Re: [Cfrg] FIPS or equivalent approvals
Phillip Hallam-Baker <phill@hallambaker.com> Tue, 29 July 2014 18:24 UTC
Return-Path: <hallam@gmail.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E2A801B29AD for <cfrg@ietfa.amsl.com>; Tue, 29 Jul 2014 11:24:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.278
X-Spam-Level:
X-Spam-Status: No, score=-1.278 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FM_FORGED_GMAIL=0.622, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EcCNwSRiEEwa for <cfrg@ietfa.amsl.com>; Tue, 29 Jul 2014 11:24:15 -0700 (PDT)
Received: from mail-lb0-x22d.google.com (mail-lb0-x22d.google.com [IPv6:2a00:1450:4010:c04::22d]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BC1B01B2900 for <cfrg@irtf.org>; Tue, 29 Jul 2014 11:24:14 -0700 (PDT)
Received: by mail-lb0-f173.google.com with SMTP id p9so36850lbv.32 for <cfrg@irtf.org>; Tue, 29 Jul 2014 11:24:13 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc:content-type:content-transfer-encoding; bh=cNGdvvarQjFIuCBA2kRrG3YY6mx9pmGrmIHlGiudiqk=; b=mHF/KRMq6IBJl3dR2u8ombZWz+cFFYLcWHf2O9FFXtk/nmkUJwaFTpXWbOY1lQHywj GLGCuRLp6tHkRMbkzdwKqVsuXyM0ouVU/PVyMxJzztWu2Vi7xtlB/p+WGukerSeg2dpm Zn51Y849jKEnxxWeduDdCwThl3sSVp+PjgYkqlnJHY9VKiOxHvWuIv9CARozkdwrO4Df lS2gg/VqsXA4KKMqCdcIcyhb673fJXw1yFgBrs93XVUmsmRVAkE5f+dLMhHg5bE5E5/s 9Bh2OedhxwYsFtDDsv+Jy6jZ+nYrDntTEEFgGXst2Ooa0bwZRULQRzTVji1GgSN2Se6s EI2Q==
MIME-Version: 1.0
X-Received: by 10.152.116.73 with SMTP id ju9mr1273453lab.24.1406658252862; Tue, 29 Jul 2014 11:24:12 -0700 (PDT)
Sender: hallam@gmail.com
Received: by 10.112.122.50 with HTTP; Tue, 29 Jul 2014 11:24:12 -0700 (PDT)
In-Reply-To: <53D7E119.7040209@akr.io>
References: <CAMm+LwhYWfP30=rdYQoVZ=Ns8dCn2HdjKLLPCP7Yw540eifvOg@mail.gmail.com> <53D7E119.7040209@akr.io>
Date: Tue, 29 Jul 2014 14:24:12 -0400
X-Google-Sender-Auth: hoM7lH3olkzuzvwEaw20e96uIp4
Message-ID: <CAMm+LwhUyHYD1h6Cj8L3s+N4t9rcszusycjGJ0RQXVxKdoG6sw@mail.gmail.com>
From: Phillip Hallam-Baker <phill@hallambaker.com>
To: Alyssa Rowan <akr@akr.io>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: http://mailarchive.ietf.org/arch/msg/cfrg/kFoOejisv5ZTPoKTyt4Je6ftiBk
Cc: "cfrg@irtf.org" <cfrg@irtf.org>
Subject: Re: [Cfrg] FIPS or equivalent approvals
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Tue, 29 Jul 2014 18:24:16 -0000
On Tue, Jul 29, 2014 at 1:59 PM, Alyssa Rowan <akr@akr.io> wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA512 > > On 29/07/2014 16:03, Phillip Hallam-Baker wrote: > >> trustworthy HSMs > > A mammoth problem, and not one I believe CFRG is really in a position > to solve. > > Given EDGEHILL and BULLRUN and related concerns about the CESG/FIPS > validation processes, I feel a HSM/smartcard/token design actually > worthy of third-party trust would need: > > • Open, transparent, public open-source design, from software down as > far as practical - right down past the mask to the gate/process level > if possible; > > • To be publicly and independently tested, verified and verifiable; > > • To be practically immune to all known or reasonably speculated > attacks It isn't just the US up to these things. Before the PRISM disclosures I spent a lot of time with some people whose names would be familiar looking at the problem of stopping them doing unto the US what we now know they were doing unto others (including US companies). Supply chain is a hard problem. But not being able to guarantee that the crypto has not been bongoed by Fort Meade does not mean that I want to accept the risk of being able to extract a valuable root key. That would be a major personal safety risk.
- [Cfrg] FIPS or equivalent approvals Phillip Hallam-Baker
- Re: [Cfrg] FIPS or equivalent approvals Paul Hoffman
- Re: [Cfrg] FIPS or equivalent approvals Salz, Rich
- Re: [Cfrg] FIPS or equivalent approvals Robert Moskowitz
- Re: [Cfrg] FIPS or equivalent approvals Alyssa Rowan
- Re: [Cfrg] FIPS or equivalent approvals Phillip Hallam-Baker
- Re: [Cfrg] FIPS or equivalent approvals Phillip Hallam-Baker
- Re: [Cfrg] FIPS or equivalent approvals Salz, Rich
- Re: [Cfrg] FIPS or equivalent approvals David Jacobson
- Re: [Cfrg] FIPS or equivalent approvals David Jacobson
- Re: [Cfrg] FIPS or equivalent approvals Randy Bush