Re: [CFRG] Psychic Signatures
Peter Gutmann <pgut001@cs.auckland.ac.nz> Thu, 21 April 2022 06:25 UTC
Return-Path: <pgut001@cs.auckland.ac.nz>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8184D3A00DF for <cfrg@ietfa.amsl.com>; Wed, 20 Apr 2022 23:25:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.904
X-Spam-Level:
X-Spam-Status: No, score=-1.904 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3YS7U0eO915q for <cfrg@ietfa.amsl.com>; Wed, 20 Apr 2022 23:25:26 -0700 (PDT)
Received: from au-smtp-delivery-117.mimecast.com (au-smtp-delivery-117.mimecast.com [103.96.23.117]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9956F3A0045 for <cfrg@irtf.org>; Wed, 20 Apr 2022 23:25:24 -0700 (PDT)
Received: from AUS01-SY4-obe.outbound.protection.outlook.com (mail-sy4aus01lp2176.outbound.protection.outlook.com [104.47.71.176]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id au-mta-108-5pdqBpMUNkOgcxQ2CrTLeg-1; Thu, 21 Apr 2022 16:25:21 +1000
X-MC-Unique: 5pdqBpMUNkOgcxQ2CrTLeg-1
Received: from SY4PR01MB6251.ausprd01.prod.outlook.com (2603:10c6:10:10b::10) by ME3PR01MB7896.ausprd01.prod.outlook.com (2603:10c6:220:186::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5186.13; Thu, 21 Apr 2022 06:25:20 +0000
Received: from SY4PR01MB6251.ausprd01.prod.outlook.com ([fe80::b1ff:c012:f28a:c1a0]) by SY4PR01MB6251.ausprd01.prod.outlook.com ([fe80::b1ff:c012:f28a:c1a0%9]) with mapi id 15.20.5186.014; Thu, 21 Apr 2022 06:25:20 +0000
From: Peter Gutmann <pgut001@cs.auckland.ac.nz>
To: Phillip Hallam-Baker <phill@hallambaker.com>, IRTF CFRG <cfrg@irtf.org>
CC: Peter Gutmann <pgut001@cs.auckland.ac.nz>
Thread-Topic: [CFRG] Psychic Signatures
Thread-Index: AQHYVNnTrRXxz2Yo1UGZx8lZbXvhuaz55yCO
Date: Thu, 21 Apr 2022 06:25:20 +0000
Message-ID: <SY4PR01MB62519FEA53D39AABAF0BD0F4EEF49@SY4PR01MB6251.ausprd01.prod.outlook.com>
References: <CAMm+LwhBJXmtXqDbhibMOPwumzSzOvu40SXwnUXm5QgUsLW58A@mail.gmail.com>
In-Reply-To: <CAMm+LwhBJXmtXqDbhibMOPwumzSzOvu40SXwnUXm5QgUsLW58A@mail.gmail.com>
Accept-Language: en-NZ, en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels:
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: f0aa9aeb-ae4f-4a75-78bb-08da235fb5b4
x-ms-traffictypediagnostic: ME3PR01MB7896:EE_
x-ms-exchange-atpmessageproperties: SA|SL
x-microsoft-antispam-prvs: <ME3PR01MB78969E00F152E43FFDB705D3EEF49@ME3PR01MB7896.ausprd01.prod.outlook.com>
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0
