Re: [Cfrg] I-D Action: draft-mcgrew-hash-sigs-09.txt
"Stanislav V. Smyshlyaev" <smyshsv@gmail.com> Mon, 05 March 2018 12:13 UTC
Return-Path: <smyshsv@gmail.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6299512DA23 for <cfrg@ietfa.amsl.com>; Mon, 5 Mar 2018 04:13:27 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IfwPos5rJH4c for <cfrg@ietfa.amsl.com>; Mon, 5 Mar 2018 04:13:23 -0800 (PST)
Received: from mail-qt0-x22a.google.com (mail-qt0-x22a.google.com [IPv6:2607:f8b0:400d:c0d::22a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0B19A12DA05 for <cfrg@ietf.org>; Mon, 5 Mar 2018 04:13:23 -0800 (PST)
Received: by mail-qt0-x22a.google.com with SMTP id l25so20030001qtj.1 for <cfrg@ietf.org>; Mon, 05 Mar 2018 04:13:22 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=tnpNylMACxPT0TtgZ51L8e4eIjicGtZ54Bmr8fmCZbg=; b=p2+V/ysYYPC6jds9o3peQR7EquEC34FgZyJo1PvF0rbnXnTQqCGDzCOaXIPxp/sqCc I1PYn2JyyVnMX9HL+41Y/G6YDD0sDe7Eh2sHPHxGa7Z9G1sRzayxGQPC2FVYA+DFyHFa TenEPdT9c2CxMFy/7EtZmfcSe0kxOosACCkNLMyuXzmhOEFyiExuH9D7qpaoBoDJp+07 Uww+wAxhIznmKQy3hcvdTUq0Ik4cNVQSaOeTu7qDoNn8MoW4NI0CGmpAxT56pZwr3NaD iu44qNt1XUU9sZiNMv1g7pXkSXr/a9H1aAp8/e2DTEJVE19DfTa/0I9fjeZVoXzzsg5E AFtw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=tnpNylMACxPT0TtgZ51L8e4eIjicGtZ54Bmr8fmCZbg=; b=MkYAdTPsEcIEyIjUWh6Sq8NifAkpQWZ6YFsdtEEFc0kP4gZwI1mosVb3VWc4QtwtFv x7ys09/5aovkvDFH+sEkxkvsw12+b6vRvm4ELhWpWimhRJNGZpspF9z3bFQzq8f8J2xV FLIYgQXsJejPGzUP+DL56zxoI2pFDonRGKLJJg072RhiKiiFarscETuYN6Hl35v7Dihn V/uPdBpvHzmsmoiOmjMLAn/y7ClPeNEb8sYpE9ug4D3crj7tZt4pQVBLUKF89Q5NzdpD 1KMLrA54eNgxVPfBFW/5NSB1EP+rqGQ08DcIk0McQVHXLxLr2BnpZMAqkPrnNolD5J4L TFkw==
X-Gm-Message-State: AElRT7FUEy0ORUsKVZQ+z03IpuLnq+n0rXOsJoM4O8A7vw8GTAC4bgcc fBKAgrWERzxsQ0MGKmn4hHCKp/SY99RmNbLSSRg8iw==
X-Google-Smtp-Source: AG47ELtR2dGzLeBAPfj++mM1gdumObwk8EiGO3bHKGpNx9VaIR4Pldx7ccCme7ENppu9wbBUP/t3YconCYP8MSRLswQ=
X-Received: by 10.200.1.142 with SMTP id x14mr21176232qtf.142.1520252002164; Mon, 05 Mar 2018 04:13:22 -0800 (PST)
MIME-Version: 1.0
Received: by 10.12.212.136 with HTTP; Mon, 5 Mar 2018 04:13:21 -0800 (PST)
In-Reply-To: <AA05C305-F75B-4F4C-AF0D-22B15974BE3D@vigilsec.com>
References: <151967729012.19016.16042277050269098481@ietfa.amsl.com> <AA05C305-F75B-4F4C-AF0D-22B15974BE3D@vigilsec.com>
From: "Stanislav V. Smyshlyaev" <smyshsv@gmail.com>
Date: Mon, 05 Mar 2018 15:13:21 +0300
Message-ID: <CAMr0u6=p=Ba9h50a3zf1Hu8-FKRyyj3tOtA82-kYwQqbqctFfQ@mail.gmail.com>
To: Russ Housley <housley@vigilsec.com>
Cc: cfrg@ietf.org
Content-Type: multipart/alternative; boundary="f403045e7cfa8ee52e0566a940a1"
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/tqCUk17lIOUC7lXEBWvaglJAYhw>
Subject: Re: [Cfrg] I-D Action: draft-mcgrew-hash-sigs-09.txt
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Mon, 05 Mar 2018 12:13:33 -0000
Dear David, Michael and Scott,
Unfortunately, the current version does not address most of the concerns
mentioned in my review that I made as a Crypto Review Panel member (posted
12.11.2017 to the CFRG list).
