nIniW5f0T35i6mulX
VdjtCNmlBWT3StBq3aTrhQ9VteUOd6P4/i5UmnYwjMMqdb+3NV5V55TRXDPzzXp6
kOYdRz6xw4vzf376oNGL37byN5WB2a2/VAyWTg0PaXQFqWki/u9OkhPi1tArgesk
vNg65mKafBB0Bdj8w0v20vA1FT/3gmS+zz8rykqTBBduDABNIPtLfad7YJ9zJLlS
CAZKEttlmDxgDqBHAtvwTw8dqjoiW3AXSp90X+1Q66y1+Ififhuf1uDqUjP/i0AF
4/QDf3OWsBHI6mR13JxRoQJbDggY013Qu4iYeU5sSTWhWAne5/aOnOkhPXgGSgbS
6lky6L+uF8eBAqVZy5FAtgcQkiyulhfYcQoe58jkr9ho0cQ2GL1lOgUqLu1hi6bN
52DkGP31TW8hgY3Grd+seVRDTSP8uqQLR0bPHLobkS2e2ljPSMDSyrZuwVgWdDWo
9j33GbOLXJ98zJNivNwxLOBVTRudMVAp7hAdN/J2Lv/6KvlMoDObs32JfcaJCxbu
t/RE9OjdoCXNVuoey58VTtaAaArLukTTOBo8x6Sh4K0hqdtdez3WC8lVnWotmBou
xWIl2lZE/fQUbEQ4hbbN
=mFbI
-----END PGP SIGNATURE-----