x-microsoft-antispam-message-info: 1KWbyYFPXa/O7+0oKL1Xl5YjXGpEAorV3uvw4ZuhaZQ2ZoDHcXHZBgJ/vHCcxa7aA8UD0D7UbX+KNXQdaOobMGbx2/yV/k+V1B9Mf0B7L8+ejI0kNZ2EahfNguqMs6avZb2V9wl32cbMkN3Yg3YKA6C3FX99aTTbyJS52R5JRjC51LTbYE4PJn5IcEGqCeZAKofT8zRnn2s0LziNRGSmQncrIvUDiym2uIUZkWSWLG8rXgipgGVRRuYiQywvqO5vCqJK9CjXB7qp55WWqmn91W4Ro5+oZyF2AlSgFj7D9pVFmhTikgL7RLV/+MTWbTndmuG3/9tILSY89Srdyh2FZfy6cD3S8iopXBjuRKfMNptjEZr4Jwpt3C+XIHxYstC2KxAYfDuLY5sPhtdutbnPGxL3nY+kUtedV405UHF2hutUljfbxmCr1/gCNsdSVPyEfi3nx5xJlIYtsxTNf9VwxrZ+ppj5mtfEK20irjqk2XhNYflkcmcJXAJdqDJMynvQJt5l72UJm3QEvRRb99Si9ruKf0iuI/NnncWfjNH92TOGUz6POXRDKxzV/P9q2SZUkjGf+AmZW2ZQ7QrNcwq+lCMaSp+oNa9vibJGlTeyvITTWpVK9Rvz1RR0vvHQrQg9O9b0+lhRvP/9+kWoPMGLJ5FKx1EqYyhE8YT9is4kbw7NwjnKfO+A5iF7HDcefkyg9lxYqZynMiLdSDPBeJrPWg==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:SY4PR01MB6251.ausprd01.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230001)(4636009)(366004)(508600001)(122000001)(76116006)(38100700002)(66446008)(4326008)(71200400001)(66946007)(33656002)(66476007)(64756008)(66556008)(38070700005)(2906002)(5660300002)(316002)(55016003)(786003)(107886003)(7696005)(6506007)(86362001)(8936002)(26005)(52536014)(8676002)(9686003)(110136005)(83380400001)(186003)(4744005); DIR:OUT; SFP:1101
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: wS5yOtsditvG9b4WGMJcwGqnMpG/rX7xsH0PVZRWFgcRJb8/QFVu69+mUI+2QMzxm9XqZ/XR/tcFcjx4yWylwPw9PbnRQha+VWaZg0dLSWYYo2eC4NYeiNhS6o2PpR48BRFbZsg9ey7/EDlSylRLlsh2nCV9XdgmCogxy93G2YPPda90m1EOC8OolN4QuFFhAhy+/kn9qrUuyXSFDl2O2hhzLjjd7jRuxcumHFvy+Nzadk0z9c6SekFarSBKqW6SjCuDu7w+7M2Wzb7bI1OLCBvStO6/VfkJjuWnC+qNb6TXxfsa6hisn9pzwnFmZt+dUmqIQ7Di4B4ER5llYy+ReaKnfgafSRS/YcDBoPTX8q1o7vqqq8HDHreoXcu5qYLr1NrTt12QnrgKEFaI34AHsrhsQx7WvKsyTemt84jsS9JwEIC6R6Yvc0RhyjzA72ENPc03tOJ07ZoH5Kyr3YMlq/CR2ls9fEdAzFPokFFpLKRy2gOHAmyb012gtrtWylABVt0Qd8E7yTwv6Yr+tSryGSBf/+QPwJgNbLFzxh92v1+7IKdS7E9RcxCltaicOynwwfFav9y5IrfAgn0SYkAGHVoDbaaLX5TtWcsp8DGjMn5UCizI7Pa8OF9ahN3bJVaN6rkZOh8fg/gU+kyC/PFtJaq8pkpPchb6eMZTlWE/yUxak29/jmvS1p8dVolqWMWcvgS1+V/R7r/SVIgy3hTcwxscqlUFvv/a9wVWNJENRD9+qrCk3KPAYW0UBg7QfNZls3ty/sl5EUVlPh9hLQ8GP5mwVujw2or6CZkgjFlrR8MnfU3ChI+y2fw7ykx7pRcDDnmdXMYQeSoT11z3xawdIaD1Agz/0mR4ocLrdCDYJbMFlt/60Sj9Xjxyun+A3madEwAByyrY/SqdUtlDDTS8YUk0OYMRwKe+t/BQbhkIBPZr0/zHxoliuN8uE5vIl+LHW+etXbpOGFa2JOQOC1nwkr4bXQXbPNhJgZMe+6uGhhbU0ReHMIXmfAFhH+4gXh9HEGUKI35z5pb2tecCe0rgH8tvaj+X8bn9gwBjSqBP5U9YgpExyidYYDYFpRDh09YUq/8rs4M9ESVCArF3XZ7g5YVjB0eaXvETdbawZbAq1nnaAFapzU1REJ7YKXBoXHY6HSCxr5FwNDAiN8M7+hYW3TLc4wyqla1Stt+lBAtkThQxKJivc1RNPfKsJJ0s679wVLJlKnK+cnmUu+VY4YX5ajZBPGZPXJJhM1lFB5+kExsGE5Oyls+WJfUvulBHEA73ZFnMAGFkfmaNHB3v7Em7yjY5gO8LA5lLrujaPNDgG3z0ejUyN4Na1nmA3E2UXkzistRh+NMmzUqOVO9lVWPlhSM5Q78GjOMnYigoL5wHpllGUD5CYytG0dr3WJQ0pYHmNt9K331GPGkJQqcDdDigVOpxHasXBYeFoF3U2C2oHqvYiJEajWZiYafJjYcU9iXQiBmWrNdbGOt2bFuZaHQajrGsXlIvI4JhbqMhO+NkHUc0CSS9EAojqoj3gFgwzftP1y805Fj88UhS8qTcMBdidkA/SFdRaxnVsDT+HbNC0pJYvMX8PyD39YP+ypz3ZTzZO2JTP2zlMsaaKDoAQyC5KcvkM7oT14rJO6y92M8gnQ724/lqPrB4WqdK7CA35rE2OGmywTWyJZe7isDLwaPfkzYAUhtgHj0vNg41MyqBr314Tkx4OaG4/5kqC3wPKX/gmwxD/ftWf8o9/8QG/DaHSDsPL8JeLxXFHXdau/5CKOU=
MIME-Version: 1.0
X-OriginatorOrg: cs.auckland.ac.nz
