Re: [Crypto-panel] Request for review: draft-ribose-openpgp-oscca-01

"Stanislav V. Smyshlyaev" <smyshsv@gmail.com> Thu, 21 December 2017 05:57 UTC

Return-Path: <smyshsv@gmail.com>
X-Original-To: crypto-panel@ietfa.amsl.com
Delivered-To: crypto-panel@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2E1BC127275 for <crypto-panel@ietfa.amsl.com>; Wed, 20 Dec 2017 21:57:59 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id h8jG0JZ0-KLF for <crypto-panel@ietfa.amsl.com>; Wed, 20 Dec 2017 21:57:56 -0800 (PST)
Received: from mail-qt0-x231.google.com (mail-qt0-x231.google.com [IPv6:2607:f8b0:400d:c0d::231]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DE2701201FA for <crypto-panel@irtf.org>; Wed, 20 Dec 2017 21:57:55 -0800 (PST)
Received: by mail-qt0-x231.google.com with SMTP id m59so31139648qte.11 for <crypto-panel@irtf.org>; Wed, 20 Dec 2017 21:57:55 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=vqwQLIfdamzfeu/RVigLXYq55jfbu1opE2ODo3ueH+c=; b=QoC9AS46HExTZkZATHG8Epucm2fWkR/izEUC4faV3CjmUwXoYmcmKmVl+YQNBrY8Ic kv/d/xZDfBZo0kew4AtnWMg3wcGA13QmgHvjrIVpzgbnrrMyMJDWHH5rP3E6y62ORR7T pdpR0FkDCyQAK16rclzbNTaaFkayZUor5PRuxr+rqpciJmD90lo91giLCqsz8R8TN/k0 jHPLICA2/Mhk5P/J6V6oeYB9G7USRuoT9N/97ORWuSlnPLetqybuKcIB/yMZ0wnSIWSD hER5gGgJ9AOKhmttQMOUzV3P7GO1U6rL4qDsfccRZbUpwSTtYsiCcrs5YUXS7dRk5r6n JLVA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=vqwQLIfdamzfeu/RVigLXYq55jfbu1opE2ODo3ueH+c=; b=l+McFJeFUn6t+cVByY3e9bhDSIA+oHHft76YVMA/rIV1hnECZkJRwlCWBH3+5K1aLT vDPFDcehyPOZVcFgS+1Q/l214i81a1nLA/RcAsztZdYbdwdZmFzhe4zJRpLgTH0JH1qk x+X18Z+83UbS63NU/mWNVFpKFRWywG0hAyIfu1cbibxTTaO60Xxhrucbvral4Sd+fd6H BotTYPLAqxoHOowKURKGW2BoH0Wud26tSEPaw1W3sKJKob115joKt+uY1+MH0CSXpP6R GaM/ZyktPhi+z5qtdj+YSJPovQkTvsqCJNATFyubgRmHhC4UlOFIZ3piIFrvI6AgjR9r gX7Q==
X-Gm-Message-State: AKGB3mIecJO7RUwSZOnwyqlrDRYJByxWJ4AxrIcrBWTAZUXA598IdY5I 5DcSAYVnGMYDtf9o/Qzrn5+/b4i05YJbUUiB3BU=
X-Google-Smtp-Source: ACJfBotRfRdO5ABhqEj+iO6aCzT5qxs49HkArZy2OdD1rMc0+rGrC+dM00C+kdOx0d4FVO7g9YJ12b8gJR2n6365wG4=
X-Received: by 10.200.19.11 with SMTP id e11mr13348733qtj.62.1513835875069; Wed, 20 Dec 2017 21:57:55 -0800 (PST)
MIME-Version: 1.0
Received: by 10.12.142.139 with HTTP; Wed, 20 Dec 2017 21:57:54 -0800 (PST)
In-Reply-To: <8CBA1FC8-A4BE-49F5-B7EC-3D872E1F2ACF@ribose.com>
References: <56db317a-07ad-0ad4-b1d1-31f12283115e@isode.com> <CAMr0u6nk5xo18Y93uWXKvXsbKX8o7pVx-MWrumvQnkYERPgbpw@mail.gmail.com> <E6993497-43A6-4CB2-866E-D5AF55E1D168@ribose.com> <CAMr0u6kk4HDKUKJqt3WPjO3jX+B4BoiidTQvdr7k7TLDqcG0-A@mail.gmail.com> <087A0995-B344-4CBE-B300-D2431F1E5552@ribose.com> <CAMr0u6kCzMeZgLALSoWxggMH6A=ou9U05umFLHGvT6MLdeSwng@mail.gmail.com> <23B65052-E3DC-4553-B729-BE1CE0899C62@ribose.com> <CAMr0u6=6hL2B8OcKkn4E8ivMw9Ta90NrVb7qm_t6_7qj5x4c4g@mail.gmail.com> <8CBA1FC8-A4BE-49F5-B7EC-3D872E1F2ACF@ribose.com>
From: "Stanislav V. Smyshlyaev" <smyshsv@gmail.com>
Date: Thu, 21 Dec 2017 08:57:54 +0300
Message-ID: <CAMr0u6=u0by1AWeY5SEo9qnCEBJbJ70a2USVgbRZ=bZxBexbEw@mail.gmail.com>
To: Ronald Tse <tse@ribose.com>
Cc: Alexey Melnikov <alexey.melnikov@isode.com>, "crypto-panel@irtf.org" <crypto-panel@irtf.org>, Nancy Cam-Winget <ncamwing@cisco.com>, "draft-ribose-openpgp-oscca.authors@ietf.org" <draft-ribose-openpgp-oscca.authors@ietf.org>, Tim Polk <tim.polk@nist.gov>, "Paterson, Kenny" <Kenny.Paterson@rhul.ac.uk>
Content-Type: multipart/alternative; boundary="089e0828a8fc94f2630560d36155"
Archived-At: <https://mailarchive.ietf.org/arch/msg/crypto-panel/dbmvzawIINAY8JRPvzCNdPJgDYg>
Subject: Re: [Crypto-panel] Request for review: draft-ribose-openpgp-oscca-01
X-BeenThere: crypto-panel@irtf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: <crypto-panel.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/crypto-panel>, <mailto:crypto-panel-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/crypto-panel/>
List-Post: <mailto:crypto-panel@irtf.org>
List-Help: <mailto:crypto-panel-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/crypto-panel>, <mailto:crypto-panel-request@irtf.org?subject=subscribe>
X-List-Received-Date: Thu, 21 Dec 2017 05:57:59 -0000

