IETF Logo Mail Archive

[CFRG] Re: I-D Action: draft-irtf-cfrg-rsa-guidance-01.txt

Alicja Kario <hkario@redhat.com> Tue, 03 September 2024 18:24 UTC

Return-Path: <hkario@redhat.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C06AAC1DFD25 for <cfrg@ietfa.amsl.com>; Tue, 3 Sep 2024 11:24:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.251
X-Spam-Level:
X-Spam-Status: No, score=-2.251 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.148, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=redhat.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gVyx8Ds3Re7r for <cfrg@ietfa.amsl.com>; Tue, 3 Sep 2024 11:24:29 -0700 (PDT)
Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0D980C18DB9C for <cfrg@ietf.org>; Tue, 3 Sep 2024 11:24:28 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1725387867; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=E9ZiM+27uEghGT+Yc49or0NSdvRfH/FTOWvCCdX6Fnc=; b=OxWyd5Gvqllq88MdEYp9bTITOKPdlwev8JiX8Rr2Yf2uf6n/Ycd/5LcKna0VfOH6pRePu3 ba79VU9CfRgxBdCNI30gs/OvgfGf01MuCKZ+exRBvcpSv1FFvOcciqdzsEFcVKEoKwL2EI Llps2GD8VE1ti4csPuk8Qk7Xzoa5a4A=
Received: from mail-wr1-f69.google.com (mail-wr1-f69.google.com [209.85.221.69]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-98-PbLiwc96NjWXiQTNSpipYQ-1; Tue, 03 Sep 2024 14:24:26 -0400
X-MC-Unique: PbLiwc96NjWXiQTNSpipYQ-1
Received: by mail-wr1-f69.google.com with SMTP id ffacd0b85a97d-3756212a589so1082387f8f.2 for <cfrg@ietf.org>; Tue, 03 Sep 2024 11:24:26 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1725387865; x=1725992665; h=content-transfer-encoding:user-agent:organization:references :in-reply-to:message-id:mime-version:date:subject:cc:to:from :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=yr6Qa2fP+ooRJachRLwCyr7qyu1ZggjfNat/FFJERIg=; b=l0/HreKeXZvmqNe/1yEMdYbjmQ79a6ur6N0yirgXjxSVTq1fVfygUZ9/tWnD6VfFAH zzb1sXZkazI1ydaq1It+eXDzZJJLvGAjlkbxYg2wV5yle8nd/BJazqgZS8W6zx/gu1F3 P3AS3ivuT0OnsP+P7cVtKouXJcdh0WnE5h/IPBtlGFobuUE5iL7GFTndK9o8a4NkSiPB 6UG0Oe1m2pAsDzRLfBLpMUwtSnTbH7pB/SB/Oo38tgHxWs2H13HMHm8lhoeIElIfvD4P TPSnICkIVQmruf7rBgu3149ozAuJ0/938XdVB4jQNOMceg7zCJIV5v4iFGI4Ua1prziP Ys6w==
X-Forwarded-Encrypted: i=1; AJvYcCX1KxJ8TIwD6tX8Ncf49u7agRRiDf5xGRq/Qs3T39GVbrkWeOfIn9SD9gLjxe0Oq/na/9/z@ietf.org
X-Gm-Message-State: AOJu0YyFg/xdvF6Z67i5QslKViUm08xpXRgG2e8I30rcXfUj5v6a/R8g gKPeNLNkoePa4koWgVrjzsRspgaNicZL7FWfdOjv9Of+kr9QCWNQ1NdFQg5OQuFEsnFXYLkX0fe qe4W7p2a1QwRFIiQA7BpXKKNJygFproGQwkWE3yIGqKmNkIv8Uw==
X-Received: by 2002:adf:e444:0:b0:374:c1de:5511 with SMTP id ffacd0b85a97d-374c1de5874mr7028100f8f.3.1725387864888; Tue, 03 Sep 2024 11:24:24 -0700 (PDT)
X-Google-Smtp-Source: AGHT+IHM430ZNbwHlVf7vpfetZHv7Z4R2rx4g8/ZdVVMDZ9/4e9YjVrdpcE3rfba56vU/KpNyjKOLw==
X-Received: by 2002:adf:e444:0:b0:374:c1de:5511 with SMTP id ffacd0b85a97d-374c1de5874mr7028084f8f.3.1725387864288; Tue, 03 Sep 2024 11:24:24 -0700 (PDT)
Received: from localhost (ip-94-112-13-93.bb.vodafone.cz. [94.112.13.93]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-374c602bd97sm7995442f8f.20.2024.09.03.11.24.23 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 03 Sep 2024 11:24:24 -0700 (PDT)
From: Alicja Kario <hkario@redhat.com>
To: internet-drafts@ietf.org
Date: Tue, 03 Sep 2024 20:24:23 +0200
MIME-Version: 1.0
Message-ID: <02e9a51e-b938-49f2-b832-de4d3ec575ee@redhat.com>
In-Reply-To: <172538719711.1420249.4393971363081609427@dt-datatracker-68b7b78cf9-q8rsp>
References: <172538719711.1420249.4393971363081609427@dt-datatracker-68b7b78cf9-q8rsp>
Organization: Red Hat
User-Agent: Trojita/0.7-git; Qt/5.15.13; xcb; Linux; Fedora release 39 (Thirty Nine)
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: quoted-printable
Message-ID-Hash: BSAYUZHA2MDUVVMCG3RSY62DRTGEE5QV
X-Message-ID-Hash: BSAYUZHA2MDUVVMCG3RSY62DRTGEE5QV
X-MailFrom: hkario@redhat.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-cfrg.irtf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: i-d-announce@ietf.org, cfrg@ietf.org
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [CFRG] Re: I-D Action: draft-irtf-cfrg-rsa-guidance-01.txt
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/td6o0zPcqiqze0EQH5SQWASsZYw>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Owner: <mailto:cfrg-owner@irtf.org>
List-Post: <mailto:cfrg@irtf.org>
List-Subscribe: <mailto:cfrg-join@irtf.org>
List-Unsubscribe: <mailto:cfrg-leave@irtf.org>

