[Crypto-panel] Re: Request for review: Usage Limits on AEAD Algorithms
Martin Thomson <mt@lowentropy.net> Mon, 05 August 2024 00:21 UTC
Return-Path: <mt@lowentropy.net>
X-Original-To: crypto-panel@ietfa.amsl.com
Delivered-To: crypto-panel@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 46EC8C14F610 for <crypto-panel@ietfa.amsl.com>; Sun, 4 Aug 2024 17:21:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.808
X-Spam-Level:
X-Spam-Status: No, score=-2.808 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=lowentropy.net header.b="HWVr2EDm"; dkim=pass (2048-bit key) header.d=messagingengine.com header.b="LcWvPLLe"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qrrP3G3fiibG for <crypto-panel@ietfa.amsl.com>; Sun, 4 Aug 2024 17:21:03 -0700 (PDT)
Received: from fhigh7-smtp.messagingengine.com (fhigh7-smtp.messagingengine.com [103.168.172.158]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 49AF9C14F61A for <crypto-panel@irtf.org>; Sun, 4 Aug 2024 17:21:03 -0700 (PDT)
Received: from compute5.internal (compute5.nyi.internal [10.202.2.45]) by mailfhigh.nyi.internal (Postfix) with ESMTP id 5006A1151DE3; Sun, 4 Aug 2024 20:21:02 -0400 (EDT)
Received: from imap41 ([10.202.2.91]) by compute5.internal (MEProxy); Sun, 04 Aug 2024 20:21:02 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lowentropy.net; h=cc:cc:content-transfer-encoding:content-type:content-type :date:date:from:from:in-reply-to:in-reply-to:message-id :mime-version:references:reply-to:subject:subject:to:to; s=fm1; t=1722817262; x=1722903662; bh=lkbCUQX4nqGmhahVjOjsBBZynYm1fMxo ZwK6LQQMrRE=; b=HWVr2EDmHr+nXAf3ELDWTwoOjzvZRAgt4UEh4vfAPV0I5Qac rPG7Zy+TrfiuZeU9VotR2/PmjcnIoNJekRB5GTepTV/RXwB2u/O24siCzZaHdWNC v8k8QrnxyB1H6Cm9AAR+6In1dPADG/4irldBDYxdcMlxVo67NJxwECWceVeIUfyO AZOmVBYjuerWhSBJk4bIrUZ6ueqP7Ds2kc9mIduF67xdfFQnZYDbfRDMV7l89Gz/ LLo053+DsOmDy/HcRpxzjxizCG41rvqmJkoBxw6GFa/+yHE40tOPZGRFfI5lY+lC lHThoYXSsAKVuq7Lb+KssbjlD4VahwNoWVkKCQ==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding :content-type:content-type:date:date:feedback-id:feedback-id :from:from:in-reply-to:in-reply-to:message-id:mime-version :references:reply-to:subject:subject:to:to:x-me-proxy:x-me-proxy :x-me-sender:x-me-sender:x-sasl-enc; s=fm3; t=1722817262; x= 1722903662; bh=lkbCUQX4nqGmhahVjOjsBBZynYm1fMxoZwK6LQQMrRE=; b=L cWvPLLecOSJI2/tDrdPIsioJAvEEeIIbMG+vDWthjvfuAHaA51hf908NhcI/zbsc eEP/Q6TNjhBLR2vlxCYQlXzR9+V45kNIbkZPjOpkNv1iLqspShUNULccoTH5NX2p 78tEu399m/qZqxgH2IXxDqNLza6Y/5JLz6dDbfzYe69vPmtKaHXFeHiG3D1V5BZO r1NDIo9fb/f+r0KsE2NI+92nZZ5Xlz2MdO6hc2UXNvztXKAt2wPy2fE1WEFprCWv cs3S9BNoAOVVriZOIaSkEnun0kqUFop/zk9O902b9Hb4iHSW21Ysvp0dvqO9X6iM /22L8HtNFblQg9jbGvdoA==
X-ME-Sender: <xms:7hqwZpnh826YumxBO5MOxTz65V0O05KScq3SwssJePJgog6LQxMIZg> <xme:7hqwZk2giEkcSlF45-_peA_bUGv5vusqcB-4sN42GrzaI83CRBeRU9dHirRQnx8r1 _5ePykfPYCvGbeyjH8>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeeftddrkeehgdefhecutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu uegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmdenuc fjughrpefoggffhffvvefkjghfufgtgfesthhqredtredtjeenucfhrhhomhepfdforghr thhinhcuvfhhohhmshhonhdfuceomhhtsehlohifvghnthhrohhphidrnhgvtheqnecugg ftrfgrthhtvghrnhepkeffkeejjedvgeffteevfeetvedufefhhfdvvdefkedvvedtteek ueehffeffedvnecuffhomhgrihhnpehgihhthhhusgdrtghomhdpihgvthhfrdhorhhgne cuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmrghilhhfrhhomhepmhhtsehl ohifvghnthhrohhphidrnhgvthdpnhgspghrtghpthhtoheptd
