Re: [Cfrg] CFRG and thwarting pervasive montoring

Stephen Farrell <stephen.farrell@cs.tcd.ie> Sun, 29 December 2013 21:27 UTC

Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 17EAF1AE300 for <cfrg@ietfa.amsl.com>; Sun, 29 Dec 2013 13:27:05 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.438
X-Spam-Level:
X-Spam-Status: No, score=-2.438 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.538] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZMSH085dSmJQ for <cfrg@ietfa.amsl.com>; Sun, 29 Dec 2013 13:27:01 -0800 (PST)
Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) by ietfa.amsl.com (Postfix) with ESMTP id BED261AE2F7 for <cfrg@irtf.org>; Sun, 29 Dec 2013 13:27:01 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id 257A1BE29; Sun, 29 Dec 2013 21:26:55 +0000 (GMT)
X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie
Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id X9lnFB3mQQTT; Sun, 29 Dec 2013 21:26:54 +0000 (GMT)
Received: from [10.87.48.14] (unknown [86.42.18.6]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id 14765BE1C; Sun, 29 Dec 2013 21:26:54 +0000 (GMT)
Message-ID: <52C09394.9080500@cs.tcd.ie>
Date: Sun, 29 Dec 2013 21:26:44 +0000
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.2.0
MIME-Version: 1.0
To: Paul Hoffman <paul.hoffman@vpnc.org>
References: <CAGZ8ZG2f9QHX40RcB8aajWvEfG0Gh_uewu2Rq7bQGHYNx6cOmw@mail.gmail.com> <52C07436.2040709@cs.tcd.ie> <04C32948-02A2-44F4-B4C1-CF29D4146715@vpnc.org>
In-Reply-To: <04C32948-02A2-44F4-B4C1-CF29D4146715@vpnc.org>
X-Enigmail-Version: 1.6
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Cc: "cfrg@irtf.org" <cfrg@irtf.org>
Subject: Re: [Cfrg] CFRG and thwarting pervasive montoring
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Sun, 29 Dec 2013 21:27:05 -0000

On 12/29/2013 09:12 PM, Paul Hoffman wrote:
> On Dec 29, 2013, at 11:12 AM, Stephen Farrell
> <stephen.farrell@cs.tcd.ie>; wrote:
> 
>> . . .
> 
>> I would love to see ongoing detailed work within CFRG as to how to
>> counter pervasive monitoring.
> 
> Wearing your perpass hat, how can CFRG help? I ask this because I
> have seen little on the perpass mailing list that indicated that an
> even minor problem has been lack of crypto, or the use of crypto that
> is thought to be breakable. What type of crypto research or
> assessment would help perpass?
> 
> Note that deprecating the use of crypto that is widely known to be
> broken is the purview of IETF WGs, not the CFRG. The relevant WGs
> (particularly TLS) seem to already be doing that.

One question might be whether some modes of operation are
really inherently more likely to have side-channels in their
implementation or not and whether the impact of that might
be practically usable by an attacker.

Another might relate to whether things like nonces might
provide a way for borked implementations to leak key bits
and if so, whether there are practical ways for susceptible
protocols to mitigate that, or bits of advice that should
be included in such protocol specs. (And finding some
susceptible protocols would be cool too if CFRG folks were
willing.)

I'm sure clever folk can come up with more once they start
to think about it.

S.


> 
> --Paul Hoffman
>