IETF Logo Mail Archive

Re: [Cfrg] [TLS] 3DES diediedie

Kyle Rose <krose@krose.org> Thu, 01 September 2016 18:51 UTC

Return-Path: <krose@krose.org>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4E25412D5F4 for <cfrg@ietfa.amsl.com>; Thu, 1 Sep 2016 11:51:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=krose.org
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fO8Y7pMiLsQf for <cfrg@ietfa.amsl.com>; Thu, 1 Sep 2016 11:51:41 -0700 (PDT)
Received: from mail-qt0-x22e.google.com (mail-qt0-x22e.google.com [IPv6:2607:f8b0:400d:c0d::22e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C3F4B12D572 for <cfrg@irtf.org>; Thu, 1 Sep 2016 11:51:40 -0700 (PDT)
Received: by mail-qt0-x22e.google.com with SMTP id 93so46946647qtg.2 for <cfrg@irtf.org>; Thu, 01 Sep 2016 11:51:40 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=krose.org; s=google; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=kZRYD2g+umiuqgd++GNFQmYmBfvFqFX0aeo30PgKA1E=; b=kuqJLMC5nz1Wy/cKCLyJTJe2tgGuEXdNkGB9LBsNLASaUrfqbXJiXUOeWr29B8ZXMg eKlJrnv1Pi3SdGk6TyBAaE9krVlwNunucs9dl+/nlyblB6bbBUi6jsPCJPJ1ALHB1NZj ismp0j5bwPSb4rZNQpmDfDoL+ugZDdPtQiMXE=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=kZRYD2g+umiuqgd++GNFQmYmBfvFqFX0aeo30PgKA1E=; b=kPSdoTYlDzqazK1SQxh1cCHu+A8cyi640Vl0T7Zyj7X2G1BbaerCQMySzv4cdw7ZhT L1+hpalm5MOHUg+U9hwbb8KAAfCGsgTJpWuZ1uHi39+/sH6V9Tz1vNTFnqpVxHKYDBon N3w/y7Ycc2SDZ9DlwF2V0HYenuzMCmjQNJlDpQNHK8HfIPEXlfGIozYq4bN++Gfxw9dw 2+2xt2SbBv1S1zN11nOhMNofr2RYux8N8Z8uNaaUTiuddrocfu1g8rmvsjzitIxSXKHB gaWM6/o2CKwhmbdsx0T2zCRXG5XfRFdTlGVVfl6f+JwKIQlZlh5AnYCRKGOts6OPGLL5 RE8g==
X-Gm-Message-State: AE9vXwPZeDhtfXtr+q7Bq+BYh9+OhdmCC/ytl4L+N7rDjeBAxpf8gZ7SdaGR15cMzHbIgGSRz885F4fiqb8+pw==
X-Received: by 10.200.57.108 with SMTP id t41mr19851218qtb.33.1472755899795; Thu, 01 Sep 2016 11:51:39 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.55.130.197 with HTTP; Thu, 1 Sep 2016 11:51:38 -0700 (PDT)
X-Originating-IP: [64.134.52.145]
In-Reply-To: <2123223.JzJ8ujFHJJ@pintsize.usersys.redhat.com>
References: <CAHOTMV+r5PVxqnSozYyqJqq_YocMKV06aAa-43t+5Huzh7Lo=A@mail.gmail.com> <b2fb4b70-7b65-2d6c-2073-c9db8d86f608@cs.tcd.ie> <9A043F3CF02CD34C8E74AC1594475C73F4D053AB@uxcn10-5.UoA.auckland.ac.nz> <2123223.JzJ8ujFHJJ@pintsize.usersys.redhat.com>
From: Kyle Rose <krose@krose.org>
Date: Thu, 01 Sep 2016 11:51:38 -0700
Message-ID: <CAJU8_nWjVCERgK-rv9iAQsmGkhfpQUJXLp2Vqvg-6d58LV+RSQ@mail.gmail.com>
To: Hubert Kario <hkario@redhat.com>
Content-Type: multipart/alternative; boundary="001a113f3d023feac7053b76b45b"
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/iC1wtgQtB1DuGk9kTKhUHweHyA4>
Cc: "David McGrew (mcgrew)" <mcgrew@cisco.com>, "cfrg@irtf.org" <cfrg@irtf.org>, "<tls@ietf.org>" <tls@ietf.org>, Peter Gutmann <pgut001@cs.auckland.ac.nz>
Subject: Re: [Cfrg] [TLS] 3DES diediedie
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Thu, 01 Sep 2016 18:51:43 -0000

On Mon, Aug 29, 2016 at 5:00 AM, Hubert Kario <hkario@redhat.com> wrote:

>
> we have enough problems weeding out implementation mistakes in TLS, we
> don't
> need yet another protocol and two dozen implementations that come with it
>

Strongly agreed.

Focusing energy on getting "something" working for low-power devices is
putting the cart before the horse. Security has to be a primary objective
here, in the standards world in general and in CFRG in particular. We can
surely consider tradeoffs---more frequent key rotations, security
guarantees reduced in a well-defined way, shorter lifetimes for
credentials, etc.---but these should be explicitly chosen, not determined
after the fact based on what happened to be in our toolbox at the time.
Keeping 3DES around in a general-purpose protocol headed for
standardization in spite of the known problems with small block sizes is
almost certain to create more work in the coming years for everyone simply
to benefit implementors of systems for which security is clearly not the
primary concern.

>From following the discussion, low power crypto seems like a research area
at this point, not an implementation effort. (Of course, the flaws in
whatever ill-advised schemes get implemented will generate their own
research efforts and inevitable transitive trust problems with supposedly
more-secure systems. Alas, we haven't yet figured out a way to keep people
from generating sufficient rope to hang themselves with.)

Kyle

v2.43.4 | Report a Bug | By Email | System Status