Re: [Cfrg] matching AES security
James Cloos <cloos@jhcloos.com> Wed, 30 July 2014 21:00 UTC
Return-Path: <cloos@jhcloos.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5B1871A049F for <cfrg@ietfa.amsl.com>; Wed, 30 Jul 2014 14:00:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.002
X-Spam-Level:
X-Spam-Status: No, score=-2.002 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id viqwNyL7gDGd for <cfrg@ietfa.amsl.com>; Wed, 30 Jul 2014 14:00:39 -0700 (PDT)
Received: from ore.jhcloos.com (ore.jhcloos.com [IPv6:2604:2880::b24d:a297]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E99F61A046A for <cfrg@irtf.org>; Wed, 30 Jul 2014 14:00:38 -0700 (PDT)
Received: by ore.jhcloos.com (Postfix, from userid 10) id 643011DF52; Wed, 30 Jul 2014 21:00:37 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=jhcloos.com; s=ore14; t=1406754037; bh=3OR3hFELAsJPyH0YAJSMR81QlXhDeUvFdKugcakXa4s=; h=From:To:Cc:Subject:In-Reply-To:References:Date:From; b=bzpAzseP7UR32TWfnnHNX6RckDyk2safIoatNfn3kjMf/kL4HggW/rQM3iluMqoaz dwf9JNzIlfSE5YrkxGw5AEvu0SZKTT+eYZt7MnH4PyZWYwW8lDaEbmp0fVgujN94WG yc1w9aDBSdUYr69kR69hkEXtIS/jbGQ8ggxg1gjs=
Received: by carbon.jhcloos.org (Postfix, from userid 500) id 183AC60021; Wed, 30 Jul 2014 20:55:47 +0000 (UTC)
From: James Cloos <cloos@jhcloos.com>
To: Phillip Hallam-Baker <phill@hallambaker.com>
In-Reply-To: <CAMm+LwieafzTxEh-_XDT+Y+Zu8Aor6rQs8xkb_VtV57Yk5jTuA@mail.gmail.com> (Phillip Hallam-Baker's message of "Wed, 30 Jul 2014 14:08:28 -0400")
References: <20140730123336.29011.qmail@cr.yp.to> <53D8FBDB.4060601@htt-consult.com> <20140730163409.GH28679@cph.win.tue.nl> <CAMm+LwieafzTxEh-_XDT+Y+Zu8Aor6rQs8xkb_VtV57Yk5jTuA@mail.gmail.com>
User-Agent: Gnus/5.130012 (Ma Gnus v0.12) Emacs/24.4.50 (gnu/linux)
Face: iVBORw0KGgoAAAANSUhEUgAAABAAAAAQAgMAAABinRfyAAAACVBMVEX///8ZGXBQKKnCrDQ3 AAAAJElEQVQImWNgQAAXzwQg4SKASgAlXIEEiwsSIYBEcLaAtMEAADJnB+kKcKioAAAAAElFTkSu QmCC
Copyright: Copyright 2014 James Cloos
OpenPGP: 0x997A9F17ED7DAEA6; url=https://jhcloos.com/public_key/0x997A9F17ED7DAEA6.asc
OpenPGP-Fingerprint: E9E9 F828 61A4 6EA9 0F2B 63E7 997A 9F17 ED7D AEA6
Date: Wed, 30 Jul 2014 16:55:47 -0400
Message-ID: <m38unawoq4.fsf@carbon.jhcloos.org>
Lines: 23
MIME-Version: 1.0
Content-Type: text/plain
X-Hashcash: 1:28:140730:phill@hallambaker.com::3Tj63Ny9N3qRJTkg:0000000000000000000000000000000000000004t8AO
X-Hashcash: 1:28:140730:tanja@hyperelliptic.org::G144rjO7SR3mcEDT:00000000000000000000000000000000000003KcNF
X-Hashcash: 1:28:140730:cfrg@irtf.org::Xm7bRondC4hSdjvw:000ByU0v
X-Hashcash: 1:28:140730:rgm-sec@htt-consult.com::KxFqb3w1ekGvZQqC:0000000000000000000000000000000000000P/Djy
Archived-At: http://mailarchive.ietf.org/arch/msg/cfrg/jqRz46KtPkZQC2qNCtalWpOGZEU
Cc: cfrg@irtf.org, Robert Moskowitz <rgm-sec@htt-consult.com>
Subject: Re: [Cfrg] matching AES security
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Wed, 30 Jul 2014 21:00:40 -0000
>>>>> "PH" == Phillip Hallam-Baker <phill@hallambaker.com> writes: PH> To me, rekey implies rebuilding the authentication relationship PH> between the end points. Thats a lot more work. I don't think that meshes with what most of the participants in the tls1.3 discussion think. My understanding of all of the rekey-instead-of-renegotiate threads is that everyone who wants that expects to use the same algorithm initially used to negotiate the symmetric key to negotiate a new one without any changes to which symmetric algorithm is used, or to any authentication which took place at the start. So it seems that there is significant interest in just changing the symmetric keys every so often for long-running tls sockets. [Not commenting on whether that change should occur, just on that which everyone on the tls list seems to write about.] -JimC -- James Cloos <cloos@jhcloos.com> OpenPGP: 0x997A9F17ED7DAEA6
- [Cfrg] matching AES security D. J. Bernstein
- Re: [Cfrg] matching AES security Robert Moskowitz
- Re: [Cfrg] matching AES security Natanael
- Re: [Cfrg] matching AES security Tanja Lange
- Re: [Cfrg] matching AES security Paul Lambert
- Re: [Cfrg] matching AES security Benjamin Black
- Re: [Cfrg] matching AES security Blumenthal, Uri - 0558 - MITLL
- Re: [Cfrg] matching AES security Phillip Hallam-Baker
- Re: [Cfrg] matching AES security Watson Ladd
- Re: [Cfrg] matching AES security Blumenthal, Uri - 0558 - MITLL
- Re: [Cfrg] matching AES security Michael Hamburg
- Re: [Cfrg] matching AES security Andrey Jivsov
- Re: [Cfrg] matching AES security Andy Lutomirski
- Re: [Cfrg] matching AES security Andy Lutomirski
- Re: [Cfrg] matching AES security Michael Hamburg
- Re: [Cfrg] matching AES security Sandy Harris
- Re: [Cfrg] matching AES security James Cloos
- Re: [Cfrg] matching AES security Blumenthal, Uri - 0558 - MITLL
- Re: [Cfrg] matching AES security Nico Williams
- Re: [Cfrg] matching AES security Blumenthal, Uri - 0558 - MITLL
- Re: [Cfrg] matching AES security Phillip Hallam-Baker
- Re: [Cfrg] matching AES security Watson Ladd
- Re: [Cfrg] matching AES security Johannes Merkle
- Re: [Cfrg] matching AES security Robert Moskowitz
- Re: [Cfrg] matching AES security Brian Smith
- Re: [Cfrg] matching AES security Peter Gutmann
- Re: [Cfrg] matching AES security Andrey Jivsov
- Re: [Cfrg] matching AES security Watson Ladd
- Re: [Cfrg] matching AES security Alex Elsayed
- Re: [Cfrg] matching AES security Peter Gutmann
- Re: [Cfrg] matching AES security Alyssa Rowan
- Re: [Cfrg] matching AES security Phillip Hallam-Baker
- Re: [Cfrg] matching AES security Dan Brown
- Re: [Cfrg] matching AES security Dan Harkins
- Re: [Cfrg] matching AES security Ilari Liusvaara
- Re: [Cfrg] matching AES security D. J. Bernstein