X-ME-Proxy: <xmx:7hqwZvrGjZPcEmW4R2InG8MAFyp8GJKI48hpgZZcXzekShS3X4PIag> <xmx:7hqwZpnAfbPqIK64Gy4-0-OuyZAfzUCpkhdrMjvYQOZ86kk2OvF4XA> <xmx:7hqwZn075N69lCB09_27n92FIb7JOwn7haqNI13_bSBG6izWkJah8A> <xmx:7hqwZos-wrJS2l7fFgCuK6PWcDWi2fRRZhka2keMECXWSTKGTKMw3w> <xmx:7hqwZiSlgH6Y7p8o0xXrE0KdEOeI_Em7tFePLMa9zJ-39p5FJDAAv4-A>
Feedback-ID: ic129442d:Fastmail
Received: by mailuser.nyi.internal (Postfix, from userid 501) id BAB392340082; Sun, 4 Aug 2024 20:21:01 -0400 (EDT)
X-Mailer: MessagingEngine.com Webmail Interface
MIME-Version: 1.0
Date: Mon, 05 Aug 2024 10:20:41 +1000
From: Martin Thomson <mt@lowentropy.net>
To: Thomas Pornin <thomas.pornin@nccgroup.com>, "Stanislav V. Smyshlyaev" <smyshsv@gmail.com>
Message-Id: <66391df6-9c05-4f8f-9e69-5f66eab7ec85@betaapp.fastmail.com>
In-Reply-To: <e8d471ec-cea4-4d11-b7db-ad2a8ee47d88@betaapp.fastmail.com>
References: <CAMr0u6=n0b85hZ-a4Sm73dUru4U6bXHBbfgNOOgQE+T4WtBRyA@mail.gmail.com> <CO6PR06MB7441DB10F91F68F7D6253AE482C02@CO6PR06MB7441.namprd06.prod.outlook.com> <CAMr0u6kgjGeJWfBf6KdtpSsUcirH8xj1Ju176hCLWuja2Y9=HA@mail.gmail.com> <CH2PPFCDF62ED4C490EC37D17DCA1E60DC782B12@CH2PPFCDF62ED4C.namprd06.prod.outlook.com> <e8d471ec-cea4-4d11-b7db-ad2a8ee47d88@betaapp.fastmail.com>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Message-ID-Hash: LK6N2ZR3JPMQFUCR4CT2C3CQ3GUD3SBB
X-Message-ID-Hash: LK6N2ZR3JPMQFUCR4CT2C3CQ3GUD3SBB
X-MailFrom: mt@lowentropy.net
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-crypto-panel.irtf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: "cfrg-chairs@ietf.org" <cfrg-chairs@ietf.org>, "crypto-panel@irtf.org" <crypto-panel@irtf.org>, "draft-irtf-cfrg-aead-limits@ietf.org" <draft-irtf-cfrg-aead-limits@ietf.org>
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [Crypto-panel] Re: Request for review: Usage Limits on AEAD Algorithms
List-Id: Crypto Review Panel review coordination <crypto-panel.irtf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/crypto-panel/_lz5xeIWFUsb4QRqVqAVUBavJSw>
List-Archive: <https://mailarchive.ietf.org/arch/browse/crypto-panel>
List-Help: <mailto:crypto-panel-request@irtf.org?subject=help>
List-Owner: <mailto:crypto-panel-owner@irtf.org>
List-Post: <mailto:crypto-panel@irtf.org>
List-Subscribe: <mailto:crypto-panel-join@irtf.org>
List-Unsubscribe: <mailto:crypto-panel-leave@irtf.org>
