[Cfrg] Implementing draft-cfrg-randomness-improvements
Kris Kwiatkowski <kris@amongbytes.com> Tue, 08 October 2019 07:58 UTC
Return-Path: <kris@amongbytes.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 453571200D5 for <cfrg@ietfa.amsl.com>; Tue, 8 Oct 2019 00:58:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.803
X-Spam-Level:
X-Spam-Status: No, score=0.803 tagged_above=-999 required=5 tests=[BAYES_50=0.8, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WUPlpc1iw8RI for <cfrg@ietfa.amsl.com>; Tue, 8 Oct 2019 00:58:53 -0700 (PDT)
Received: from 3.mo177.mail-out.ovh.net (3.mo177.mail-out.ovh.net [46.105.36.172]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EA9DB12003E for <cfrg@irtf.org>; Tue, 8 Oct 2019 00:58:52 -0700 (PDT)
Received: from player694.ha.ovh.net (unknown [10.109.159.123]) by mo177.mail-out.ovh.net (Postfix) with ESMTP id 0462F10D3E2 for <cfrg@irtf.org>; Tue, 8 Oct 2019 09:58:49 +0200 (CEST)
Received: from amongbytes.com (nbl3-22.static.cytanet.com.cy [81.4.160.22]) (Authenticated sender: kris@amongbytes.com) by player694.ha.ovh.net (Postfix) with ESMTPSA id D83E5A9E9E1B for <cfrg@irtf.org>; Tue, 8 Oct 2019 07:58:48 +0000 (UTC)
To: "cfrg@irtf.org" <cfrg@irtf.org>
From: Kris Kwiatkowski <kris@amongbytes.com>
Message-ID: <cafcfc9f-4955-c894-0c0a-c27c1be0a478@amongbytes.com>
Date: Tue, 08 Oct 2019 08:59:03 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.1.1
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="------------2DDC585E1FE9087A74E466E2"
Content-Language: en-US
X-Ovh-Tracer-Id: 4735816486949011277
X-VR-SPAMSTATE: OK
X-VR-SPAMSCORE: 0
X-VR-SPAMCAUSE: gggruggvucftvghtrhhoucdtuddrgedufedrheekgdduvdegucetufdoteggodetrfdotffvucfrrhhofhhilhgvmecuqfggjfdpvefjgfevmfevgfenuceurghilhhouhhtmecuhedttdenuc
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/yEf1XI6mGWF5tycDqiNLD1zhnq8>
Subject: [Cfrg] Implementing draft-cfrg-randomness-improvements
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Tue, 08 Oct 2019 07:58:55 -0000
Hi, I've implemented PoC of draft-cfrg-randomness-improvements-07 with a goal of assessing potential costs of both - performance and integration. The implementation (PoC) is integrated into BoringSSL (as default random generator) and it comes with small bench application for TLS testing. Performance results and implementation details can be found here: * https://github.com/henrydcase/PoC-draft-cfrg-randomness-improvements/ While interpreting results, one of the draft authors informed that there may be a bug in the draft. Namely, draft currently specifies that amount of randomness that randomness wrapper is requesting from CSPRNG is equal to "L", where L is fixed for any instantiation of randomness wrapper and equal to output byte size of HKDF-Extract. 1. Can it be confirmed that this is wrong and will be changed in future release of the draft? 2. Also, is there any limit for "n" - amount of randomness that can be requested from randomness wrapper? It was briefly mentioned to me that limit is L+M (where M is output size of hash function H). Nevertheless, I can't say I fully understand this choice. --- Kind regards, Kris
- [Cfrg] Implementing draft-cfrg-randomness-improve… Kris Kwiatkowski