Re: [Cfrg] I updated 3 drafts related to a FSU KeyEX

"Blumenthal, Uri - 0553 - MITLL" <uri@ll.mit.edu> Thu, 28 April 2016 14:37 UTC

Return-Path: <prvs=4926586283=uri@ll.mit.edu>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6C17912D160 for <cfrg@ietfa.amsl.com>; Thu, 28 Apr 2016 07:37:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.195
X-Spam-Level:
X-Spam-Status: No, score=-5.195 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.996, UNPARSEABLE_RELAY=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 612wx4NdZuTr for <cfrg@ietfa.amsl.com>; Thu, 28 Apr 2016 07:37:16 -0700 (PDT)
Received: from llmx2.ll.mit.edu (LLMX2.LL.MIT.EDU [129.55.12.48]) by ietfa.amsl.com (Postfix) with ESMTP id 6C0DF12D7FD for <cfrg@irtf.org>; Thu, 28 Apr 2016 07:36:37 -0700 (PDT)
Received: from LLE2K10-HUB01.mitll.ad.local (LLE2K10-HUB01.mitll.ad.local) by llmx2.ll.mit.edu (unknown) with ESMTP id u3SEZ1F0001029 for <cfrg@irtf.org>; Thu, 28 Apr 2016 10:35:01 -0400
From: "Blumenthal, Uri - 0553 - MITLL" <uri@ll.mit.edu>
To: "cfrg@irtf.org" <cfrg@irtf.org>
Thread-Topic: [Cfrg] I updated 3 drafts related to a FSU KeyEX
Thread-Index: AQHRoGmZwh+3GQx6nk2zbI/XYWXK6Z+fNMUAgAAfOACAAA5fAIAACPmAgAACDICAAAh/gA==
Date: Thu, 28 Apr 2016 14:36:35 +0000
Message-ID: <D3479805.2B1E6%uri@ll.mit.edu>
References: <57208A04.4070804@po.ntts.co.jp> <7a3f5420-db18-496b-af32-e490bf6d0d80@akr.io> <CAEseHRqYNGhGaA+8HhUFDNxLc2WU=5GJf+om52RRuWwtEHUhmg@mail.gmail.com> <5721D74E.3010407@cs.tcd.ie> <5721DED5.8090608@po.ntts.co.jp> <5721E08D.7060905@cs.tcd.ie>
In-Reply-To: <5721E08D.7060905@cs.tcd.ie>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/14.6.2.160219
x-originating-ip: [172.25.177.156]
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg="sha384"; boundary="B_3544684589_36329823"
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2016-04-28_07:, , signatures=0
X-Proofpoint-Spam-Details: rule=inbound_notspam policy=inbound score=0 spamscore=0 suspectscore=0 malwarescore=0 phishscore=0 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1603290000 definitions=main-1604280206
Archived-At: <http://mailarchive.ietf.org/arch/msg/cfrg/k6F-t91UOIsa3WNQqPHJVhXOFUQ>
Subject: Re: [Cfrg] I updated 3 drafts related to a FSU KeyEX
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Thu, 28 Apr 2016 14:37:18 -0000

I agree with Alyssa and Stephen.
-- 
Regards,
Uri Blumenthal




On 4/28/16, 6:06 , "Cfrg on behalf of Stephen Farrell"
<cfrg-bounces@irtf.org on behalf of stephen.farrell@cs.tcd.ie> wrote:
>On 28/04/16 10:58, KATO Akihiro wrote:
>> Hi Stephen,
>> 
>> At FSU case, the KGC cannot get session key.
>> 
>> Look the page 7 and 8 of
>> https://www.ietf.org/proceedings/94/slides/slides-94-cfrg-0.pdf . The
>> session key encrypted ephemeral public key. If the KGC have all static
>> secret key, that cannot see session key and plain text.
>> 
>> There is no key escrow on FSU key exchange.
>
>Eh? Doesn't slide 4 show that the KGC can fake anyone since
>it generates their secret keys? That's close enough to mandatory
>key escrow for me though sure, perhaps a better term for the
>KGC rules-them-all would have been better:-)
>
>S.
>
>> 
>> Regards.
>> 
>> On 2016/04/28 18:26, Stephen Farrell wrote:
>>>
>>> Hi Mike,
>>>
>>> On 28/04/16 09:35, Michael Scott wrote:
>>>> Maybe the more accurate phrase "n uniquely attractive targets" where
>>>> n=2,3,4... doesn't carry quite the same punch!
>>>
>>> I'm sorry, but for me, it does have exactly the same
>>> punch. If there are key generators, they can collude
>>> or be coerced. Or even more likely, in a realistic
>>> commercial Internet-scale deployment, it's quite likely
>>> all of them (even if operated by different entities)
>>> may be running on one or two mega-hosting platform,
>>> so there may well be only one thing to break into
>>> even if it looks like N things.
>>>
>>>  From my POV, the mandatory key escrow aspect of IBE
>>> is basically fatal for all but possibly some small
>>> set of niche applications.
>>>
>>> Cheers,
>>> S.