Hey, Felix went through and addressed these comments. They were, as I suspected, quite straightforward. Thanks again Thomas. Stanislav, we can get you a fresh revision if you think this is ready to push. Let me know. (I'll assume you want a revision unless I hear otherwise.) Cheers, Martin On Thu, Aug 1, 2024, at 11:55, Martin Thomson wrote: > Thanks for this. Just from skimming through it seems like this is all > very useful feedback that should be fairly straightforward to address > on the whole. > > I've dumped this all on an issue, so we don't lose it, but we'll > probably come at it piecewise. > > https://github.com/cfrg/draft-irtf-cfrg-aead-limits/issues/67 > > We'll post to the list (and cc you) if there are questions that come up. > > On Thu, Aug 1, 2024, at 00:26, Thomas Pornin wrote: >> Oops, looks like I had forgotten it. Sorry. >> >> Here is my review. Overall, the document is a nice endeavour; since the >> focus is on IETF protocols, it might be worth to give a few more >> applied examples? The tables in the document give number of 1500-byte >> messages (“a common Internet MTU”) which would conceptually apply to >> something like IPsec, though less so for e.g. SSH or TLS, which have >> larger “records”. I also have some misgivings on the advice in section >> 7 which amounts to, basically, ignoring in implementations the limits >> that the rest of the document takes pains to define; as a “security >> consideration”, it does not seem conductive of security. >> >> Thomas >> >> *From: *Stanislav V. Smyshlyaev <smyshsv@gmail.com> >> *Date: *Wednesday, June 12, 2024 at 12:07 >> *To: *Thomas Pornin <thomas.pornin@nccgroup.com> >> *Cc: *cfrg-chairs@ietf.org <cfrg-chairs@ietf.org>, >> crypto-panel@irtf.org <crypto-panel@irtf.org>, >> draft-irtf-cfrg-aead-limits@ietf.org >> <draft-irtf-cfrg-aead-limits@ietf.org> >> *Subject: *Re: [Crypto-panel] Request for review: Usage Limits on AEAD >> Algorithms >> Thank you so much, Thomas! >> >> Regards, >> Stanislav >> >> On Wed, 12 Jun 2024 at 19:04, Thomas Pornin <thomas.pornin@nccgroup.com> wrote: >>> I can make a review (by mid-July, possibly much sooner). >>> >>> Thomas >>> >>> *From: *Stanislav V. Smyshlyaev <smyshsv@gmail.com> >>> *Date: *Tuesday, June 11, 2024 at 03:30 >>> *To: *crypto-panel@irtf.org <crypto-panel@irtf.org> >>> *Cc: *cfrg-chairs@ietf.org <cfrg-chairs@ietf.org>, draft-irtf-cfrg-aead-limits@ietf.org <draft-irtf-cfrg-aead-limits@ietf.org> >>> *Subject: *[Crypto-panel] Request for review: Usage Limits on AEAD Algorithms >>> Dear Crypto Panel experts, >>> >>> The chairs would like to ask the Crypto Panel to provide a review for the current version (-08) of the "Usage Limits on AEAD Algorithms" draft, draft-irtf-cfrg-aead-limits-08 (https://www.ietf.org/archive/id/draft-irtf-cfrg-aead-limits-08.html) >>> >>> Volunteers? >>> >>> Stanislav (on behalf of the CFRG Chairs) >> Attachments: >> * review-draft-irtf-cfrg-aead-limits-08.txt
- [Crypto-panel] Request for review: Usage Limits o… Stanislav V. Smyshlyaev
- [Crypto-panel] Re: Request for review: Usage Limi… Thomas Pornin
- [Crypto-panel] Re: Request for review: Usage Limi… Stanislav V. Smyshlyaev
- [Crypto-panel] Re: Request for review: Usage Limi… Thomas Pornin
- [Crypto-panel] Re: Request for review: Usage Limi… Martin Thomson
- [Crypto-panel] Re: Request for review: Usage Limi… Martin Thomson
- [Crypto-panel] Re: Request for review: Usage Limi… Stanislav V. Smyshlyaev