I understand that you may not agree with all the concerns, but there
haven't been any comments on those concerns on the list.
Moreover, such obvious concerns as misprints ("pseuddorandom",
"cryptographical secure method", "and . Andreas Hulsing") have not been
addressed too.
There have also been several significant concerns, it would be great if you
could address them or at least comment them.
Have you received the message with the review?
Best regards,
Stanislav
2018-02-27 22:59 GMT+03:00 Russ Housley <housley@vigilsec.com>:
> Thanks for posting the update. I looked at the diff, and it seems like
> the posted comments were addressed. Also, the additional examples will be
> helpful.
>
> I think this document is ready to go to the IRSG and the RFC Editor.
>
> Russ
>
>
> > On Feb 26, 2018, at 3:34 PM, internet-drafts@ietf.org wrote:
> >
> >
> > A New Internet-Draft is available from the on-line Internet-Drafts
> directories.
> > This draft is a work item of the Crypto Forum RG of the IRTF.
> >
> > Title : Hash-Based Signatures
> > Authors : David McGrew
> > Michael Curcio
> > Scott Fluhrer
> > Filename : draft-mcgrew-hash-sigs-09.txt
> > Pages : 54
> > Date : 2018-02-23
> >
> > Abstract:
> > This note describes a digital signature system based on cryptographic
> > hash functions, following the seminal work in this area of Lamport,
> > Diffie, Winternitz, and Merkle, as adapted by Leighton and Micali in
> > 1995. It specifies a one-time signature scheme and a general
> > signature scheme. These systems provide asymmetric authentication
> > without using large integer mathematics and can achieve a high
> > security level. They are suitable for compact implementations, are
> > relatively simple to implement, and naturally resist side-channel
> > attacks. Unlike most other signature systems, hash-based signatures
> > would still be secure even if it proves feasible for an attacker to
> > build a quantum computer.
> >
> >
> > The IETF datatracker status page for this draft is:
> > https://datatracker.ietf.org/doc/draft-mcgrew-hash-sigs/
> >
> > There are also htmlized versions available at:
> > https://tools.ietf.org/html/draft-mcgrew-hash-sigs-09
> > https://datatracker.ietf.org/doc/html/draft-mcgrew-hash-sigs-09
> >
> > A diff from the previous version is available at:
> > https://www.ietf.org/rfcdiff?url2=draft-mcgrew-hash-sigs-09
> >
> >
> > Please note that it may take a couple of minutes from the time of
> submission
> > until the htmlized version and diff are available at tools.ietf.org.
> >
> > Internet-Drafts are also available by anonymous FTP at:
> > ftp://ftp.ietf.org/internet-drafts/
> >
> > _______________________________________________
> > Cfrg mailing list
> > Cfrg@irtf.org
> > https://www.irtf.org/mailman/listinfo/cfrg
>
> _______________________________________________
> Cfrg mailing list
> Cfrg@irtf.org
> https://www.irtf.org/mailman/listinfo/cfrg
>
- [Cfrg] I-D Action: draft-mcgrew-hash-sigs-09.txt internet-drafts
- Re: [Cfrg] I-D Action: draft-mcgrew-hash-sigs-09.… Russ Housley
- Re: [Cfrg] I-D Action: draft-mcgrew-hash-sigs-09.… Stanislav V. Smyshlyaev
- Re: [Cfrg] I-D Action: draft-mcgrew-hash-sigs-09.… Stanislav V. Smyshlyaev