Re: [cicm] comments on CICM

"Cottrell Jr., James R." <jxc@mitre.org> Wed, 03 August 2011 14:49 UTC

Return-Path: <jxc@mitre.org>
X-Original-To: cicm@ietfa.amsl.com
Delivered-To: cicm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0647121F8B7C for <cicm@ietfa.amsl.com>; Wed, 3 Aug 2011 07:49:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.598
X-Spam-Level:
X-Spam-Status: No, score=-6.598 tagged_above=-999 required=5 tests=[AWL=0.001, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2E479V4Oq1nj for <cicm@ietfa.amsl.com>; Wed, 3 Aug 2011 07:49:13 -0700 (PDT)
Received: from smtpksrv1.mitre.org (smtpksrv1.mitre.org [198.49.146.77]) by ietfa.amsl.com (Postfix) with ESMTP id 4803821F8B75 for <cicm@ietf.org>; Wed, 3 Aug 2011 07:49:13 -0700 (PDT)
Received: from smtpksrv1.mitre.org (localhost.localdomain [127.0.0.1]) by localhost (Postfix) with SMTP id 2D89F21B1B31 for <cicm@ietf.org>; Wed, 3 Aug 2011 10:49:25 -0400 (EDT)
Received: from imchub1.MITRE.ORG (imchub1.mitre.org [129.83.29.73]) by smtpksrv1.mitre.org (Postfix) with ESMTP id 1E1C021B0123 for <cicm@ietf.org>; Wed, 3 Aug 2011 10:49:25 -0400 (EDT)
Received: from IMCMBX1.MITRE.ORG ([129.83.29.204]) by imchub1.MITRE.ORG ([129.83.29.73]) with mapi; Wed, 3 Aug 2011 10:49:25 -0400
From: "Cottrell Jr., James R." <jxc@mitre.org>
To: CICM Discussion List <cicm@ietf.org>
Date: Wed, 03 Aug 2011 10:49:23 -0400
Thread-Topic: comments on CICM
Thread-Index: AcxMjG9q3Na+ogFKR3Slh/gLrxXr8wFWUHrAAAGlEzA=
Message-ID: <E48B962F2B71EC4C97EF42A839D0F2DE05F3B8B614@IMCMBX1.MITRE.ORG>
References: <99256CA4-47EB-444A-9D5C-29EEEF3C81D5@mindspring.com> <MLQM-20110803104111367-85835@mlite.mitre.org>
In-Reply-To: <MLQM-20110803104111367-85835@mlite.mitre.org>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Subject: Re: [cicm] comments on CICM
X-BeenThere: cicm@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: CICM Discussion List <cicm@ietf.org>
List-Id: CICM Discussion List <cicm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cicm>, <mailto:cicm-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/cicm>
List-Post: <mailto:cicm@ietf.org>
List-Help: <mailto:cicm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cicm>, <mailto:cicm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 03 Aug 2011 14:49:14 -0000

David McGrew,

In your email you stated " Considering that AES-GCM is required for Suite B, and the Suite B RFCs  
all cite RFC 5116, the lack of AEAD support appears problematic"

Can you please provide an authoritative document stating this requirement?

Thanks,

Jim Cottrell

-----Original Message-----
From: cicm-bounces@ietf.org [mailto:cicm-bounces@ietf.org] On Behalf Of Novikov, Lev
Sent: Wednesday, August 03, 2011 10:03 AM
To: CICM Discussion List (cicm@ietf.org)
Subject: [cicm] FW: comments on CICM

FYI: Below is an insightful email from David McGrew that does not 
appear to have made it to the mailing list nor was it held for 
moderation so the list never saw it.

Lev

-----Original Message-----
From: David A. McGrew [mailto:david.a.mcgrew@mindspring.com] 
Sent: Wednesday, July 27, 2011 14:39
To: cicm@ietf.org; Lanz, Dan; Novikov, Lev
Subject: comments on CICM

Hi Lev and Daniel,

I skimmed the CICM documents and have several comments.

It seems that the major goal for CICM is multi-vendor support.   
Worthwhile goal, but what crypto hardware vendors whose products  
support IETF standards are participating in this effort?

RFC 5116 defines a standard interface to Authenticated Encryption with  
Associated Data (AEAD) algorithms, which is used by TLS 1.2, SSH,  
SRTP, IKE, and SMIME, and is backwards compatible with ESP.   The AEAD  
interface is simple (two defined messages, four inputs and one output  
each), and AEAD is widely regarded as the state of the art in security  
and efficiency (including both OCB and GCM, for instance).  It appears  
that CICM is not compatible with this interface, in which case it  
would be a real step backwards.  (If CICM does support AEAD, it is not  
clear to me how it does.  Am I missing something?)

CICM is intended for use in a high assurance crypto module.   
Considering that AES-GCM is required for Suite B, and the Suite B RFCs  
all cite RFC 5116, the lack of AEAD support appears problematic.

The use cases for which CICM is intended are those where  
"cryptographic transformation of data initiated in one security        
domain with the result made available in another security domain";  
three cases are given, two of which are HAIPE.  So clearly the CICM  
design has been driven by high assurance requirements that are highly  
security conscious and not publicly available.   My question here is:  
how will the CICM design make implementations of IETF security  
protocols better?   If CICM is tightly bound to non-public protocols,  
it will not have much relevance to the IETF.   On the other hand, if  
there is a document that shows how a high assurance design approach  
can be used in an IETF standard like TLS or IPsec, that could be  
valuable.   It could be a good contribution to the IETF to provide  
implementation criteria or design approaches that are applicable to  
internet standards.  I think there would be a good amount of interest  
in this sort of work, and in fact I would be very happy to see that  
sort of document show up in IRTF CFRG.

An important nit: MD5 is used as an example on pg 24 of draft-lanz- 
cicm-02.  It has been deprecated by RFC 6151; I encourage that a  
different hash be used as an example.

regards,

David

_______________________________________________
cicm mailing list
cicm@ietf.org
https://www.ietf.org/mailman/listinfo/cicm