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: SY4PR01MB6251.ausprd01.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: f0aa9aeb-ae4f-4a75-78bb-08da235fb5b4
X-MS-Exchange-CrossTenant-originalarrivaltime: 21 Apr 2022 06:25:20.3234 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: d1b36e95-0d50-42e9-958f-b63fa906beaa
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: dVhFd3h1040dYW6jc/iWu6bb86lCSOlDxPRXiAnHqD1DWZoHswLKAspSoMNIa3tlx9kaYqbP27E0dRwbj65SpVzYpgs0Xb2TqYKkr+Uv/zo=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: ME3PR01MB7896
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: cs.auckland.ac.nz
Content-Language: en-NZ
Content-Type: text/plain; charset="WINDOWS-1252"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/qkV7aGifPtGL2e7TY-S3dhXt0m4>
Subject: Re: [CFRG] Psychic Signatures
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Thu, 21 Apr 2022 06:25:31 -0000
Phillip Hallam-Baker <phill@hallambaker.com> writes: >So, it would be good if Oracle got the message that they should get with the >program. It's not just Oracle, it's scary how many crypto libraries and apps, so code specifically written for high-security applications, don't check their input, we have a trail of 0days going back two decades showing how dire this is. And it's not just the public stuff, I've found non-public commercial crypto code that accepts things like all-zero values, discovered via a process as simple as generating some dummy data during testing and finding that the other side unexpectedly accepts it as valid. Perhaps we need a test vector collection of bogus values that can be run past any crypto library with the implicit guarantee that if the code accepts any of them, it's broken. For the common signature algorithms, self-signed certs with invalid sigs would probably be the best mechanism. (No, I'm not volunteering to generate said test vectors). Peter.
- [CFRG] Psychic Signatures Phillip Hallam-Baker
- Re: [CFRG] Psychic Signatures Peter Gutmann
- Re: [CFRG] Psychic Signatures Eric Lagergren
- Re: [CFRG] Psychic Signatures Neil Madden
- Re: [CFRG] Psychic Signatures Peter Gutmann
- Re: [CFRG] Psychic Signatures Neil Madden
- Re: [CFRG] Psychic Signatures Phillip Hallam-Baker
- Re: [CFRG] Psychic Signatures Blumenthal, Uri - 0553 - MITLL
- Re: [CFRG] Psychic Signatures Paul Hoffman
- Re: [CFRG] Psychic Signatures Salz, Rich
- Re: [CFRG] Psychic Signatures Yolan Romailler
- Re: [CFRG] Psychic Signatures Ján Jančár
- Re: [CFRG] Psychic Signatures David Jacobson
- Re: [CFRG] Psychic Signatures Peter Gutmann
- Re: [CFRG] Psychic Signatures Mehmet Adalier
- Re: [CFRG] Psychic Signatures Mike Hamburg
- Re: [CFRG] Psychic Signatures John Bradley
- Re: [CFRG] Psychic Signatures Peter Gutmann
- Re: [CFRG] Psychic Signatures Mike Hamburg
- Re: [CFRG] Psychic Signatures Peter Dettman
- Re: [CFRG] Psychic Signatures Mike Hamburg