Thank you very much, Ronald, my pleasure!

Best wishes to you too!

Kind regards,
Stanislav


2017-12-21 3:01 GMT+03:00 Ronald Tse <tse@ribose.com>om>:

> Dear Stanislav,
>
> Thank you again and hats off for the momentous review.
>
> We will incorporate all issues mentioned and the very helpful suggestions
> to enhance the drafts as you described, and shall revert once it is done.
>
> Best wishes to you and your family in this holiday season!
>
> Kind regards,
> Ron
>
> _____________________________________
>
> Ronald Tse
> Ribose Inc.
>
> On Dec 20, 2017, at 11:13 PM, Stanislav V. Smyshlyaev <smyshsv@gmail.com>
> wrote:
>
> Dear colleagues,
>
> The review has been posted to the CFRG mailing list.
>
> P.S.: Ronald, I'll be happy to make an additional review after you finish
> updating the SM2 I-D with design rationale and a summary of published
> analysis results. Nevertheless, I've included my own summary of the
> published results of SM2 to my review.
>
> Best regards,
> Stanislav
>
>
>
>
> 2017-11-29 21:24 GMT+03:00 Ronald Tse <tse@ribose.com>om>:
>
>> Hi Stanislav,
>>
>> Fully understand. Thank you again for your help!
>>
>> Ron
>>
>> _____________________________________
>>
>> Ronald Tse
>> Ribose Inc.
>>
>> +=========================================================+
>> This message may contain confidential and/or privileged
>> information.  If you are not the addressee or authorized to
>> receive this for the addressee, you must not use, copy,
>> disclose or take any action based on this message or any
>> information herein.  If you have received this message in
>> error, please advise the sender immediately by reply e-mail
>> and delete this message.  Thank you for your cooperation.
>> +=========================================================+
>>
>> On Nov 29, 2017, at 9:23 PM, Stanislav V. Smyshlyaev <smyshsv@gmail.com>
>> wrote:
>>
>> Dear Ronald,
>>
>> Thank you very much for the links!
>> The review is conducted by Crypto Review Panel, thus the analysis is
>> being done more from the cryptographic perspective, and the current state
>> of the analysis of the proposed mechanisms is taken into account.
>>
>> Best regards,
>> Stanislav
>>
>>
>> 2017-11-28 19:28 GMT+03:00 Ronald Tse <tse@ribose.com>om>:
>>
>>> Dear Stanislav,
>>>
>>> You are absolutely right. Here are the IETF drafts of SM2, SM3 and SM4
>>> (they are referred to within this draft, too):
>>>
>>> SM2: https://tools.ietf.org/html/draft-shen-sm2-ecdsa-02
>>> SM3: https://tools.ietf.org/html/draft-oscca-cfrg-sm3-02
>>> SM4: https://tools.ietf.org/html/draft-ribose-cfrg-sm4-05
>>>
>>> The SM3 and SM4 drafts contain both a design rationale and a
>>> cryptanalysis section. Specifically, the cryptanalysis section contain
>>> bibliography references with links to research publications of the latest
>>> cryptanalysis results (English + Chinese). Most of these results are freely
>>> available in English (Google Scholar).
>>>
>>> As a matter of fact, we are currently updating the SM2 draft to provide
