[CFRG] Escalation: time commitment to fix *production* security bugs for BLS RFC v4?
Quan Thoi Minh Nguyen <msuntmquan@gmail.com> Fri, 23 April 2021 16:14 UTC
Return-Path: <msuntmquan@gmail.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BA2743A1480 for <cfrg@ietfa.amsl.com>; Fri, 23 Apr 2021 09:14:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id C1WEVO2CK977 for <cfrg@ietfa.amsl.com>; Fri, 23 Apr 2021 09:14:17 -0700 (PDT)
Received: from mail-pj1-x1034.google.com (mail-pj1-x1034.google.com [IPv6:2607:f8b0:4864:20::1034]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 16ED23A147F for <cfrg@irtf.org>; Fri, 23 Apr 2021 09:14:16 -0700 (PDT)
Received: by mail-pj1-x1034.google.com with SMTP id m6-20020a17090a8586b02901507e1acf0fso1528352pjn.3 for <cfrg@irtf.org>; Fri, 23 Apr 2021 09:14:16 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=IkD+yzSJdVhPhSujEe1jHy4BFH0LS0X18eFyId/9Vz8=; b=ByyWawkmzNM03d07zzyWBtRlrhPfdLXJ045mYzharXLS1BslIeKfKx5SJexYN7ClPy JBc/qgBSp1pJpgW9gtFCyCt4Jt4oH4jHHAp4E3rl6IgDSDitMKc0yvi0GBXtfIUuGOsu I+95QI0wVBQoflCAD5hySWFHioqBa/Xh8dWZGbAbF0ICiLNR7d+HrLAwGbPYxXJkqffw T8ifY2l86oQbq9PKZF2+vInEpKQ0Dl26x8bhvIyrpWaisBb3h8v64mNuxXaBWMFOZ9+A 6ljN4TeCBWG17Gf05RFrYtLXjKrn60bU3ElbiUKzbKIUGYbq13+//RtYReTa14DLyQl7 aE4w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=IkD+yzSJdVhPhSujEe1jHy4BFH0LS0X18eFyId/9Vz8=; b=IUsIE4pSXghw2bTf26mYR0gAR6xKfiSUnOVhBa9i7icSHThL3MnICWxy3KAY1xZziF 9cGDARAO8mtYAM5B4WSHaoiXVYB+qvk2hz2gNfbE7+eLBf4jUir1ml1AcKgeHaWe5Cem 5RiK8GqcmmE13H4fUGNvXp7zGKDTAOj0ZPYmBRNz6BCSn0BhPD1HMapNAs2J5XBL4vLi lr0NDJze9PoRJpdFMXHW7D7ntuNFRQCJ7HIrWrdO//An+WWnCQ+pvSc9zRZ28BMiyuL+ fmHRkyWffpDSFsOtYxEnUKu0585CpDUtLfeCC38GuJMuz7y85cLeVXVFkewTRrs96RqM CyHw==
X-Gm-Message-State: AOAM532+utiOXXUVhdsLATY07tVFpEwwKO/6QyUZcvDMKxoC56vBOYcm QQI2+LKmrZ47a1x7/KU3dK+a8m+kLMgVSoU8upG/Y+4PEmoNjw==
X-Google-Smtp-Source: ABdhPJwqTIHGIZUW1LEO5FcJfMhGYS23nyoJxk2HrndgS0N41XHDIdYUYoY3D3wfERT6Jo7iK9u0aMBKeiWhEEFoI4U=
X-Received: by 2002:a17:90a:94ca:: with SMTP id j10mr5300049pjw.126.1619194455255; Fri, 23 Apr 2021 09:14:15 -0700 (PDT)
MIME-Version: 1.0
From: Quan Thoi Minh Nguyen <msuntmquan@gmail.com>
Date: Fri, 23 Apr 2021 09:13:39 -0700
Message-ID: <CAAEB6g=tU=MF1_QKduEN55ft0rWe+7x0wBbywS083fJrjzP=XA@mail.gmail.com>
To: cfrg@irtf.org
Content-Type: multipart/alternative; boundary="00000000000053ed1205c0a6160b"
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/ved8f1t70B0M2aDuc6I0DcsDH1o>
Subject: [CFRG] Escalation: time commitment to fix *production* security bugs for BLS RFC v4?