Hello,

In the main body of the draft there were just few minor changes:
few typos fixed.

The main change in revision 01 is the addition of actual test vectors
for the 2048 bit RSA key.

As I've also wrote automated tests to verify the correctness of them,
it took me a bit more than I expected, you can find those here:
https://github.com/tlsfuzzer/tlslite-ng/pull/528
That's also the reason why I haven't added test vectors for other
key sizes yet.

Please provide comments if this format of the test vectors is
OK/acceptable, and I'll add the other key sizes a bit later.

On Tuesday, 3 September 2024 20:13:17 CEST, internet-drafts@ietf.org wrote:
> Internet-Draft draft-irtf-cfrg-rsa-guidance-01.txt is now available. It is a
> work item of the Crypto Forum (CFRG) RG of the IRTF.
>
>    Title:   Implementation Guidance for the PKCS #1 RSA 
> Cryptography Specification
>    Author:  Alicja Kario
>    Name:    draft-irtf-cfrg-rsa-guidance-01.txt
>    Pages:   23
>    Dates:   2024-09-03
>
> Abstract:
>
>    This document specifies additions and amendments to RFC 8017.
>    Specifically, it provides guidance to implementers of the standard to
>    protect against side-channel attacks.  It also deprecates the RSAES-
>    PKCS-v1_5 encryption scheme, but provides an alternative depadding
>    algorithm that protects against side-channel attacks raising from
>    users of vulnerable APIs.  The purpose of this specification is to
>    increase security of RSA implementations.
>
> The IETF datatracker status page for this Internet-Draft is:
> https://datatracker.ietf.org/doc/draft-irtf-cfrg-rsa-guidance/
>
> There is also an HTMLized version available at:
> https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-rsa-guidance-01
>
> A diff from the previous version is available at:
> https://author-tools.ietf.org/iddiff?url2=draft-irtf-cfrg-rsa-guidance-01
>
> Internet-Drafts are also available by rsync at:
> rsync.ietf.org::internet-drafts
>
>

-- 
Regards,
Alicja (nee Hubert) Kario
Principal Quality Engineer, RHEL Crypto team
Web: www.cz.redhat.com
Red Hat Czech s.r.o., Purkyňova 115, 612 00, Brno, Czech Republic

v2.43.4 | Report a Bug | By Email | System Status