>>> the same level of detail as the other two.
>>>
>>> I’d just like to clarify that the current review is purely on the
>>> OpenPGP side of things. That said, we have previously requested a CFRG
>>> review of the SM4 draft too, so if you have some time to review that draft,
>>> it would be even more awesome :-)
>>>
>>> Hope this helps!
>>>
>>> Kind regards,
>>> Ron
>>>
>>> _____________________________________
>>>
>>> Ronald Tse
>>> Ribose Inc.
>>>
>>> On Nov 29, 2017, at 12:08 AM, Stanislav V. Smyshlyaev <smyshsv@gmail.com>
>>> wrote:
>>>
>>> Dear Ronald,
>>>
>>> Since the document is dedicated to the algorithms and elliptic curve
>>> parameters, it would be very helpful if you could point at papers with
>>> their analysis in English, if some of them are not publicly available (or
>>> could not be easily found via public resources). Also, it will be extremely
>>> important if you could provide some materials with design rationale of the
>>> algorithms and parameters presented in the I-D.
>>>
>>> Of course, full cryptanalysis from a scratch is impossible to be made as
>>> a part of review, so all known results/attacks/notes on design
>>> rationale/results of evaluation of curve parameters will be very important
>>> for making the review(s) as objective as possible.
>>>
>>> Best regards,
>>> Stanislav Smyshlyaev, Ph.D.
>>> Head of Information Security Department,
>>> CryptoPro LLC
>>>
>>>
>>>
>>> 2017-11-28 18:47 GMT+03:00 Ronald Tse <tse@ribose.com>om>:
>>>
>>>> Dear Stanislav,
>>>>
>>>> Thank you very much for performing the review. Look forward to it!
>>>>
>>>> Kind regards,
>>>> Ron
>>>>
>>>> _____________________________________
>>>>
>>>> Ronald Tse
>>>> Ribose Inc.
>>>>
>>>> On Nov 28, 2017, at 11:21 PM, Stanislav V. Smyshlyaev <
>>>> smyshsv@gmail.com> wrote:
>>>>
>>>> Dear Alexey,
>>>>
>>>> I'll be happy to do this.
>>>>
>>>> Will it be OK, if I provide a review by the 20th of December?
>>>>
>>>> Best regards,
>>>>
>>>> Stanislav
>>>>
>>>>
>>>> 2017-11-28 17:02 GMT+03:00 Alexey Melnikov <alexey.melnikov@isode.com>om>:
>>>>
>>>>> Dear Crypto Panel,
>>>>>
>>>>> SAAG’s SECDISPATCH chairs have requested review of
>>>>> <https://datatracker.ietf.org/doc/draft-ribose-openpgp-oscca/>
>>>>> before the document fate will be decided (it is likely to end up in
>>>>> the CURDLE WG).
>>>>>
>>>>> Can we have some volunteer(s) please?
>>>>>
>>>>> The draft Abstract is:
>>>>>
>>>>>    This document enables OpenPGP (RFC4880) usage in an compliant manner
>>>>>    with OSCCA (Office of State Commercial Cipher Administration)
>>>>>    regulations for use within China.
>>>>>
>>>>>    Specifically, it extends OpenPGP to support the usage of SM2, SM3
>>>>> and
>>>>>    SM4 algorithms, and provides the OSCCA-compliant OpenPGP profile
>>>>>    "OSCCA-SM234".
>>>>>
>>>>>
>>>>> Thank you,
>>>>> Alexey
>>>>>
>>>>> _______________________________________________
>>>>> Crypto-panel mailing list
>>>>> Crypto-panel@irtf.org
>>>>> https://www.irtf.org/mailman/listinfo/crypto-panel
>>>>>
>>>>
>>>>
>>>>
>>>
>>>
>>
>>
>
>