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Fri, 23 Apr 2021 19:37:46 -0000
Hi, I'd like to escalate this issue to the CFRG chairs as a last resort. By responsibility disclosure mechanism, I reported the bugs *privately far before* I posted it publicly at https://github.com/cfrg/draft-irtf-cfrg-bls-signature/issues/38. I did everything in my capability: reported the bugs, wrote proof-of-concept attack, wrote proof-of-concept fix. I'm curious what is the time commitment of the RFC's authors in resolving the following deadlock: + Libraries code (ethereum/py ecc, supranational/blst, herumi/bls,sigp/milagro bls) are deployed in *production*. They're not academic nor experimental code. + Libraries' authors can't fix the code because they have to follow the standard. + BLS RFC v4's authors don't move an inch in fixing it nor have any time commitment. The standard authors are in an extremely powerful position where they dictate what every library should do. Does it go with responsibility for responding in a timely manner for security bugs deployed in *production*? Even if they don't want to fix the message binding bug, should they at least fix a very obvious bug? AggregateVerify((PK_1, PK_2), (msg, msg), 0) = True, FastAggregateVerify((PK_1, PK_2), msg, 0) = False. Note that I'm not saying my proposed fix is correct and RFC's authors should follow it. What I'm asking is the BLS RFC authors' time commitments in resolving the security issues deployed in production? Thanks, - Quan
- [CFRG] Escalation: time commitment to fix *produc… Quan Thoi Minh Nguyen
- Re: [CFRG] Escalation: time commitment to fix *pr… Riad S. Wahby
- Re: [CFRG] Escalation: time commitment to fix *pr… Quan Thoi Minh Nguyen
- Re: [CFRG] Escalation: time commitment to fix *pr… Loup Vaillant-David
- Re: [CFRG] Escalation: time commitment to fix *pr… Salz, Rich
- Re: [CFRG] Escalation: time commitment to fix *pr… Paul Hoffman
- Re: [CFRG] Escalation: time commitment to fix *pr… Quan Thoi Minh Nguyen
- [CFRG] Bitcoin delenda est. Was: Escalation: time… Phillip Hallam-Baker
- Re: [CFRG] Bitcoin delenda est. Was: Escalation: … Daniel Franke
- Re: [CFRG] Bitcoin delenda est. Was: Escalation: … Kyle Rose
- Re: [CFRG] Bitcoin delenda est. Was: Escalation: … Michael Sierchio
- Re: [CFRG] Bitcoin delenda est. Was: Escalation: … Michael Sierchio
- Re: [CFRG] Bitcoin delenda est. Was: Escalation: … Kyle Rose
- Re: [CFRG] Bitcoin delenda est. Was: Escalation: … Michael Sierchio
- Re: [CFRG] Bitcoin delenda est. Was: Escalation: … Phillip Hallam-Baker
- Re: [CFRG] Bitcoin delenda est. Was: Escalation: … Mike Hamburg
- Re: [CFRG] Bitcoin delenda est. Was: Escalation: … Mike Hamburg
- Re: [CFRG] Bitcoin delenda est. Was: Escalation: … Thomas Dineen
- Re: [CFRG] Bitcoin delenda est. Was: Escalation: … Phillip Hallam-Baker
- Re: [CFRG] Bitcoin delenda est. Was: Escalation: … Thomas Dineen
- Re: [CFRG] Bitcoin delenda est. Was: Escalation: … Thomas Dineen
- Re: [CFRG] Bitcoin delenda est. Was: Escalation: … denis bider
- Re: [CFRG] Bitcoin delenda est. Was: Escalation: … Eric Rescorla
- Re: [CFRG] Bitcoin delenda est. Was: Escalation: … denis bider
- Re: [CFRG] Bitcoin delenda est. Was: Escalation: … Soatok Dreamseeker
- Re: [CFRG] Bitcoin delenda est. Was: Escalation: … denis bider
- Re: [CFRG] Bitcoin delenda est. Was: Escalation: … Nick Sullivan
- Re: [CFRG] Escalation: time commitment to fix *pr… Jeff Burdges