Re: [cgasec] To your health, and a comment on strength
Christian Huitema <huitema@microsoft.com> Mon, 26 July 2010 16:07 UTC
Return-Path: <huitema@microsoft.com>
X-Original-To: cgasec@core3.amsl.com
Delivered-To: cgasec@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id E60FA3A6816 for <cgasec@core3.amsl.com>; Mon, 26 Jul 2010 09:07:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.599
X-Spam-Level:
X-Spam-Status: No, score=-10.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id e0+em9QUESqd for <cgasec@core3.amsl.com>; Mon, 26 Jul 2010 09:07:48 -0700 (PDT)
Received: from smtp.microsoft.com (smtp.microsoft.com [131.107.115.212]) by core3.amsl.com (Postfix) with ESMTP id 51CFA3A686B for <cgasec@ietf.org>; Mon, 26 Jul 2010 09:07:48 -0700 (PDT)
Received: from TK5EX14MLTC104.redmond.corp.microsoft.com (157.54.79.159) by TK5-EXGWY-E801.partners.extranet.microsoft.com (10.251.56.50) with Microsoft SMTP Server (TLS) id 8.2.176.0; Mon, 26 Jul 2010 09:08:10 -0700
Received: from TK5EX14MLTW652.wingroup.windeploy.ntdev.microsoft.com (157.54.71.68) by TK5EX14MLTC104.redmond.corp.microsoft.com (157.54.79.159) with Microsoft SMTP Server (TLS) id 14.1.180.4; Mon, 26 Jul 2010 09:08:08 -0700
Received: from TK5EX14MBXW653.wingroup.windeploy.ntdev.microsoft.com ([169.254.3.29]) by TK5EX14MLTW652.wingroup.windeploy.ntdev.microsoft.com ([157.54.71.68]) with mapi; Mon, 26 Jul 2010 09:08:08 -0700
From: Christian Huitema <huitema@microsoft.com>
To: Sam Hartman <hartmans-ietf@mit.edu>
Thread-Topic: [cgasec] To your health, and a comment on strength
Thread-Index: AQHLLNOua6elT87pHkqq8PMSVsJxW5LDXbpQ
Date: Mon, 26 Jul 2010 16:08:04 +0000
Message-ID: <7CF277500761BD408EA4F0B131539B56EAFE@TK5EX14MBXW653.wingroup.windeploy.ntdev.microsoft.com>
References: <727B5244734C1F4E83CF2575353129BA085D36@TK5EX14MBXW652.wingroup.windeploy.ntdev.microsoft.com> <tsly6cy5lqv.fsf@mit.edu>
In-Reply-To: <tsly6cy5lqv.fsf@mit.edu>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Cc: "cgasec@ietf.org" <cgasec@ietf.org>, Margaret Wasserman <margaretw42@gmail.com>
Subject: Re: [cgasec] To your health, and a comment on strength
X-BeenThere: cgasec@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: CGA-based Security discussion list <cgasec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/cgasec>, <mailto:cgasec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/cgasec>
List-Post: <mailto:cgasec@ietf.org>
List-Help: <mailto:cgasec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cgasec>, <mailto:cgasec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 26 Jul 2010 16:07:50 -0000
> The situation where this is insufficient is where teh product of lifetime of addresses > and resources available to an attacker exceeds some comfortable security margin. > For example, if you have an attacker with 2**20 machines available and want your address > to last for 2**40 times as long as it takes to generate an address, CGA security would probably > be inadequate. Similarly, if you have an attacker who has 2**40 resources and you are hoping > to have addresses last for 2**20 times as long as it takes to generate an address, then CGAs > would be inadequate. I think it is important to understand this limitation, but I also believe > for many situations this is not a significant concern. I believe that's a common problem for any scheme that derives identifiers from a public key. Such identifiers end up with a limited life time for a variety of reasons. The key or the hash may end up being too short, and there are downsides to making them arbitrarily long. The algorithms used in keying or hashing may be broken. The key itself may be compromised. Any system design has to account for a relatively short life of the identifiers. -- Christian Huitema
- [cgasec] To your health, and a comment on strength Christian Huitema
- Re: [cgasec] To your health, and a comment on str… Sam Hartman
- Re: [cgasec] To your health, and a comment on str… Christian Huitema